Availability Group Endpoint URL Firewall Gotcha
A few days ago I was working on changing the Endpoint URL and Port for a 2016 SQL Server Availability Group to use a private network interface. We wanted this so we could have the Synchronizing (or Mirroring) traffic have its own dedicated network, which would keep it away from the network traffic of client connections to the database server. This would help increase the throughput of data to and from the databases in the Availability Databases list.
Our setup is a straight forward Windows Cluster with two Nodes. We have two stand alone SQL Server Instances running on these Nodes. Each Instance has an Availability Group defined with one Node the Primary Replica and the other Node the Secondary Replica. We run the Replicas in Synchronous Commit Availability Mode with Automatic Failover. All connections are allowed to the Primary Role and the Readable Secondary is set to no.