Azure Load Balancer
When an application becomes popular and a single server can no longer handle all the incoming requests, the natural solution is to add more servers. But how does incoming traffic get distributed across multiple servers evenly? Azure Load Balancer is the answer. It automatically distributes incoming network traffic across a group of backend servers to ensure no single server is overwhelmed.
What is a Load Balancer?
A load balancer sits in front of a group of servers (called the backend pool) and acts as the single entry point for all incoming traffic. When a request arrives, the load balancer decides which backend server should handle it, based on a configured distribution rule.
Without vs With Load Balancer
WITHOUT Load Balancer:
Client → VM-1 (overloaded!)
Client → VM-1 (overloaded!) VM-2 (idle) VM-3 (idle)
WITH Load Balancer:
Client ─┐
Client ─┤→ Load Balancer → VM-1 (handling 33%)
Client ─┘ → VM-2 (handling 33%)
→ VM-3 (handling 33%)
Azure Load Balancer Types
| Type | Layer | Traffic Type | Best For |
|---|---|---|---|
| Azure Load Balancer (Basic/Standard) | Layer 4 (TCP/UDP) | Any TCP or UDP traffic | High performance, low latency, non-HTTP workloads |
| Azure Application Gateway | Layer 7 (HTTP/HTTPS) | HTTP, HTTPS, WebSocket | Web apps — URL routing, SSL termination, WAF |
| Azure Traffic Manager | DNS level | Any protocol (DNS-based routing) | Global traffic distribution across regions |
| Azure Front Door | Layer 7 global | HTTP/HTTPS | Global web app acceleration, WAF, CDN capabilities |
Azure Standard Load Balancer Components
- Frontend IP: The IP address that clients connect to. Can be a public IP (internet-facing) or private IP (internal).
- Backend Pool: The group of VMs or instances that receive the distributed traffic.
- Load Balancing Rules: Define how incoming traffic on a frontend port maps to a backend port.
- Health Probes: Regularly check backend instances by sending test requests. Instances that fail the health check are automatically removed from rotation until they recover.
- Inbound NAT Rules: Forward traffic from a specific frontend port to a specific VM — used for direct access to individual VMs.
Load Balancing Algorithms
Azure Load Balancer uses a hash-based algorithm by default. The hash is calculated from the source IP, source port, destination IP, destination port, and protocol. This ensures that packets from the same client session consistently reach the same backend instance (session stickiness).
Public vs Internal Load Balancer
| Type | Frontend IP | Use Case |
|---|---|---|
| Public Load Balancer | Public IP address | Distribute internet traffic to backend VMs |
| Internal (Private) Load Balancer | Private IP from VNet | Distribute traffic between internal tiers (e.g., from web tier to app tier) |
Application Gateway – Layer 7 Load Balancing
Application Gateway is a web traffic load balancer that works at the application layer (HTTP/HTTPS). It understands HTTP requests and can make intelligent routing decisions based on URL paths, hostnames, or request headers.
- Path-based routing: Route /images/* to one backend pool and /api/* to another.
- Host-based routing: Route shop.company.com to one backend and blog.company.com to another — using a single gateway.
- SSL Termination: Decrypt HTTPS at the gateway, reducing the SSL processing load on backend servers.
- Web Application Firewall (WAF): Protect web applications from common attacks like SQL injection and cross-site scripting.
- Autoscaling: Automatically scale the gateway based on traffic load.
Key Takeaways
- Azure Load Balancer distributes traffic across backend VMs at Layer 4 (TCP/UDP) for high throughput.
- Azure Application Gateway provides Layer 7 load balancing for web apps with URL routing and WAF protection.
- Azure Traffic Manager uses DNS-based routing to direct users to the nearest or best-performing regional endpoint.
- Health probes automatically remove unhealthy backend instances from the rotation.
- Public Load Balancer distributes internet traffic; Internal Load Balancer distributes traffic between private tiers.