Internal Load Balancer is doing asymmetric routing.
We are facing an asymmetric routing issue with the Azure Private (Internal) loadbalancer.
Our Deployment topology is HUB and spoke which are peered together.
Inbound Traffic :
HUB [Public LB -> Firewall/VM] -> Spoke [Application Server/VM]
Path : 1 -> 2 -> 3 in the above image
Outbound Traffic :
Spoke [App Server -> Internal Loadbalancer -> Hub [Firewall/VM -> Public Load Balancer]
Path : 4 -> 5 in the above image
Issue :
=====
When the outbound traffic from the spoke (App Server), going to the Internal load balancer and finally to Firewall, we observe that the session stickiness is not maintained, due to which we see the asymmetric routing and the packets are getting dropped.
We have configured the ILB to use "Client IP", to maintain the session persistency/stickiness.
Is there any issue/bug with the Azure internal load balancer in terms of session stickiness when Client IP is configured for session persistency ?
Surprisingly, if we enable the option: "Client IP + Protocol" for session persistency, this asymmetric routing issue is not observed.
What is the exact difference between these 2 options for session persistency (CLient IP Vs Client IP + Protocol) ?
What is the recommendation from Azure team ?
Thanks,
Prashant