[klaas-]

yeah, that's what we did. We captured it at the last place in our network (a router) and then compared the tcp payloads to the packets that we received in azure in our firewall. Next step was to get the dumps from as much inbetween as possible, it seems that is only the edge router of Azure and our express route gateway. After looking at the pcap of the azure edge myself I verified that the package is still okay there, the MS support verified it's broken in the express route gateway, so it has to be flipped somewhere inside their Azure Germany network stack. They are still searching where ... :)

[shrubble]

The header of the pcap should show the MAC address of the devices, so, where you able to determine using the MAC OUI lookup, who makes the hardware that is not working right? The express route gateway would have to be connected directly to see the needed MAC, however.

[klaas-]

so my guess would be there are more than a few devices between the edge and the express route gateway (which is more or less a VM I was told). So I am guessing right now someone is trying to figure out what hardware is involved in between the two points we captured and looking at that stuff :) For me as a customer that's just a big black box (cloud)