Wow! Thank god for your channel!!! How is it that you make things so simple to understand!?!? It blows my mind!!! I sure ain't going to complain!!!! I am right away SUBSCRIBING and RINGING that bell out!!!
That’s awesome, thanks for letting me know! Is your focus only on networking or are there other topics you are interested in…and any requests for new video topics?
Thanks agassi joel for your kind words. I have been told this a few times...and I am sure I could make a bunch of $$$ on Udemy or Pluralsight. However I do this because I want to help the community without everyone needing to pay. Most people use Azure because their company does, but not every company pays for YOU to learn. I wanted to create high quality content so everyone who wants to can learn about Azure can, for free! I have my patreon page linked in every video if anyone wants to support my efforts as a way to say thank you www.patreon.com/AzureAcademy
Hi Dean, if the users connect to the environment using a client VPN, they can remote desktop to one VM in the host pool. However, if the user loses connection, how can you guarantee that the same user session on the VM is maintained when the user reconnects?
The purpose of a load balancer it to change up which device on the backend received the connection. So if I connect right now I RDP to VM 1, then I disconnect...and hour later I RDP and I want to land on VM1...so how can I guarantee that when the connection through the load balancer wants to send you to VM2? The answer is don't RDP through the load balancer. Even something like direct server return would work for this, but only in the short term. Once your session connection has expired, your next RDP will be treated as a new session Normally RDP is a function reserved for administration or troubleshooting. I would use Bastion to connect directly to VM1 when I need to RDP not do it through the LB. Bastion also adds extra security and encryption to the connection that you won't get with Port 3389 over the LB. Watch my Bastion video for all the info. ua-cam.com/video/hf_yla63fL0/v-deo.html
When used with a public ip, yes the traffic is going from Internet to the LB, then according to the rules it is allowed or denied etc The case for public LB is if you need non-http/https traffic and a regional resource.if you need a global non-http/https resource use traffic manager If you are using http/https traffic and you need a regionally located Resource...use application gateway...if you need a global resource use front door
Thanks for the update. Ideally on-prem environment, three will be a firewall between internet and LB. So firewall is not needed in Azure deployment if we are deploying public LB? So Lb will act as a firewall as well?
load balancer is not a firewall. however based on the NAT rules or LB Rules the load balancer will balancer traffic for the backend resources. for example: SQL - The load balanced port is 1433. So when you hit the load balancer IP with 1433 the connection is allowed and routed to the back end. but on port 80 the connection would be dropped.
Thank you so much for the quick update. Btw how dow we enable the firewall features like Ddos protection,etc if allowing internet traffic to LB without firewall.
everything in Azure has DDoS protection across all networks by default. Additionally you can setup DDoS Standard on any virtual network...this is a paid service
Hello, thanks for the video but I have a question. I created a load balancer for service in AKS, and the load balancer got approved to be accessible from AKS Network Subnet Group. The load balancer has an external IP address corresponding to an internal service. But I'm not able to access the IP address provided by the load balancer.
Do you mean you can’t access the public IP or the internal private IP of the load balancer? Do your load balancer rules all use the same that AKS is listening on?
I have one more question. If someone deployed something in AKS, and I want to know what was the exact yaml file they used to deploy any pods or service. How can I do that?I want to know the exact deployment file.
I am still learning AKS…but I believe that all deployments go through the Azure control plane…so you can check the Azure deployments for that resource group…if that does not speed the exact ymal files used…it will show all the logs
Great work.
HA Port is really a good feature... 👍
Glad you like it, I think so too!
Wow! Thank god for your channel!!! How is it that you make things so simple to understand!?!? It blows my mind!!! I sure ain't going to complain!!!!
I am right away SUBSCRIBING and RINGING that bell out!!!
That’s awesome, thanks for letting me know!
Is your focus only on networking or are there other topics you are interested in…and any requests for new video topics?
Wow HA Port is very good feature and your explanation is spot on...👌👌 Thank you Dean👍...
Thanks Vijay!
Thanks for the knowledge sharing! really helpful.
Glad it was helpful! Let me know what was most helpful...and please share The Azure Academy with others!
Dean this is lovely. You are awesome. You have to make a udemy course this is must. Thanks for the tutorial again.
Thanks agassi joel for your kind words. I have been told this a few times...and I am sure I could make a bunch of $$$ on Udemy or Pluralsight. However I do this because I want to help the community without everyone needing to pay.
Most people use Azure because their company does, but not every company pays for YOU to learn.
I wanted to create high quality content so everyone who wants to can learn about Azure can, for free!
I have my patreon page linked in every video if anyone wants to support my efforts as a way to say thank you
www.patreon.com/AzureAcademy
@@AzureAcademy God bless you Dean... You are great and been much helpful....💯
Thank you, HE already has! 😊
Stay safe out there.
Hi Dean, if the users connect to the environment using a client VPN, they can remote desktop to one VM in the host pool. However, if the user loses connection, how can you guarantee that the same user session on the VM is maintained when the user reconnects?
The purpose of a load balancer it to change up which device on the backend received the connection. So if I connect right now I RDP to VM 1, then I disconnect...and hour later I RDP and I want to land on VM1...so how can I guarantee that when the connection through the load balancer wants to send you to VM2?
The answer is don't RDP through the load balancer. Even something like direct server return would work for this, but only in the short term. Once your session connection has expired, your next RDP will be treated as a new session
Normally RDP is a function reserved for administration or troubleshooting. I would use Bastion to connect directly to VM1 when I need to RDP not do it through the LB.
Bastion also adds extra security and encryption to the connection that you won't get with Port 3389 over the LB.
Watch my Bastion video for all the info. ua-cam.com/video/hf_yla63fL0/v-deo.html
Great video
👍👍
Awesome Dean. Can we have similar videos for Application Gateway and Traffic Manager?
They are in the works...stay tuned!
@@AzureAcademy Great!! Waiting for your mind-blowing easy explanation
😁😎👍
Can you cover adfs, load balancers etc in Azure. Thanks
Already covered ADFS James - ua-cam.com/video/L8jqVCWj0Ic/v-deo.html
What is the use case for public load balancer? Is the traffic directly hitting lb, no firewall between internet and LB?
When used with a public ip, yes the traffic is going from Internet to the LB, then according to the rules it is allowed or denied etc
The case for public LB is if you need non-http/https traffic and a regional resource.if you need a global non-http/https resource use traffic manager
If you are using http/https traffic and you need a regionally located Resource...use application gateway...if you need a global resource use front door
Thanks for the update. Ideally on-prem environment, three will be a firewall between internet and LB. So firewall is not needed in Azure deployment if we are deploying public LB? So Lb will act as a firewall as well?
load balancer is not a firewall. however based on the NAT rules or LB Rules the load balancer will balancer traffic for the backend resources. for example: SQL - The load balanced port is 1433. So when you hit the load balancer IP with 1433 the connection is allowed and routed to the back end.
but on port 80 the connection would be dropped.
Thank you so much for the quick update. Btw how dow we enable the firewall features like Ddos protection,etc if allowing internet traffic to LB without firewall.
everything in Azure has DDoS protection across all networks by default.
Additionally you can setup DDoS Standard on any virtual network...this is a paid service
Hello, thanks for the video but I have a question. I created a load balancer for service in AKS, and the load balancer got approved to be accessible from AKS Network Subnet Group. The load balancer has an external IP address corresponding to an internal service. But I'm not able to access the IP address provided by the load balancer.
Do you mean you can’t access the public IP or the internal private IP of the load balancer?
Do your load balancer rules all use the same that AKS is listening on?
@@AzureAcademy I can't access the public IP address. Yes load balancer has same rules that of AKS listeners.
I have one more question. If someone deployed something in AKS, and I want to know what was the exact yaml file they used to deploy any pods or service. How can I do that?I want to know the exact deployment file.
Verify that the network security group / firewall is also allowing the same port open for that traffic
I am still learning AKS…but I believe that all deployments go through the Azure control plane…so you can check the Azure deployments for that resource group…if that does not speed the exact ymal files used…it will show all the logs
Horrible animations on slide changes... just keep it simple
LOL…thanks for the feedback ☺️