azure-docs/articles/service-bus-messaging/service-bus-faq.yml at fe3d7e1aa0f8e37f19985ebfb10de416abdca504 · MicrosoftDocs/azure-docs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
### YamlMime:FAQ
metadata:
  title: Azure Service Bus frequently asked questions (FAQ) | Microsoft Docs
  description: This article provides answers to some of the frequently asked questions (FAQ) about Azure Service Bus.
  ms.topic: faq
  ms.date: 01/16/2025
title: Azure Service Bus - Frequently asked questions (FAQ)
summary: |
  This article discusses some frequently asked questions about Microsoft Azure Service Bus. You can also visit the [Azure Support FAQs](https://azure.microsoft.com/support/faq/) for general Azure pricing and support information.


sections:
  - name: General questions about Azure Service Bus
    questions:
      - question: |
          What is Azure Service Bus?
        answer: |
          [Azure Service Bus](service-bus-messaging-overview.md) is an asynchronous messaging cloud platform that enables you to send data between decoupled systems. Microsoft offers this feature as a service, which means that you don't need to host your own hardware to use it.

      - question: |
          What is a Service Bus namespace?
        answer: |
          A [namespace](service-bus-messaging-overview.md#concepts) provides a scoping container for addressing Service Bus resources within your application. Creating a namespace is necessary to use Service Bus and is one of the first steps in getting started.

      - question: |
          What is an Azure Service Bus queue?
        answer: |
          A [Service Bus queue](service-bus-queues-topics-subscriptions.md) is an entity in which messages are stored. Queues are useful when you have multiple applications, or multiple parts of a distributed application that need to communicate with each other. The queue is similar to a distribution center in that multiple products (messages) are received and then sent from that location.

      - question: |
          What are Azure Service Bus topics and subscriptions?
        answer: |
          A topic can be visualized as a queue and when using multiple subscriptions, it becomes a richer messaging model; essentially a one-to-many communication tool. This publish/subscribe model (or *pub/sub*) enables an application that sends a message to a topic with multiple subscriptions to have that message received by multiple applications.

      - question: |
          What is a partitioned entity?
        answer: |
          A conventional queue or topic is handled by a single message broker and stored in one messaging store. A [partitioned queue, or topic](service-bus-partitioning.md) is handled by multiple message brokers and stored in multiple messaging stores. This feature means that the overall throughput of a partitioned queue or topic is no longer limited by the performance of a single message broker or messaging store. Also, a temporary outage of a messaging store doesn't render a partitioned queue or topic unavailable.

          Ordering isn't ensured when using partitioned entities. In the event that a partition is unavailable, you can still send and receive messages from the other partitions.

      - question: Where does Azure Service Bus store data?
        answer: |
          Azure Service Bus standard tier utilizes Azure SQL Database for its backend storage layer. For all regions except Brazil South and Southeast Asia, the database backup is hosted in a different region (usually the Azure paired region). For the Brazil south and Southeast Asia regions, database backups are stored in the same region to accommodate data-residency requirements for these regions.

          Azure Service Bus premium tier stores metadata and data in regions that you select. When geo-disaster recovery is set up for an Azure Service Bus premium namespace, the metadata is copied over to the secondary region that you select.


      - question: |
          What ports do I need to open on the firewall?
        answer: |
          You can use the following protocols with Azure Service Bus to send and receive messages:

          - Advanced Message Queuing Protocol 1.0 (AMQP)
          - Hypertext Transfer Protocol 1.1 with TLS (HTTPS)

          See the following table for the outbound TCP ports you need to open to use these protocols to communicate with Azure Service Bus:

          | Protocol | Ports | Details |
          | -------- | ----- | ------- |
          | AMQP | 5671, 5672 | AMQP with TLS. See [AMQP protocol guide](service-bus-amqp-protocol-guide.md) |
          | HTTPS | 443 | This port is used for the HTTP/REST API and for AMQP-over-WebSockets |

          The HTTPS port is generally required for outbound communication also when AMQP is used over port 5671, because several management operations performed by the client SDKs and the acquisition of tokens from Microsoft Entra ID (when used) run over HTTPS.

          The official Azure SDKs generally use the AMQP protocol for sending and receiving messages from Service Bus.

          [!INCLUDE [service-bus-websockets-options](./includes/service-bus-websockets-options.md)]

      - question: |
          Does Azure Service Bus support Java Message Service (JMS)?
        answer: |
          Yes. It does. See the following articles:

          - [Use JMS 2.0 API with Azure Service Bus Premium](how-to-use-java-message-service-20.md)
          - [JMS developer guide](jms-developer-guide.md)

      - question: |
          What IP addresses do I need to add to allowlist?
        answer: |
          To find the right IP addresses to add to allowlist for your connections, follow these steps:

          1. Run the following command from a command prompt:

              ```
              nslookup <YourNamespaceName>.servicebus.windows.net
              ```
          2. Note down the IP address returned in `Non-authoritative answer`.

          If you use the **zone redundancy** for your namespace, you need to do a few extra steps:

          1. First, you run nslookup on the namespace.

              ```
              nslookup <yournamespace>.servicebus.windows.net
              ```
          2. Note down the name in the **non-authoritative answer** section, which is in one of the following formats:

              ```
              <name>-s1.cloudapp.net
              <name>-s2.cloudapp.net
              <name>-s3.cloudapp.net
              ```
          3. Run nslookup for each one with suffixes s1, s2, and s3 to get the IP addresses of all three instances running in three availability zones,

              > [!NOTE]
              > The IP address returned by the `nslookup` command isn't a static IP address. It remains constant until the underlying deployment is deleted or moved to a different cluster, however using IP addresses isn't recommended or supported, and you'll need to keep track of changes to the IP addresses.

      - question: |
          Where can I find the IP address of the client sending/receiving messages to/from a namespace?
        answer: |
          We don't log the IP addresses of clients sending or receiving messages to/from your namespace. Regenerate keys so that all existing clients fail to authenticate and review [Azure role-based access control (Azure RBAC)](authenticate-application.md#azure-built-in-roles-for-azure-service-bus)) settings to ensure that only allowed users or applications have access to the namespace.

          If you're using a **premium** namespace, use [IP filtering](service-bus-ip-filtering.md), [virtual network service endpoints](service-bus-service-endpoints.md), and [private endpoints](private-link-service.md) to limit access to the namespace.

  - name: Best practices
    questions:
      - question: |
          What are some Azure Service Bus best practices?
        answer: |
          See [Best practices for performance improvements using Service Bus](./service-bus-performance-improvements.md) – this article describes how to optimize performance when exchanging messages.

      - question: |
          What should I know before creating entities?
        answer: |
          The following properties of a queue and topic are immutable. Consider this limitation when you create your entities, as these properties can't be modified without creating a new replacement entity.

          * Partitioning
          * Sessions
          * Duplicate detection
          * Express entity

          ## Pricing

          This section answers some frequently asked questions about the Service Bus pricing structure.

          The [Service Bus pricing and billing](https://azure.microsoft.com/pricing/details/service-bus/) article explains the billing meters in Service Bus. For specific information about Service Bus pricing options, see [Service Bus pricing details](https://azure.microsoft.com/pricing/details/service-bus/).

          You can also visit the [Azure Support FAQs](https://azure.microsoft.com/support/faq/) for general Azure pricing information.

      - question: |
          How do you charge for Service Bus?
        answer: |
          For complete information about Service Bus pricing, see [Service Bus pricing details](https://azure.microsoft.com/pricing/details/service-bus/). In addition to the prices noted, you're charged for associated data transfers for egress outside of the data center in which your application is provisioned.

      - question: |
          What usage of Service Bus is subject to data transfer? What isn't?
        answer: |
          Any data transfer within a given Azure region is provided at no charge, and any inbound data transfer. Data transfer outside a region is subject to egress charges, which can be found [here](https://azure.microsoft.com/pricing/details/bandwidth/).

      - question: |
          Does Service Bus charge for storage?
        answer: |
          No. Service Bus doesn't charge for storage. However, there's a quota limiting the maximum amount of data that can be persisted per queue/topic. See the next FAQ.

      - question: |
          I have a Service Bus Standard namespace. Why do I see charges under resource group `$system`?
        answer: |
          Azure Service Bus recently upgraded the billing components. Because of this change, if you have a Service Bus Standard namespace, you might see line items for the resource `/subscriptions/<azure_subscription_id>/resourceGroups/$system/providers/Microsoft.ServiceBus/namespaces/$system` under resource group `$system`.

          These charges represent the base charge per Azure subscription that has provisioned a Service Bus Standard namespace.

          It's important to note that these charges aren't new, that is, they existed in the previous billing model too. The only change is that they're now listed under `$system`. It's done because of constraints in the new billing system that groups subscription level charges, not tied to a specific resource, under the `$system` resource ID.

          ## Quotas

          For a list of Service Bus limits and quotas, see the [Service Bus quotas overview](./service-bus-quotas.md).

      - question: |
          How to handle messages of size > 1 MB?
        answer: |
          Service Bus messaging services (queues and topics/subscriptions) allow application to send messages of size up to 256 KB (standard tier) or 100 MB (premium tier). If you're dealing with messages of size greater than the allowed size, use the claim check pattern described in [this blog post](https://www.serverless360.com/blog/deal-with-large-service-bus-messages-using-claim-check-pattern).

  - name: Troubleshooting
    questions:
      - question: |
          Why am I not able to create a namespace after deleting it from another subscription?
        answer: |
          When you delete a namespace from a subscription, wait for 4 hours before recreating it with the same name in another subscription. Otherwise, you might receive the following error message: `Namespace already exists`.

      - question: |
          What are some of the exceptions generated by Azure Service Bus APIs and their suggested actions?
        answer: |
          For a list of possible Service Bus exceptions, see [Exceptions overview](./service-bus-messaging-exceptions.md).

      - question: |
          What is a Shared Access Signature and which languages support generating a signature?
        answer: |
          Shared Access Signatures are an authentication mechanism based on SHA-256 secure hashes or URIs. For information about how to generate your own signatures in Node.js, PHP, Java, Python, and C#, see the [Shared Access Signatures](./service-bus-sas.md) article.

  - name: Subscription and namespace management
    questions:
      - question: |
          How do I migrate a namespace to another Azure subscription?
        answer: |
          You can move a namespace from one Azure subscription to another, using either the [Azure portal](https://portal.azure.com) or PowerShell commands. To execute the operation, the namespace must already be active. The user executing the commands must be an administrator on both the source and target subscriptions.

      - question: |
          Portal
        answer: |
          To use the Azure portal to migrate Service Bus namespaces to another subscription, follow the directions [here](../azure-resource-manager/management/move-resource-group-and-subscription.md#use-the-azure-portal).

      - question: |
          PowerShell
        answer: |
          The following sequence of PowerShell commands moves a namespace from one Azure subscription to another. To execute this operation, the namespace must already be active, and the user running the PowerShell commands must be an administrator on both the source and target subscriptions.

          ```powershell
          # Create a new resource group in target subscription
          Select-AzSubscription -SubscriptionId 'ffffffff-ffff-ffff-ffff-ffffffffffff'
          New-AzResourceGroup -Name 'targetRG' -Location 'East US'

          # Move namespace from source subscription to target subscription
          Select-AzSubscription -SubscriptionId 'aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa'
          $res = Find-AzResource -ResourceNameContains mynamespace -ResourceType 'Microsoft.ServiceBus/namespaces'
          Move-AzResource -DestinationResourceGroupName 'targetRG' -DestinationSubscriptionId 'ffffffff-ffff-ffff-ffff-ffffffffffff' -ResourceId $res.ResourceId
          ```
          ## Is it possible to disable TLS 1.0 or 1.1 on Service Bus namespaces?

          Yes, you can disable TLS 1.0 or 1.1 on Service Bus namespaces by setting the minimum TLS version. For more information, see [Enforce a minimum required version of Transport Layer Security (TLS) for requests to a Service Bus namespace](transport-layer-security-enforce-minimum-version.md).

additionalContent: |
  ## Next steps
  To learn more about Service Bus, see the following articles:

  * [Introducing Azure Service Bus Premium (blog post)](https://azure.microsoft.com/blog/introducing-azure-service-bus-premium-messaging/)
  * Introducing Azure Service Bus Premium (Channel9)
  * [Service Bus overview](service-bus-messaging-overview.md)
  * [Get started with Service Bus queues](service-bus-dotnet-get-started-with-queues.md)