Adding alternative backend pool NIC to the Azure Load Balancer with PowerShell

I'm writing this after spending a good while working through a problem I had with the Azure Load Balancer. It's a blog worthy problem. It's a problem that isn't that difficult to work out, but, it's one of those tricky ones that can lead you into various directions.


I've put pen to paper (mouse to Visio really) a design for an Azure environment that uses various Azure networking components to meet a customers requirements. Those requirements were centred around a single Edge ingress and egress point for SIX (yes, 6) Azure subscriptions across two environment tiers (production and non-production).

To achieve this, VNET peering, route tables and virtual firewall appliances were used. Without getting to much into the background, the problem was high availability. Specifically, how do you achieve some level of availability in Azure for virtual network appliances where routing (from this particular vendor, Cisco) can't be dynamically updated. Commonly a pair of devices or resources are grouped (similar to an availability set) to achieve high availability; while being “in front” of or “behind” (logically) a load balancer.

So when we're working with the Azure Load Balancer, we add front end and back end NIC's to resources to direct traffic flow. What if the NIC that we added was not right? What is the NIC that was added to the front end pool or backend pool was wrong? Should you delete that piece of config and re-enter it in?

Solution: Use PowerShell

Here's a sample PowerShell cmdlet that I've used to update the NIC on a backend pool:

$ARMLB = "ILB-01"
$BE = "BE-Pool-01"
$NICName = "Server-01-Nic-01"
$NICRG = "Solution-RG"

#region PREP
$LB = Get-AzureRmLoadBalancer –name $ARMLB -resourcegroupname $RGNLB
$BACKEND = Get-AzureRmLoadBalancerBackendAddressPoolConfig -name $BE -LoadBalancer $LB
$NIC = Get-AzureRmNetworkInterface –name $NICName -resourcegroupname $NICRG

Set-AzureRmNetworkInterface -NetworkInterface $NIC


Discussion 💬