How RDP works in Windows Azure Roles?

The way RDP works is that one of the roles (when you have multiple roles and instance) will have RemoteForwarder running in all of its instances, and all of the roles will have RemoteAccess running. When you RDP into a specific instance, the role type which has the RemoteForwarder running is listening on port 3389 for all incoming RDP requests to that deployment.

Because all of your role instances are behind the load balancer, any random instance could receive the RDP connection. The RemoteForwarder then internally passes that connection to the RemoteAccess agent running on the specific instance you are trying to connect to.

 

So it is possible that if the role which is running RemoteForwarder is cycling, then you will not be able to RDP into any other role in that deployment. This could also bring some intermittent RDP issues with your instances. 

 

If you would want to dig deeper you can look at CSDEF to determine which role is running the RemoteForwarder because that one will be the key instance for RDP enablement overall. If you have multiple instances and know few are stable then other, you can move RemoteForwarder to a role instance which you know is stable.