What is a Relay?


The Azure Relay service facilitates hybrid applications by enabling you to securely expose services that reside within a corporate enterprise network to the public cloud, without having to open a firewall connection, or require intrusive changes to a corporate network infrastructure. Relay supports a variety of different transport protocols and web services standards.

The relay service supports traditional one-way, request/response, and peer-to-peer traffic. It also supports event distribution at internet-scope to enable publish/subscribe scenarios and bi-directional socket communication for increased point-to-point efficiency.

In the relayed data transfer pattern, an on-premises service connects to the relay service through an outbound port and creates a bi-directional socket for communication tied to a particular rendezvous address. The client can then communicate with the on-premises service by sending traffic to the relay service targeting the rendezvous address. The relay service then "relays" data to the on-premises service through a bi-directional socket dedicated to each client. The client does not need a direct connection to the on-premises service, it is not required to know where the service resides, and the on-premises service does not need any inbound ports open on the firewall.

For more information, click here.


A server will need to be setup inside your network (or possibly in your DMZ) that will host the WCF relay application.  The minimum specs for this server are:

  • Windows Server 2016 (Virtual or Physical)
  • .net 4.6.1
  • 2 cores, 8gb ram
  • 32 gb hard drive

Outbound to the following ports: 9351, 9352, 5671 (TCP) 

Using an internet proxy is also acceptable.