Last updated on July 3, 2023
Azure Load Balancer Cheat Sheet
- Distributes incoming network traffic across multiple targets.
- Allows you to route traffic based on source IP address and port to a destination IP address and port.
Features
- The load balancer supports TCP/UDP-based protocols.
- Scales automatically as traffic increases.
- The load-balancing decision is based on the following tuple connection:
- Source IP address and port
- Destination IP address and port
- Protocol
- NAT allows you to control the inbound and outbound network traffic.
- Inbound rules – traffic allowed to a specific virtual machine or instance in the backend pool.
- Outbound rules – enable all resources to communicate to the Internet.
- Control the flow of traffic inside your private virtual network using an internal load balancer.
- You can use a public load balancer to allow outbound connections for your virtual machines.
- Azure Load Balancer supports IPv6.
- Load balancer tiers: Basic and Standard
Concepts
- A group of VMs or instances in a VM scale set serving the incoming request is called backend pool.
- Determine the health status of backend pool instances with health probes.
- Health probe down behavior – if the probes in a backend pool fail, it will stop receiving traffic until it starts passing health probes again.
- Standard load balancer availability zones:
- Zonal = single zone
- Zone-redundant = multiple zones
- Use Azure Monitor to check the metrics, alerts, and resource health of Azure Load Balancer.
- High Availability (HA) ports enable load balancing on all ports of TCP and UDP protocols.
- With multiple frontends, you can load balance services on multiple ports and multiple IP addresses.
- SLA guarantees that two or more healthy VMS will always be available.
Details |
Basic Load Balancer |
Standard Load Balancer |
Backend pool size |
Supports up to 300 instances. |
Supports up to 1000 instances. |
Backend pool endpoints |
A single availability set for VMs or VM scale set. |
A single virtual network for any VMs or VM scale sets. |
Health probes |
TCP, HTTP |
TCP, HTTP, HTTPS |
Health probe down behavior |
TCP connections stay alive on an instance probe down. All TCP connections terminate when all probes are down. |
TCP connections stay alive on an instance probe down and on all probes down. |
Availability Zones |
Not available |
Zone-redundant and zonal frontends for inbound and outbound traffic. |
Diagnostics |
Azure Monitor logs |
Azure Monitor multi-dimensional metrics |
HA Ports |
Not available |
Available for Internal Load Balancer |
Secure by default |
Open by default. Network security group optional. |
Closed to inbound flows unless allowed by a network security group. Please note that internal traffic from the VNet to the internal load balancer is allowed. |
Outbound Rules |
Not available |
Declarative outbound NAT configuration |
TCP Reset on Idle |
Not available |
Available on any rule |
Multiple frontends |
Inbound only |
Inbound and outbound |
Management Operations |
60-90+ seconds typical |
Most operations < 30 seconds |
SLA |
Not available |
99.99% |
- Frontend IP configuration
- Public load balancer = public IP address
- Internal load balancer = private IP address
- Backend pools
- The resources in the backend pool come from a single virtual network.
- You can associate the backend pool to a VM or VM scale set.
- Load Balancing Rules
- A load balancing rule distributes the incoming traffic to the resources in the backend pool.
- The IP version you can select is between IPv4 and IPv6.
- You can only assign a frontend IP address that has one public IP address.
- Select between TCP and UDP protocols.
- Health probes can determine which VMs in the backend pool can receive the load-balanced traffic.
- Session persistence maintains the traffic from a client to the same virtual machine.
- None – any virtual machine can handle successive requests from the same client.
- Client IP – the same virtual machine will handle successive requests from the same client IP address.
- Client IP and protocol – the same virtual machine will handle successive requests from the same client IP address and protocol combination.
- Idle timeout keeps a TCP or HTTP connection open without depending on the clients to send keep-alive messages.
- If the connection is idle, you can use a TCP reset.
- Floating IP changes the IP address mapping to the frontend IP of the load balancer.
Azure Load Balancer Pricing
- You are charged based on the number of outbound rules.
- You are billed for the first five rules of load balancing.
- You are not charged for the NAT rules.
Azure Load Balancer vs App Gateway vs Traffic Manager:
https://tutorialsdojo.com/azure-load-balancer-vs-app-gateway-vs-traffic-manager/
Want to learn more about Azure? Watch the official Microsoft Azure YouTube channel’s video series called Azure Tips and Tricks.
Validate Your Knowledge
Question 1
Question Type: Single choice
A company has multiple virtual machines in a virtual machine scale set named TDScale1 in its Azure environment. You need to recommend a solution that will evenly distribute Internet traffic to your virtual machines.
What Azure service should you use to satisfy this requirement?
- Public Load Balancer
- Private Load Balancer
- Azure Traffic Manager
- Azure Front Door
Question 2
Question Type: Single choice
What Azure service should you use if you want your application to have a higher level of availability and to evenly distribute internal traffic across virtual machines within a VNET?
- Private Load Balancer
- Public Load Balancer
- Application Gateway
- Network Security Group
For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:
Azure Load Balancer Cheat Sheet References:
https://docs.microsoft.com/en-us/azure/load-balancer/load-balancer-overview
https://azure.microsoft.com/en-us/services/load-balancer/