Share via

how to fix the firewall subnet issue with machine learning workstation and control the virtual network cost?

rain purple 100 Reputation points
2025-12-03T04:02:42.2+00:00

Hello, support team:

 I send a technical billing support request with the Virtual Network Private Link and private endpoint issue. my virtual network increases sharply with almost 25% from October to November. but there's no obvious change for my operating. most of the cost(90%) is from Private Link product with Meter(Standard Private Endpoint)  and  the last 10% is for IP Addresses - Standard IPv4.

It's crazy for total virtual network cost, do I  find or download wrong cost file? or I write wrong sub-name with virtual network?

When I ask for copilot  the same question, you know copilot can answer the question about submit cost  or the related  simple question that I can do, copilot give me another number 32$ with my virtual network in November,  about 60% . so I don't know copilot give me a suggestion with the virtual network cost can optimize to 60% (saving 40%), or  he told me I  see the wrong cost file?

Turn back to the support request, My problem is: How many classes can  virtual network divide into?  for basic virtual machine and machine learning workspace(I know there's some endpoint cost cannot cancel in machine learning from last Asking support in Community Q&A) . if the cost is right, that means the cost for the total virtual network with Standard Private Endpoint will near to 65$ in December?     **How crazy it is!**   Can I close all the private endpoint? If I can close, the cost will decrease into no more than 20$?

 By the way, there's no cost issue with firewall subnet from the cost file, but the function issue always give the feedback with local IP and firewall subnet limit.

Thank you very much for your help!

rain

Azure Advisor
Azure Advisor
An Azure personalized recommendation engine that helps users follow best practices to optimize Azure deployments.
Answer accepted by question author
  1. Siva shunmugam Nadessin 3,025 Reputation points Microsoft External Staff Moderator
    2025-12-05T09:17:36.29+00:00

    Hello  rain purple,

    Thank you for reaching out to the Microsoft Q&A forum.

    Here’s what you can consider doing to address this:

    Understand the Costs:

    • The Azure Machine Learning managed virtual network is generally free, but you incur charges for Azure Private Link (which includes private endpoints) and potentially Azure Firewall if you have FQDN based rules set up.
    • You mentioned that your costs surged with a 25% increase, mainly from Private Link costs. The Private Link allows secure communication, but it can ramp up costs based on usage.

    Check Your Private Endpoints:

    • If you do not need the private endpoints for your current operations, consider temporarily deleting them. However, keep in mind that deleting Azure Machine Learning resources like workspaces or endpoints may affect the configurations and previously stored settings.

    Managing Your Virtual Network:

    • If you find that a certain resource (like the machine learning workspace) is costing more than anticipated and not in use, deleting and potentially recreating it later could result in cost savings.
    • Be cautious that deleting the workspace may lose all configurations and settings tied to your Machine Learning operations, such as AKS setups or priority instances.

    Firewall and Subnet Configuration:

    • You mentioned issues with local IP and firewall subnet limits. Ensure your network setup aligns with Azure's requirements to not incur unnecessary charges.
    • If Firewall fees aren’t showing in the cost file, check if you're indeed configuring the firewall rules properly or if other services might inadvertently lead to costs.

    To identify more specific issues and optimize your setup, here are some follow-up questions that might help clarify:

    Costs:

    • Can you provide a breakdown of your costs related to the Private Link and Firewall, or if there are specific resources you suspect are generating the higher charges?

    Resource Usage:

    • Are the resources such as the workspace and private endpoints actively being used, or are they in a standby state?
    • When you checked the Azure Copilot, did the numbers reflect variable usage patterns over different periods?

    Impact of Deleting Resources:

    • Have you considered how the dependencies between your Machine Learning settings and the private endpoints might affect existing projects if deleted?
    • Will you need to maintain persistent configurations, or can they be easily recreated/validated post-deletion?

    Configuration:

    • Do you have a detailed inventory of all the resources you are using within the virtual network? Understanding what you have can help optimize costs.

    Hope this helps you sort through the cost issues and manage your setup more effectively! Let me know if there's anything else you might need!

    References:

     

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2025-12-03T04:02:55.35+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To address your concerns regarding the virtual network costs and firewall subnet issues with your Azure Machine Learning workspace, here are some key points to consider:

    1. Cost Optimization: You can optimize costs associated with private endpoints by determining if you can reuse a private link to a resource from other virtual networks. Using a private endpoint across regional virtual network peering can help avoid additional peering fees, as you only pay for the private link access itself.
    2. Evaluate Private Endpoints: If the costs are primarily from the Standard Private Endpoint, consider whether you can close any unnecessary private endpoints. However, be aware that some endpoints may be essential for your machine learning operations, and closing them could affect functionality.
    3. Firewall Subnet Issues: While there may not be direct costs associated with the firewall subnet, ensure that your configurations align with your operational needs. If you are receiving feedback regarding local IP and firewall subnet limits, it may be beneficial to review your firewall rules and configurations to ensure they are optimized for your use case.
    4. Cost Classes and Management: Virtual networks can be divided into various classes based on their configuration and usage. For a basic virtual machine and machine learning workspace, the costs can vary significantly based on the resources and services utilized. It’s crucial to monitor and manage these resources effectively to avoid unexpected charges.
    5. Monitoring and Reporting: Regularly review your cost reports and usage metrics to identify any discrepancies or unexpected increases. If you suspect that the cost file you are using is incorrect, consider downloading a fresh report from the Azure portal for accurate billing information.

    By implementing these strategies, you may be able to reduce your virtual network costs significantly. However, ensure that any changes made do not compromise the functionality required for your machine learning tasks.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.