Azure Load Balancer

What is Azure Load Balancer?

Azure Load Balancer is a Layer 4 (TCP/UDP) load balancer that enables you to create highly available and scalable applications. It distributes incoming traffic among a pool of backend resources, such as virtual machines, ensuring that no single resource is overwhelmed and that your application remains accessible even if some resources fail.

Key Features:

  • High Availability: Distributes traffic across multiple instances, providing redundancy.
  • Scalability: Handles fluctuating traffic demands by scaling resources up or down.
  • Layer 4 Load Balancing: Operates at the transport layer, distributing TCP and UDP traffic.
  • Health Probes: Monitors the health of backend instances and redirects traffic away from unhealthy ones.
  • Port Forwarding: Allows external access to specific ports on internal virtual machines.
  • NAT Rules: Enables network address translation for inbound and outbound connections.
  • Regional Service: Operates within a specific Azure region for localized high availability.

How Azure Load Balancer Works

Azure Load Balancer uses a hash-based distribution algorithm to distribute traffic. When a client sends a request, the load balancer examines the connection's hash, which is typically derived from the source IP address, source port, protocol, destination IP address, and destination port. This hash is then used to select a backend instance from the load balancing pool.

Types of Load Balancers:

Azure offers two main types of load balancers:

  1. Standard Load Balancer: Provides advanced features, higher throughput, and regional availability zones support. Recommended for production workloads.
  2. Basic Load Balancer: A simpler version suitable for development and testing environments. It has limitations on scale and features.

Common Use Cases

Azure Load Balancer is ideal for various scenarios:

  • Distributing traffic for web applications hosted on virtual machines.
  • Ensuring high availability for databases and other backend services.
  • Enabling seamless failover between application instances.
  • Simplifying management of scalable applications.

Configuring Azure Load Balancer

The configuration of Azure Load Balancer typically involves the following steps:

  1. Create a Load Balancer Resource: In the Azure portal, create a new Load Balancer resource, specifying its type (Standard or Basic), region, and SKU.
  2. Configure Frontend IP Configuration: Define the public or private IP addresses that will receive incoming traffic.
  3. Create Backend Address Pools: Associate your virtual machines or virtual machine scale sets with the load balancer.
  4. Define Health Probes: Configure health probes to check the status of your backend instances. This can be done using TCP, HTTP, or HTTPS probes.
  5. Set Load Balancing Rules: Define rules that map frontend IP addresses and ports to backend pools and ports, specifying the protocol and idle timeout.
  6. Configure Inbound NAT Rules (Optional): If you need to access specific VMs directly from the internet, configure Inbound NAT rules.

Important Note on Distribution Mode:

For 5-tuple hash distribution, the default for Load Balancer, the hash is calculated using the following fields: Source IP address, Source port, Protocol, Destination IP address, Destination port. For 2-tuple hash distribution, the hash is calculated using Source IP address, Protocol.

Example Configuration Snippet (Conceptual)


# This is a conceptual example and not actual CLI commands.
# Refer to Azure CLI or PowerShell documentation for exact syntax.

# Create a public load balancer
az network lb create --name myLoadBalancer --resource-group myResourceGroup --sku Standard --public-ip-address myPublicIP

# Add a backend pool
az network lb address-pool create --lb-name myLoadBalancer --name myBackendPool --resource-group myResourceGroup

# Create a health probe
az network lb probe create --lb-name myLoadBalancer --name myHealthProbe --resource-group myResourceGroup --protocol Tcp --port 80

# Create a load balancing rule
az network lb rule create --lb-name myLoadBalancer --name myHttpRule --resource-group myResourceGroup \
    --protocol Tcp --frontend-port 80 --backend-port 80 \
    --frontend-ip-name myFrontendIP \
    --backend-pool-name myBackendPool \
    --health-probe myHealthProbe \
    --disable-outbound-snat true # Or false, depending on your outbound SNAT needs

Monitoring and Diagnostics

Azure Load Balancer integrates with Azure Monitor for comprehensive monitoring and diagnostics. You can track metrics such as data path availability, data processed, and health probe status. Log analytics can also be configured to capture detailed traffic flow logs.

Further Reading