Table 5.1 compares the technologies discussed in this chapter. These solutions can be deployed in a single load balancing solution or as a combination. In certain scenarios, you will have an Azure Traffic Manager pointing to two different Application Gateways, which further distributes the traffic to backend pools.
TABLE 5.1 Comparing Load Balancing Solutions
| Service | Azure Load Balancer | Application Gateway | Azure Front Door | Azure Traffic Manager |
| Technology | Transport layer or L4 | Application Layer or L7 | L7 or HTTP/HTTPS | DNS Resolver |
| Supported protocols | Any TCP or UDP protocol | HTTP, HTTPS, WebSocket, and HTTP/2 | Split TCP-based anycast protocol | DNS resolution |
| Supported backends and endpoints | Azure VMs and Azure VMSS | Azure VMs, Azure VMSS, Azure App Service, IP addresses, and host names | Internet-facing services hosted inside or outside Azure | Azure Cloud Services, Azure App Services, Azure App Service Slots, and Public IP addresses |
| Network connectivity | External and Internal | External and Internal | External and Internal | External |
Summary
In this chapter we focused on network traffic management using the load-balancing solutions available in Azure. The services included in the scope of this chapter are Azure Load Balancer, Azure Application Gateway, Azure Front Door, and Azure Traffic Manager. We started the chapter with the availability options, which is required for building highly available architecture in Azure. The options we discussed included availability sets and availability zones. Availability sets can protect you from hardware failures and planned maintenance events within a datacenter. However, the catch is if the entire datacenter is down, your services will not be available. To overcome this crisis, we have availability zones in Azure; each zone is an isolated set of datacenters having separate power, cooling, and network lines. Deploying the services to availability zones mitigates the downtime caused by datacenter failure. Even if one zone goes down, your instance will be running in another datacenter serving your customers.
Then we discussed Azure Load Balancer, a layer 4 load balancer ideal for handling any TCP or UDP-based traffic. Load Balancer mainly focuses on the source IP, source port, destination IP, destination port, and protocol for routing the traffic to the backend pools. The supported services are limited to Azure VMs and Azure VMSS. After Azure Load Balancer, we covered Azure Application Gateway, which is ideal for implementing load balancing to web applications. As Application Gateway is a layer 7 load balancer, you have path-based routing and multiple-site routing unlike the Azure Load Balancer. There is an optional component called WAF—a web application firewall that can be incorporated into the Application Gateway for checking the request for any vulnerabilities before routing to the backend servers.
Additionally, we covered Azure Front Door and Azure Traffic Manager. Azure Front Door will help you build highly available architecture with global reach. The features are similar to Azure Application Gateway. The advantage is that Azure Front Door can work in a multiregion environment. On the other hand, Azure Traffic Manager is a DNS resolver that will return the DNS response to the client based on the routing method. Finally, we concluded the chapter with a comparison between the load-balancing solutions so that you can choose the right solution.
With this chapter, we are winding up the topic of Azure networking. In the past three chapters, we started from the basics of Azure networking, moved on to on-premises connectivity, and concluded with network management. In Chapter 6, “Azure Storage,” we will be covering another core pillar of infrastructure: storage.
