Azure Documentation

Application Gateway Configuration

Application Gateway Rules

Application Gateway rules are the core of how you direct traffic to your backend services. They define the conditions under which traffic is forwarded and what actions are taken. These rules allow for sophisticated traffic management, enabling features like URL-based routing, host-based routing, and redirection.

Rule Types

There are two primary types of rules in Azure Application Gateway:

Basic Rules

Basic rules are used for simple request routing. They match a listener and forward traffic to a default backend pool and HTTP settings. These are useful for scenarios where all traffic to a specific port and IP address should go to the same backend.

Example: All traffic hitting listener port 80 on the gateway is forwarded to the 'WebAppBackendPool'.

Multi-site Rules

Multi-site rules enable you to host multiple web applications on the same Application Gateway instance. This is achieved by defining rules based on the host name in the incoming request. Each rule can be associated with a different listener and direct traffic to a specific backend pool.

Example: Traffic for 'app1.example.com' goes to 'App1BackendPool', while traffic for 'app2.example.com' goes to 'App2BackendPool'.

Path-based Rules

Path-based rules allow you to route traffic to different backend pools based on the URL path of the request. This is highly effective for microservices architectures or when different parts of an application are handled by distinct backend services.

Example: Requests to '/images/*' are routed to 'ImageBackendPool', '/api/*' to 'ApiBackendPool', and all other requests to 'DefaultBackendPool'.

Key Components of a Rule

Each rule is composed of several key components:

  • Listener: The listener that receives the incoming traffic. A rule is associated with a specific listener.
  • Host Name (Optional): For multi-site configurations, the host name(s) to match. Wildcards can be used.
  • URL Path (Optional): For path-based routing, the URL paths to match. Wildcards are supported.
  • Backend HTTP Settings: The settings used to connect to the backend servers, including protocol, port, and cookie-based affinity.
  • Backend Pool: The set of backend servers that will receive the traffic matching the rule.
  • Redirect Configuration (Optional): An action to redirect the request to a different URL or return a specific HTTP status code.
  • Rewrite Configuration (Optional): An action to modify the request or response headers or URL before forwarding.

Creating and Managing Rules

Rules are typically configured through the Azure portal, Azure CLI, Azure PowerShell, or ARM templates.

Azure Portal Steps:

  1. Navigate to your Application Gateway resource in the Azure portal.
  2. Under "Settings", select "Rules".
  3. Click "+ Add rule".
  4. Choose the listener, backend targets (backend pool and HTTP settings), and optionally configure redirection or host/path-based routing.
  5. Save the rule.

Example Rule Configuration (Conceptual):

Setting Value Description
Rule Name MyPathBasedRule A descriptive name for the rule.
Listener MyFrontendListener The listener this rule applies to.
Priority 100 Lower numbers have higher priority.
Rule Type Path-based Specifies path-based routing.
Default Backend Pool DefaultAppBackend Backend pool for unmatched paths.
Default HTTP Settings DefaultAppHTTP HTTP settings for unmatched paths.
Paths
  • Path: /api/*
  • Backend Pool: ApiBackend
  • HTTP Settings: ApiHTTP
  • Path: /static/*
  • Backend Pool: StaticBackend
  • HTTP Settings: StaticHTTP
 Defines specific paths and their corresponding backends.
Tip: Ensure that your rule priorities are correctly set, especially when using multiple rules. A higher priority rule (lower number) will be evaluated first.

Understanding and effectively configuring Application Gateway rules is crucial for building robust, scalable, and secure web applications on Azure.