Skip to content

Commit 2aabb3a

Browse files
prmerger-automator[bot]prmerger-automator[bot]
authored
Merge pull request #292710 from aimee-littleton/patch-443308
Update troubleshoot-nat-connectivity.md
2 parents 7d40c04 + 9be88e7 commit 2aabb3a

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

articles/nat-gateway/troubleshoot-nat-connectivity.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,8 @@ You observe a drop in the datapath availability of NAT gateway, which coincides
2828
* Simultaneous SNAT connection limits.
2929

3030
* Connection timeouts.
31+
32+
* Removal of public IP addresses or subnets from NAT Gateway.
3133

3234
**Troubleshoot steps**
3335

@@ -40,6 +42,8 @@ You observe a drop in the datapath availability of NAT gateway, which coincides
4042
* Check the [dropped packets metric](/azure/nat-gateway/nat-metrics#dropped-packets) for any packet drops that align with connection failures or high connection volume.
4143

4244
* Adjust the [Transmission Control Protocol (TCP) idle timeout timer](./nat-gateway-resource.md#tcp-idle-timeout) settings as needed. An idle timeout timer set higher than the default (4 minutes) holds on to flows longer, and can create [extra pressure on SNAT port inventory](./nat-gateway-resource.md#timers).
45+
46+
* Check NAT Gateway public IP and subnet configurations and if any public IPs or subnets have been removed from the NAT Gateway recently.
4347

4448
### Possible solutions for SNAT port exhaustion or hitting simultaneous connection limits
4549

@@ -73,6 +77,9 @@ UDP idle timeout timers are set to 4 minutes and aren't configurable. Enable UDP
7377

7478
Application layer keepalives can also be used to refresh idle flows and reset the idle timeout. Check the server side for what options exist for application specific keepalives.
7579

80+
### Impact of removing public IPs or subnets from the NAT Gateway
81+
Any active connections associated with a public IP address terminate when the public IP address is removed from the NAT gateway. If the NAT gateway resource has multiple public IPs, new traffic is distributed among the assigned IPs. Traffic will also be disrupted if NAT gateway is removed from any subnets with active connections. Consider updating configurations on your NAT gateway during maintenance windows so as to minimize impact to outbound connectivity.
82+
7683
## Datapath availability drop on NAT gateway but no connection failures
7784

7885
**Scenario**

0 commit comments

Comments
 (0)