locked
Unable to reach target services outside Azure RRS feed

  • Question

  • The following exception comes out while send the Http Request Message to the target service:
    System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 158.73.232.12:443...

    Through the Socket level tracing, I can catch the following information:
        DateTime=2015-06-09T17:44:18.3161574Z
     System.Net.Sockets Verbose: 0 : [3400] Socket#13731902::BeginConnectEx()
         DateTime=2015-06-09T17:44:18.3317904Z
     System.Net.Sockets Verbose: 0 : [3400] Socket#13731902::InternalBind(0.0.0.0:0#0)
         DateTime=2015-06-09T17:44:18.3317904Z
     System.Net.Sockets Verbose: 0 : [3400] Exiting Socket#13731902::InternalBind()
         DateTime=2015-06-09T17:44:18.3317904Z
     System.Net.Sockets Verbose: 0 : [3400] Exiting Socket#13731902::BeginConnectEx()  -> ConnectOverlappedAsyncResult#52427416
         DateTime=2015-06-09T17:44:18.3317904Z
     System.Net Verbose: 0 : [3400] Exiting HttpWebRequest#41389723::BeginGetRequestStream()  -> ContextAwareResult#27189638
         DateTime=2015-06-09T17:44:18.3317904Z
     System.Net.Sockets Verbose: 0 : [0580] Socket#13731902::EndConnect(ConnectOverlappedAsyncResult#52427416)
         DateTime=2015-06-09T17:44:39.3754055Z
     System.Net.Sockets Error: 0 : [0580] Socket#13731902::UpdateStatusAfterSocketError() - TimedOut
         DateTime=2015-06-09T17:44:39.3754055Z
     System.Net.Sockets Error: 0 : [0580] Exception in Socket#13731902::EndConnect - A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 158.73.232.12:443.

    Not enough information why there is a connectivity issue. I would like to know how to identify the connectivity issue. Please let me know if there is a good reference to check the basic connectivity issues.

    Is this the IP Range for Azure Platform issue? The IP address (158.73.232.12) is not available in the IP ranges for Windows Azure Datacenters (http://msdn.microsoft.com/en-us/library/windowsazure/dn175718.aspx). Do I need to ask to add the IP address (158.73.232.12) into the IP ranges for Windows Azure Datacenters?

    Any ideas how to resolve this connectivity issue?

    Thursday, June 11, 2015 11:42 PM

Answers

  • Hi Christhian,

    Just verified that outbound IP addresses is the cause of the problem. This problem goes away after registering 4 different IP addresses. Thanks again for your support.

    // Stanley Haun

    Saturday, June 27, 2015 6:10 PM

All replies

  • Hello Stanley Haun,

    To start with, please ensure that the websocket is enabled from the Azure Portal. Go to the Azure Portal and ensure that the websocket is enabled in the Configure tab.

    It is also important for us to understand how you are trying to open the socket connection. Please share a sample of  your code, if enabling this does not work and also let us know which programming language you are using.

    Also, please note that you will need to disable websocket connection from the web.config , if you are developing a Node.js application. This disables the IIS WebSockets module, which includes its own implementation of WebSockets and conflicts with Node.js specific WebSocket modules such as Socket.IO.

    Please refer to the blog below for more information on Websockets on Azure Websites:

    https://azure.microsoft.com/blog/2013/11/14/introduction-to-websockets-on-windows-azure-web-sites/

    Thanks,
    Syed Irfan Hussain

    Friday, June 12, 2015 7:32 AM
  • Thanks for the information.

    Enabled the WebSocket but no differences.

    Not directly open the socket connection, but use the socket tracing to capture socket level information.

    Developed an Azure Web Aplication in C#

    HttpRequestMessage requestMessage = new HttpRequestMessage(HttpMethod.Post, webService);
    requestMessage
    .Headers.ExpectContinue = false;
    MultipartFormDataContent multiPartContent = new MultipartFormDataContent("----ARBITRARY STRING");
    ByteArrayContent byteArrayContent = new ByteArrayContent(Encoding.ASCII.GetBytes(payload));
    byteArrayContent
    .Headers.Add("Content-Type", "text/plain");
    multiPartContent
    .Add(new StringContent("..."), "...");
    -
    -
    -
    requestMessage
    .Content = multiPartContent;
    WebRequestHandler handler = new WebRequestHandler();

    handler.ClientCertificates.Add(YOURCERTIFICATE);
    handler
    .ClientCertificateOptions = ClientCertificateOption.Automatic;

    HttpClient httpClient = new HttpClient(handler);
    try
    {
      
    Task<HttpResponseMessage> httpRequest = httpClient.SendAsync(requestMessage, HttpCompletionOption.ResponseContentRead, CancellationToken.None);
      
    HttpResponseMessage httpResponse = httpRequest.Result;
      
    HttpStatusCode statusCode = httpResponse.StatusCode;

    -

    Captured the following exception:

    System.AggregateException: One or more errors occurred. ---> System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond xxx.xx.xxx.xx:443   at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)   at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)   --- End of inner exception stack trace ---   at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)   at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)   --- End of inner exception stack trace ---   --- End of inner exception stack trace ---   at WcfEligibilityService.Backend.BuildRequestPackage.BuildMimeRequestTransaction(Object requestPayload)   at WcfEligibilityService.ServiceEligibility.InvokeRealTimeTransactionJsonObj(EligibilityBenefitRequest request)   at WcfEligibilityService.ServiceEligibility.InvokeRealTimeTransactionJson(JsonString jsonStr)---> (Inner Exception #0) System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: Unable to connect to the remote server ---> System.Net.Sockets.SocketException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 158.73.232.12:443   at System.Net.Sockets.Socket.EndConnect(IAsyncResult asyncResult)   at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)   --- End of inner exception stack trace ---   at System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context)   at System.Net.Http.HttpClientHandler.GetRequestStreamCallback(IAsyncResult ar)   --- End of inner exception stack trace ---<---

    Thanks for your support.

    // Stanley Haun


    • Edited by Stanley Haun Friday, June 12, 2015 1:58 PM add more information
    Friday, June 12, 2015 1:41 PM
  • Hello Stanley Haun,

    I am currently checking on this and will get back to you shortly. Thank you for your patience.

    Thanks,
    Syed Irfan Hussain

    Saturday, June 13, 2015 7:12 AM
  • Hi Stanley,


    You can test basic connectivity by connecting to the kudu console of your Web App and using tcpping to ping 158.73.232.12 on port 443:

     1. Browse to the kudu console (https://<yourwebappname>.scm.azurewebsites.net/DebugConsole)

    2. In the Debug Console type the following command:    
    tcpping 158.73.232.12 443

     Do you know if the target service requires for you to configure the incoming IP address that you will be using to connect to it? If so, then use the following thread to find the outbound IP addresses for your Web App and ask the owners of service running on 158.73.232.12 to allow traffic from all 4 of those outbound IP addresses.
    Regards,

    Cristhian Uribe (Microsoft MSFT)



    Monday, June 15, 2015 2:06 PM
  • Thanks for the information.

    This is the result of tcpping 158.73.232.12 443. Same as the excption I got.

    D:\home\LogFiles\Application>tcpping 158.73.232.12:443

    tcpping.exe failed with the following exception: System.Net.Sockets.SocketException (0x80004005): A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 158.73.232.12:443
       at System.Net.Sockets.TcpClient..ctor(String hostname, Int32 port)

       at TcpPing.Program.Main(String[] args)

    Yes, my ip address is regeisterd in the target service and it seems like verifying the incoming IP address.

    You indicated the "following thread" in your response but I cannot find the related information.

    Could you provide more detailed information how to find the outbound IP address?

    Thanks again for your suport.

    // Stanley Haun


    Monday, June 15, 2015 7:34 PM
  • Hi Stanley,

    Then most likely the problem is that your target service is blocking the outbound IP addresses that your Web App was using.

    I didn't realize the link was lost when I saved the message.

    Here's the link to get the outbound IP addresses. Your IP address is only for incoming traffic to your Web App. Outgoing traffic will use 4 different IP addresses listed in the following thread. Make sure you have them add all 4 IP addresses:

    https://social.msdn.microsoft.com/Forums/en-US/fd53afb7-14b8-41ca-bfcb-305bdeea413e/maintenance-notice-upcoming-changes-to-increase-capacity-for-outbound-network-calls?forum=windowsazurewebsitespreview

    Regards,


    Cristhian Uribe Microsoft MSFT)

    Wednesday, June 17, 2015 2:11 PM
  • Hi Christhian,

    Just verified that outbound IP addresses is the cause of the problem. This problem goes away after registering 4 different IP addresses. Thanks again for your support.

    // Stanley Haun

    Saturday, June 27, 2015 6:10 PM