Post

New Health Check Infrastructure for Azure Traffic Manager

New Health Check Infrastructure for Azure Traffic Manager

To enhance the overall reliability of Azure Traffic Manager health checks, Microsoft will begin rolling out new health check infrastructure from 4 March to 30 May 2025.

To ensure a smooth transition with no service disruptions, Traffic Manager profiles will be running on both the new infrastructure as well as the current system.

As a result, you may notice an intermittent increase in the number of health probes during health checks for your application endpoints. Once the new infrastructure is fully rolled out, the number of probes will return to normal.

Throughout the rollout, all Azure Traffic Manager features will continue to work normally, and no action is required. If you have application firewall or anomaly detection rules that might be triggered by the increased volume of health probes, we’d recommend adjusting your configuration to accommodate this change.

Link to event in your Azure Service Health Portal.

How TM endpoint monitoring works

If you are interested about how this monitoring works in the first place, check out the following Microsoft article.

Traffic Manager endpoint monitoring

What are the IP addresses from which the health checks originate?

See this article to learn how to retrieve the lists of IP addresses from which Traffic Manager health checks can originate. You can use REST API, Azure CLI, or Azure PowerShell to retrieve the latest list. Review the IPs listed to ensure that incoming connections from these IP addresses are allowed at the endpoints to check its health status.

1
2
3
$serviceTags = Get-AzNetworkServiceTag -Location eastus
$result = $serviceTags.Values | Where-Object { $_.Name -eq "AzureTrafficManager" }
$result.Properties.AddressPrefixes

This will return a list of TM IPs, for the specified region, which you will find in your application logs as health check entries.

This post is licensed under CC BY 4.0 by the author.