Strange behaviour with Azure web role IP addresses in IIS

Test case:

• Created new cloud project with standard asp.net web site template.
• Deployed.

The default configuration defines an endpoint on port 80 without any host headers.

I would have thought this translates to a binding of

*:80:

However, it actually creates a binding of:

10.211.196.111:80:

W开发者_开发问答here 10.211.196.111 is an IP address of the web role instance.

If we look at the available IP addresses on the machine we have 2:

1. 10.211.196.111
2. 2001:0:4137:9e76:c8c:387d:f52c:3b90

What's interesting is that if we change our IIS binding to listen on all IP addresses *:80 the web site actually stops working. Instead we get a 503 - Service unavailable error.

Why is this important to me? Well we've been recently making use of the Azure Accelerator for web roles and have found that it does not work if you don't specify a host name. The reason, as explained above, is that it will interpret an empty host name as *.80 which of course results in the 503 error.

So the first question is - could someone explain this behaviour (why listening on all IP addresses doesn't work) and what that second IP address is used for?

Since it looks like I need to patch the azure accelerator so that it uses a specific IP address of the instance, what's the recommended way of finding this? Do you think it's safe to look for an adapter that starts with Microsoft Virtual Machine Bus Network Adapter or perhaps a specific subnet?

Thanks,

Ben

I believe the other IP address is for a second network adapter in the VM that's used for internal communication between the VMs and the fabric controller. It's possible you don't have permission to bind to that other address (so the wildcard "all unassigned IP addresses" mapping doen't work).

However, I'm not quite convinced of that. If (which is I believe what you're saying) the Windows Azure Accelerator for Web Roles binds everything to *:80:hostname, that seems like evidence that you can do bindings like that.

In any case, to get the IP address, you'd just use RoleEnvironment.CurrentRoleInstance.Endpoints["name"].IPEndpoint. I think for name you'll want HttpIn for the accelerator. You can try using that IP address instead of "*" in that code and see if it helps, but note that the management UI itself has a wildcard mapping, so you're likely to have some sort of conflict (and be unable to make other management changes) unless you also change the management UI to listen on a specific hostname.