Example script: Add an IP address to an existing load

balancer with PowerShell

To use more than one availability group, add an additional IP address to the load balancer. Each IP
address requires its own load balancing rule, probe port, and front port.
The front-end port is the port that applications use to connect to the SQL Server instance. IP
addresses for different availability groups can use the same front-end port.
Note
For SQL Server availability groups, each IP address requires a specific probe port. For example, if
one IP address on a load balancer uses probe port 59999, no other IP addresses on that load balancer
can use probe port 59999.
• For information about load balancer limits, see Private front end IP per load balancer
under Networking Limits - Azure Resource Manager.
• For information about availability group limits, see Restrictions (Availability Groups).
The following script adds a new IP address to an existing load balancer. The ILB uses the listener
port for the load balancing front-end port. This port can be the port that SQL Server is listening on.
For default instances of SQL Server, the port is 1433. The load balancing rule for an availability
group requires a floating IP (direct server return) so the back-end port is the same as the front-end
port. Update the variables for your environment.
PowerShell
# Connect-AzAccount
# Select-AzSubscription -SubscriptionId <xxxxxxxxxxx-xxxx-xxxx-xxxx-
xxxxxxxxxxxx>

$ResourceGroupName = "<ResourceGroup>" # Resource group name

$VNetName = "<VirtualNetwork>" # Virtual network name
$SubnetName = "<Subnet>" # Subnet name
$ILBName = "<ILBName>" # ILB name

$ILBIP = "<n.n.n.n>" # IP address

[int]$ListenerPort = "<nnnn>" # AG listener port
[int]$ProbePort = "<nnnnn>" # Probe port

$ILB = Get-AzLoadBalancer -Name $ILBName -ResourceGroupName $ResourceGroupName

$count = $ILB.FrontendIpConfigurations.Count+1
$FrontEndConfigurationName ="FE_SQLAGILB_$count"

$LBProbeName = "ILBPROBE_$count"
$LBConfigrulename = "ILBCR_$count"

$VNet = Get-AzVirtualNetwork -Name $VNetName -ResourceGroupName

$ResourceGroupName
$Subnet = Get-AzVirtualNetworkSubnetConfig -VirtualNetwork $VNet -Name
$SubnetName

$ILB | Add-AzLoadBalancerFrontendIpConfig -Name $FrontEndConfigurationName -

PrivateIpAddress $ILBIP -SubnetId $Subnet.Id

$ILB | Add-AzLoadBalancerProbeConfig -Name $LBProbeName -Protocol Tcp -Port

$Probeport -ProbeCount 2 -IntervalInSeconds 15 | Set-AzLoadBalancer
$ILB = Get-AzLoadBalancer -Name $ILBname -ResourceGroupName $ResourceGroupName

$FEConfig = get-AzLoadBalancerFrontendIpConfig -Name $FrontEndConfigurationName

-LoadBalancer $ILB

$SQLHealthProbe = Get-AzLoadBalancerProbeConfig -Name $LBProbeName -

LoadBalancer $ILB

$BEConfig = Get-AzLoadBalancerBackendAddressPoolConfig -Name

$ILB.BackendAddressPools[0].Name -LoadBalancer $ILB

$ILB | Add-AzLoadBalancerRuleConfig -Name $LBConfigRuleName -

FrontendIpConfiguration $FEConfig -BackendAddressPool $BEConfig -Probe
$SQLHealthProbe -Protocol tcp -FrontendPort $ListenerPort -BackendPort
$ListenerPort -LoadDistribution Default -EnableFloatingIP | Set-AzLoadBalancer

Configure the listener

The availability group listener is an IP address and network name that the SQL Server availability
group listens on. To create the availability group listener, do the following:
1. Get the name of the cluster network resource.
a. Use RDP to connect to the Azure virtual machine that hosts the primary replica.
b. Open Failover Cluster Manager.
c. Select the Networks node, and note the cluster network name. Use this name in the
$ClusterNetworkName variable in the PowerShell script. In the following image the
cluster network name is Cluster Network 1:
2. Add the client access point.
The client access point is the network name that applications use to connect to the databases
in an availability group. Create the client access point in Failover Cluster Manager.
a. Expand the cluster name, and then click Roles.
b. In the Roles pane, right-click the availability group name, and then select Add Resource
> Client Access Point.

c. In the Name box, create a name for this new listener. The name for the new listener is the
network name that applications use to connect to databases in the SQL Server availability
group.
d. To finish creating the listener, click Next twice, and then click Finish. Do not bring the
listener or resource online at this point.
3. Take the availability group cluster role offline. In Failover Cluster Manager under Roles,
right-click the role, and select Stop Role.
4. Configure the IP resource for the availability group.
a. Click the Resources tab, and then expand the client access point you created.
The client access point is offline.
b. Right-click the IP resource, and then click properties. Note the name of the IP address,
and use it in the $IPResourceName variable in the PowerShell script.

c. Under IP Address, click Static IP Address. Set the IP address as the same address that
you used when you set the load balancer address on the Azure portal.
5. Make the SQL Server availability group resource dependent on the client access point.
a. In Failover Cluster Manager, click Roles, and then click your availability group.
b. On the Resources tab, under Other Resources, right-click the availability resource
group, and then click Properties.
c. On the dependencies tab, add the name of the client access point (the listener) resource.
 d. Click OK.
6. Make the client access point resource dependent on the IP address.
a. In Failover Cluster Manager, click Roles, and then click your availability group.
b. On the Resources tab, right-click the client access point resource under Server Name,
and then click Properties.
c. Click the Dependencies tab. Verify that the IP address is a dependency. If it is not, set a
dependency on the IP address. If there are multiple resources listed, verify that the IP
addresses have OR, not AND, dependencies. Click OK.

Tip
 You can validate that the dependencies are correctly configured. In Failover Cluster
Manager, go to Roles, right-click the availability group, click More Actions, and then click
Show Dependency Report. When the dependencies are correctly configured, the
availability group is dependent on the network name, and the network name is dependent on
the IP address.
7. Set the cluster parameters in PowerShell.
a. Copy the following PowerShell script to one of your SQL Server instances. Update the
variables for your environment.
• $ListenerILBIP is the IP address that you created on the Azure load balancer for
the availability group listener.
• $ListenerProbePort is the port you configured on the Azure load balancer for
the availability group listener.
PowerShell
7. $ClusterNetworkName = "<MyClusterNetworkName>" # the cluster network name
(Use Get-ClusterNetwork on Windows Server 2012 of higher to find the name)
$IPResourceName = "<IPResourceName>" # the IP Address resource name
$ListenerILBIP = "<n.n.n.n>" # the IP Address of the Internal Load
Balancer (ILB). This is the static IP address for the load balancer you
configured in the Azure portal.
[int]$ListenerProbePort = <nnnnn>

Import-Module FailoverClusters

Get-ClusterResource $IPResourceName | Set-ClusterParameter -Multiple

@{"Address"="$ListenerILBIP";"ProbePort"=$ListenerProbePort;"SubnetMask"="
255.255.255.255";"Network"="$ClusterNetworkName";"EnableDhcp"=0}

b. Set the cluster parameters by running the PowerShell script on one of the cluster nodes.
Note
If your SQL Server instances are in separate regions, you need to run the PowerShell script
twice. The first time, use the $ListenerILBIP and $ListenerProbePort from the
first region. The second time, use the $ListenerILBIP and $ListenerProbePort
from the second region. The cluster network name and the cluster IP resource name are also
different for each region.
8. Bring the availability group cluster role online. In Failover Cluster Manager under Roles,
right click the role, and select Start Role.
If necessary, repeat the steps above to set the cluster parameters for the WSFC cluster IP address.
1. Get the IP address name of the WSFC Cluster IP address. In Failover Cluster Manager
under Cluster Core Resources, locate Server Name.
2. Right-click IP Address, and select Properties.
3. Copy the Name of the IP address. It may be Cluster IP Address.

4. Set the cluster parameters in PowerShell.

 a. Copy the following PowerShell script to one of your SQL Server instances. Update the
variables for your environment.
• $ClusterCoreIP is the IP address that you created on the Azure load balancer for
the WSFC core cluster resource. It is different from the IP address for the availability
group listener.
• $ClusterProbePort is the port you configured on the Azure load balancer for
the WSFC health probe. It is different from the probe for the availability group
listener.
PowerShell
4. $ClusterNetworkName = "<MyClusterNetworkName>" # the cluster network name
(Use Get-ClusterNetwork on Windows Server 2012 of higher to find the name)
$IPResourceName = "<ClusterIPResourceName>" # the IP Address resource name
$ClusterCoreIP = "<n.n.n.n>" # the IP Address of the Cluster IP resource.
This is the static IP address for the load balancer you configured in the
Azure portal.
[int]$ClusterProbePort = <nnnnn> # The probe port from the
WSFCEndPointprobe in the Azure portal. This port must be different from
the probe port for the availability group listener probe port.

Import-Module FailoverClusters

Get-ClusterResource $IPResourceName | Set-ClusterParameter -Multiple

@{"Address"="$ClusterCoreIP";"ProbePort"=$ClusterProbePort;"SubnetMask"="2
55.255.255.255";"Network"="$ClusterNetworkName";"EnableDhcp"=0}

b. Set the cluster parameters by running the PowerShell script on one of the cluster nodes.
Warning
The availability group listener health probe port has to be different from the cluster core IP address
health probe port. In these examples, the listener port is 59999 and the cluster core IP address is
58888. Both ports require an allow inbound firewall rule.

Set the listener port in SQL Server Management Studio

1. Launch SQL Server Management Studio and connect to the primary replica.
2. Navigate to AlwaysOn High Availability | Availability Groups | Availability Group
Listeners.
3. You should now see the listener name that you created in Failover Cluster Manager. Right-
click the listener name and click Properties.
4. In the Port box, specify the port number for the availability group listener by using the
$EndpointPort you used earlier (1433 was the default), then click OK.

Test the connection to the listener

To test the connection:
1. RDP to a SQL Server that is in the same virtual network, but does not own the replica. This
can be the other SQL Server in the cluster.
 2. Use sqlcmd utility to test the connection. For example, the following script establishes a
sqlcmd connection to the primary replica through the listener with Windows authentication:

sqlcmd -S <listenerName> -E

If the listener is using a port other than the default port (1433), specify the port in the connection
string. For example, the following sqlcmd command connects to a listener at port 1435:

2. sqlcmd -S <listenerName>,1435 -E

The SQLCMD connection automatically connects to whichever instance of SQL Server hosts the
primary replica.
Note
Make sure that the port you specify is open on the firewall of both SQL Servers. Both servers
require an inbound rule for the TCP port that you use. See Add or Edit Firewall Rule for more
information.

Guidelines and limitations

Note the following guidelines on availability group listener in Azure using internal load balancer:
• With an internal load balancer, you only access the listener from within the same virtual
network.
• If you are restricting access with an Azure Network Security Group, ensure that the allow
rules include the backend SQL Server VM IP addresses, and the load balancer floating IP
addresses for the AG listener and the cluster core IP address, if applicable.

For more information

For more information, see Configure Always On availability group in Azure VM manually.

PowerShell cmdlets
Use the following PowerShell cmdlets to create an internal load balancer for Azure virtual
machines.
• New-AzLoadBalancer creates a load balancer.
• New-AzLoadBalancerFrontendIpConfig creates a front-end IP configuration for a load
balancer.
• New-AzLoadBalancerRuleConfig creates a rule configuration for a load balancer.
• New-AzLoadBalancerBackendAddressPoolConfig creates a backend address pool
configuration for a load balancer.
• New-AzLoadBalancerProbeConfig creates a probe configuration for a load balancer.
• Remove-AzLoadBalancer removes a load balancer from an Azure resource group.