Azure - Windows Failover Cluster - Can't Connect to Cluster Name RRS feed

  • Question

  • In our environment we have a few Windows Server Failover Clusters hosted in Azure. I'm having an issue that I can't seem to find information on.

    As it stands, the clusters work fine except we can not connect to the cluster name (via PSRemoting, Failover Cluster Manager, etc). I am aware that these names are not designed to be pingable but should be available for management. This results in a situation where the only way we can manage the cluster is if we already know the node names and connect to one of them directly.

    We have probably 40+ clusters in our environment, with only 4 being in Azure. The Azure clusters are the only ones with this issue, and all of them have that issue so this is a common denominator.

    I'm sure this is a matter of configuration that just wasn't done, but I'm not familiar enough with Azure architecture to understand what the problem is and what needs to be fixed. The closest thing I've found is on the clusteringformeremortals website which indicates a possible need for load balancers; but that is specific to SQL clusters (our SQL cluster listeners work fine).

    This issue adds manageability overhead and causes complications for automation.

    Any help on this matter would be fantastic.

    Friday, October 11, 2019 7:06 PM

All replies

  • This is normal behavior as ARP is blocked by default on Azure VM. If you want to communicate with the cluster using the cluster IP, you can set up a Load Balancer rule against the cluster IP (similar to what you set up for SQL AG Listener). 

    Use the following PowerShell script to set the cluster parameter for LB health probe against the cluster IP.


    $ClusterNetworkName = "<MyClusterNetworkName>" # the cluster network name (Use Get-ClusterNetwork on Windows Server 2012 of higher to find the name)
    $IPResourceName = "<ClusterIPResourceName>" # the IP Address resource name
    $ClusterCoreIP = "<n.n.n.n>" # the IP Address of the Cluster IP resource. This is the static IP address for the load balancer you configured in the Azure portal.
    [int]$ClusterProbePort = <nnnnn> # The probe port from the WSFCEndPointprobe in the Azure portal. This port must be different from any other probe port, for example 58888
    Import-Module FailoverClusters

    Get-ClusterResource $IPResourceName | Set-ClusterParameter -Multiple @{"Address"="$ClusterCoreIP";"ProbePort"=$ClusterProbePort;"SubnetMask"="put the subnet mask";"Network"="$ClusterNetworkName";"EnableDhcp"=0}


    Now Create a LB rule to allow the required ports to the cluster through the cluster IP. Your cluster IP should be the LB frontend IP and the above port (example TCP 58888) will be the health probe. Put the nodes in the backend pool. Enable floating IP while creating the rule.

    If you want to all communication including ping (similar to on-prem cluster), you can use a standard load balancer and allow 'HA port'. 

    In this way you can use the cluster IP (or cluster name is DNS is correctly set up) to communicate with the cluster and it will take you to the node on which it resides.


    Rohan Islam | Azure Architect

    • Proposed as answer by Rohan Islam Saturday, October 12, 2019 5:20 AM
    Saturday, October 12, 2019 5:20 AM