VM Connection very often gets disconnected

HI David_Lafferty< apologies for the late reply.

If you want, you can find me here www.linkedin.com/in/tejas-memane

I will explain what and how it's happening for everyone.

consider

The avd diagram first RDP Shortpath - Azure Virtual Desktop | Microsoft Learn

This article is also helpful for your configuration.

Over here there are 3 steps to get your avd session active.

1.Color Purple Line
Your user on his Laptop will open the RD client app or the WebPortal, and will try to access his subscription. You will be prompted for a 1st auth with your domain creds.

This is represented by the Purple line. depending on your setup if its hybrid, on prem or only cloud, Auth request will flow to where your DC is located, and it will be allocated a token after successful verification.

2. Color Red Line
Once you're in, you will be redirected to the web access link while in backend Azure will find your Authorization stored in SQL Database and it will display your available resources i.e Apps or Desktops sessions hosts.

3. The Blue Line.

Now once you're here, you click on the session desktop or app and may or may not get another cred prompt for auth depending on SSO is enabled or not. 

This is a representation of the user session by "Reverse connect" and not direct access as inside with RDP Or MSTSC access to the User session. 

Eg. You visit a restaurant so and you sit at a table, you order what you want to the Waiter and donot barge into the Restaurant Kitchen directly. 

Similarly, here all the requests are managed over the RDGateway.
Now all this Traffic is being managed by TCP 443 and is reliable but at the same time there are overheads on these packets hence it's like a Metro train stopping at every station and picking up passengers causing delays.

As per AVD design recommendations the AVD Resources should be close to each other as possible.

But in real world it's not possible In WFH situations and if you go through the entire way to your destination, which may cause the RTT time to go over 200 MS leading to disconnections. 

ConnectionFailedClientDisconnect (-2147467259).

you can check this in the diagnostic logs or also in the sign in logs.

KQL may give added info.

See this website for delay predictions as per your own location and compare the RTT azurespeed.com
You will notice that this may be lower or higher for you.

Now the fun Begins.

I have handled cases where the Customers resources are located in same location, but they face constant disconnections.

Here the culprit is UDP traffic over undefined network routes and NVA hops.

4. UDP traffic is shown by the Dotted Lite Blue line at the top.
If you see RDP short path removes the TCP way from picture and connects directly to the machine, however it has its own pros and cons, i.e. speed but with compromise on stability.
This connection may be strong if the below things are maintained and well configured.

UDP traffic is shown by the dotted lite blue line at the top.
This is direct and fast but may be unreliable given the nature of UDP.

it may be as low as 1 ms. you can what's your connection type by clicking on the 4 blue connection bars symbol which will say TCP Websocket or UPD.

In order to have a good connection i will recommend you, to get RDP short path Configured 
Make sure you select your environment if its managed or public shortpath solution.

you may have to take in consideration the NVA devices which may cause WAN flapping see article Route Flapping Demystified: Causes, Impacts, and Mitigation Strategies in Dynamic Networks - NETWORK ENCYCLOPEDIA
If the route is not defined clearly in Azure disconnections will follow as this will disconnect causing problem to reach the IP of your physical Machine in datacenter unit allocated to you.
Also, in public networks as of now there are STUN and Turn servers, there route your traffic, hence need to properly configure by your net team. 
Also Turn is still in preview so may fail so stick to stun.

If you want to stick to TCP Disable the RDP Short Path so traffic will not flow over UDP.

The gist is these disconnections are based on location of resources and their point of loci, system environment configuration and network pls don't confuse it with the isp speed per.

Feel free to reach out to me for any queries.
If you still face issue DO NOT open case with AVD Team Instead open it with AZURE NETWORK Team who can help you.

For Configuration of RDP Short path you can check with your Cloud Solutions architect for consultations.

Forgive me for any mistakes if made in the reply.

I hope you the best.

Thanks, and Regards

Tejas Memane

MS Global SME Azure