ETIMEDOUT Error Connecting Azure App Service (Node.js) to Azure MySQL Flexible Server via Private Link

Question

ETIMEDOUT Error Connecting Azure App Service (Node.js) to Azure MySQL Flexible Server via Private Link

Edward 0

Hi everyone,

I keep getting a connect ETIMEDOUT error when trying to connect from my Node.js application (running on an Azure App Service) to an Azure Database for MySQL Flexible Server over a Private Link.

I setup my App Service and MySQL Flex Server at the same time.

What I've tried:

DNS Resolution
- nslookup x-crm-server.mysql.database.azure.com → Returns x-crm-server.privatelink.mysql.database.azure.com with private IP 10.0.2.4.
- Confirmed DNS is resolving correctly.
Telnet & Curl Check
- curl -v telnet://10.0.2.4:3306 → Opens a connection and accessible on the network.
VNet
- Subnets have no explicit NSG rules, so no immediate denies, but not sure if a route or hidden NSG is blocking traffic.
SSL On/Off
- Tried disabling and enabling SSL in the Node.js config (ssl: false and ssl: { ca: [cert], rejectUnauthorized: true }).
- Same ETIMEDOUT result either way.
No NSG or Firewall
- Subnets are assigned but have no custom NSG rules or route tables. Possibly something is misconfigured with the Private Link or VNet Integration.
Credentials & Username
- Using myuser in the connection config. Also tried variations without @x-crm-server. Still times out.

Log on Kudu:

(I've taken out sensitive details:)

2025-03-12T06:40:52.120487495Z Certificate file found at: /home/site/wwwroot/DigiCertGlobalRootCA.crt.pem
2025-03-12T06:40:52.127665896Z Certificate file size (bytes): 1338
2025-03-12T06:40:52.128597014Z Attempting to connect to MySQL with the following settings:
2025-03-12T06:40:52.129931450Z DB_HOST: x-crm-server.mysql.database.azure.com
2025-03-12T06:40:52.129943030Z DB_USER: 
2025-03-12T06:40:52.129945742Z DB_NAME: crm
2025-03-12T06:40:52.129948197Z DB_PORT: 3306
2025-03-12T06:40:52.129950679Z SSL Certificate path: /home/site/wwwroot/DigiCertGlobalRootCA.crt.pem
2025-03-12T06:41:08.140373316Z Error connecting to MySQL: connect ETIMEDOUT
2025-03-12T06:41:08.158406326Z Error: connect ETIMEDOUT
2025-03-12T06:41:08.158430563Z     at Object.createConnectionPromise [as createConnection] (/home/site/wwwroot/node_modules/mysql2/promise.js:19:31)
2025-03-12T06:41:08.158434311Z     at connectToDatabase (file:///home/site/wwwroot/database.js:32:36)
2025-03-12T06:41:08.158436827Z     at file:///home/site/wwwroot/database.js:222:26
2025-03-12T06:41:08.158439208Z     at ModuleJob.run (node:internal/modules/esm/module_job:197:25)
2025-03-12T06:41:08.158447907Z     at async Promise.all (index 0)
2025-03-12T06:41:08.158450462Z     at async ESMLoader.import (node:internal/modules/esm/loader:337:24)
2025-03-12T06:41:08.158452950Z     at async loadESM (node:internal/process/esm_loader:88:5)
2025-03-12T06:41:08.158455512Z     at async handleMainPromise (node:internal/modules/run_main:61:12)
2025-03-12T06:41:08.242024276Z node:internal/process/esm_loader:94
2025-03-12T06:41:08.242071126Z     internalBinding('errors').triggerUncaughtException(
2025-03-12T06:41:08.242075364Z                               ^
2025-03-12T06:41:08.242078065Z 
2025-03-12T06:41:08.242080463Z Error: connect ETIMEDOUT
2025-03-12T06:41:08.242082882Z     at Object.createConnectionPromise [as createConnection] (/home/site/wwwroot/node_modules/mysql2/promise.js:19:31)
2025-03-12T06:41:08.242085863Z     at connectToDatabase (file:///home/site/wwwroot/database.js:32:36)
2025-03-12T06:41:08.242088323Z     at file:///home/site/wwwroot/database.js:222:26
2025-03-12T06:41:08.242090621Z     at ModuleJob.run (node:internal/modules/esm/module_job:197:25)
2025-03-12T06:41:08.242092979Z     at async Promise.all (index 0)
2025-03-12T06:41:08.242095319Z     at async ESMLoader.import (node:internal/modules/esm/loader:337:24)
2025-03-12T06:41:08.242097796Z     at async loadESM (node:internal/process/esm_loader:88:5)
2025-03-12T06:41:08.242100142Z     at async handleMainPromise (node:internal/modules/run_main:61:12) {
2025-03-12T06:41:08.242102512Z   code: 'ETIMEDOUT',
2025-03-12T06:41:08.242104864Z   errno: undefined,
2025-03-12T06:41:08.242107125Z   sqlState: undefined
2025-03-12T06:41:08.341743114Z }
2025-03-12T06:41:08.400892600Z npm info lifecycle crm@1.0.0~start: Failed to exec start script
2025-03-12T06:41:08.412003467Z npm ERR! code ELIFECYCLE
2025-03-12T06:41:08.412589996Z npm ERR! errno 1
2025-03-12T06:41:08.432130670Z npm ERR! crm@1.0.0 start: `node server.js`
2025-03-12T06:41:08.432568251Z npm ERR! Exit status 1

Environment/Setup:

Azure App Service: Node.js application, VNet-integrated (XCRMVnet/XCRMAppSubnet)

Azure MySQL Flexible Server: Hosted in the same VNet (XCRMVnet/XCRMDbSubnet) with a private endpoint

Database: MySQL Flexible Server, private IP 10.0.2.4, port 3306

Node.js MySQL2 Library: mysql2/promise

Edward 0 Reputation points

2025-03-12T23:45:45.0733333+00:00

Hi @Mallaiah Sangi

Thanks for your reply. I had a look at SNAT and I can't access it because I'm not in production. **The site is running on a non production tier. Current SKU is Basic. Kindly upgrade to a production tier.**

I'm not really having intermittent problems connecting, more having troubles with my initial connection.

I was finally able to fix it by changing my host from x-crm-server.mysql.database.azure.com to 10.0.2.4

1 answer

Your answer

Edward 0 Reputation points

2025-03-12T23:45:45.0733333+00:00

Hi @Mallaiah Sangi

Thanks for your reply. I had a look at SNAT and I can't access it because I'm not in production. **The site is running on a non production tier. Current SKU is Basic. Kindly upgrade to a production tier.**

I'm not really having intermittent problems connecting, more having troubles with my initial connection.

I was finally able to fix it by changing my host from x-crm-server.mysql.database.azure.com to 10.0.2.4

Answer 1

Hi Edward,

Thanks for the Question and using Microsoft Q&A platform

You can use App Service Diagnostics to find SNAT port allocation information and observe the SNAT ports allocation metric of an App Service site. To find SNAT port allocation information, follow the following steps:

To access App Service diagnostics, navigate to your App Service web app or App Service Environment in the Azure portal. In the left navigation, select Diagnose and solve problems.
Select Availability and Performance Category
Select SNAT Port Exhaustion tile in the list of available tiles under the category. The practice is to keep it below 128. If you do need it, you can still open a support ticket, and the support engineer will get the metric from back-end for you.

Since SNAT port usage isn't available as a metric, it isn't possible to either autoscale based on SNAT port usage, or to configure auto scale based on SNAT ports allocation metric.

Please Refer to detailed guide here- https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-intermittent-outbound-connection-errors

Hope this helps. Do let us know if you any further queries. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.

Share via

ETIMEDOUT Error Connecting Azure App Service (Node.js) to Azure MySQL Flexible Server via Private Link

1 answer

Your answer