After deploying new Azure hosted Windows servers we have installed the DX UIM hub (23.4.1) and connected these hubs via tunnels to our primary environment.

Those tunnels demonstrated significant instability - mostly staying connected for 3 - 5 minutes before disconnecting, going through a period of "can't connect to" messages in the client hub log, followed by a successful connection and another couple minutes of functionality. 

This repeats over and over - the tunnels work for a few minutes, then get disconnected, then reconnect and work for a few minutes, making it very difficult to manage the hubs.

Is there a solution?

DX UIM hub hosted on Microsoft Azure platform

The DX UIM hub creates several SSL sessions (by default, a total of 6 sessions) in rapid succession to accommodate tunnel traffic.  These sessions are suspended and re-used as needed.

Azure employs throttling of outbound network traffic which interferes with the creation of sessions in rapid succession, causing tunnels to become unstable.

Unfortunately, due to the design of the hub tunnels, and the limitations imposed by Azure, there is no permanent solution.

However, the issue can be mitigated to some extent by editing the hub.cfg (e.g. using Raw Configure) and adding the following keys -- these go in the <tunnel> section of hub.cfg:

<tunnel>
   session_pool_active = 1
   session_pool_passive = 1

This limits the number of sessions to 2 (1 active and 1 passive) which will provide greater stability.

With these settings, it is still likely that the tunnels will not be fully stable and you may experience the disconnect/reconnect cycle approximately once per hour instead of every few minutes.

Azure Network Bandwidth Throttling