Hybrid Connections you say? Here’s some background…
Recently I’ve been working with a client to deploy an Azure Hybrid Connection to create a tunnel between an Azure Function App and some on-premises devices. I would like to discuss some lessons from this experience to hopefully help anyone who gets stuck.
A little bit about Hybrid Connections
For those new to Azure Hybrid Connections, here’s why you might want to implement them in your own projects. Hybrid Connections allow you to be able to connect to an application resources on-premises (in my case using an Azure Function App) with a host device that can make calls via port 443. This allows you to:
- Be able to connect to on-premises systems and services securely.
- Generally you don’t need to modify firewall rules as the connections are made via standard web ports.
- Each of the Hybrid Connections you establish match the single host and port combination that you define in the connection setup.
- It supports multiple on-premises hosts connections.
- Finally, it’s generally pretty quick to setup and doesn’t require gateways.
If you are interested in reading more about Hybrid Connections, check out the official Microsoft documentation: Azure App Service Hybrid Connections.
How to call devices with IP addresses?
One of the areas in the Microsoft Hybrid Connection documentation points out that “if you use an IP address then the required client DNS lookup may not happen.” This was an issue for me as I needed to initiate web requests to the devices via their IP address. As the note states, the “lookup may not happen”, which in my case it didn’t happen and therefore wasn’t able to resolve. So how did I resolve this? A simple way is to map the IP addresses in your host file to a custom hostname.
To edit the host file in Windows, navigate to:
C:\Windows\System32\drivers\etcOpen the host file in a note editing app of choice. Your host file is where you will map your IP to its new custom hostname, like the example below.
192.0.2.1 1.sample-domain.comNow when you setup your Hybrid Connection in Azure for your Function App, you will add the new hostname for the device as the endpoint host which will allow you to connect to your device.
Azure Function consumption plans don’t support Hybrid Connections 🙁
This is pretty apparent if you create a consumption plan for your Function App or read the documentation, but in the event you missed it, consumption plans don’t support Hybrid Connections (sad face).
Be aware that there are Hybrid Connections limits by App Service plans
There are limits to how many Hybrid Connections you can add to an App Service plan. My suggestion, unless you are certain you will be connecting to 25+ devices, is to use the Standard App Service plan. If you end up adding more than 25 devices, you can always upgrade your plan. Below is the table of how many Hybrid Connections each plan supports.
| Plan | Number of usable Hybrid Connections |
| Basic | 5 per plan |
| Standard | 25 per plan |
| Premium (v1-v3) | 220 per app |
| Isolated (v1-v2) | 220 per app |
The connection won’t connect in the Hybrid Connection Manager (HCM), what do I do?
When you are first setting up a connection with the HCM on your host machine, you might find that your Hybrid Connection doesn’t show as connected. You can try click the refresh button, but from my experience this won’t fix the issue. To rectify this, you will need to open up the services app on your machine and find the Hybrid Connection app service and restart it. Once you restart the service, your Hybrid Connection(s) should show as connected!
How to easily test the Hybrid Connection to your device
Sometimes it can be tough to quickly test your Hybrid Connections within your Function app, especially if you are trying to troubleshoot an issue. Sometimes it isn’t apparent whether the issue is due to the Function App itself or the Hybrid Connection. A simple way to get around this, especially if your hybrid connection is making API calls to devices, is to using Kudu (also known as advanced tools) and initiate calls via the PowerShell terminal with Invoke-WebRequest.
Wrap up!
That’s all we have for today’s scheduled programming. Hopefully these tips are helpful when it comes to setting up your own Hybrid Connections. Also feel free to add tips in the comments below if I didn’t mention something that you found helpful.
Until next time! ✌️