Azure Container Instance TCP connection interrupts

Hi,

I have migrated a service that was previously running on on-premise servers to Azure. The app is based on .NET and I have containerized it in Docker. It is just a single container with no scaling. I have deployed the container to ACI. The app includes two TCP listeners using custom, non HTTP protocols. The TCP listeners are used for communication with desktop clients and devices.

To deal with the fact that ACI can get a new IP after restart and using FQDN instead of the ip does help with the fact that after each restart the FQDN still resolves to the old IP for a while.

With the help in another question (https://video2.skills-academy.com/en-us/answers/questions/1343527/azure-container-instances-and-public-access), I have managed to redeploy the container to a VNet and then opened the ports for public access via a Public Load Balancer. The traffic is routed from the frontend to the service either via load balancing rules or NAT rules (both solutions work because there is just 1 instance of the service). This works really well and I imagine I can put more services behind the load balancer in the future.

However, the problem is that if I create a TCP connection to the service via any of the two ports the connection gets periodically interrupted every few minutes. This is an issue for me, the connections need to be long lived so the devices and the desktop clients work as intended. I have tried reconfiguring the idle timeout for both public IP resource and all inbound rules from default 4 minutes to 30 minutes, but that did not help. The connection gets interrupted after seemingly random intervals - sometimes 2 minutes, sometimes 5... The interesting fact is that if there are multiple connections to the service they get interrupted at the same time.

This problem did not happen when the container was deployed with public network configuration and the connections were made directly via currently assigned IP or FQDN. Another interesting fact is that the service uses Azure Database for Postgresql (flexible) with public access and some of the connections in the pool also experience interrupts.

Thanks for any suggestions.

The error on the server side: Unable to read data from the transport connection: Connection timed out.: at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken) at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource<System.Int32>.GetResult(Int16 token)

The error on the client side: Unable to read data from the transport connection: An existing connection was forcibly closed ( v System.Net.Security._SslStream.EndRead(IAsyncResult asyncResult) at System.Net.Security.SslStream.EndRead(IAsyncResult asyncResult)

The tcp listener in the example uses SslStream, but the listener on the second port uses insecure TcpListener and it's the same problem.