Table of Contents
Load balancers distribute incoming network traffic across a group of backend resources or services, which are typically virtual machines (VMs). Azure offers two types of load balancers: internal (private) and public. An internal load balancer will distribute traffic within a private network, whereas a public load balancer will distribute incoming Internet traffic to your VMs.
Feature | Internal Load Balancer | Public Load Balancer |
---|---|---|
IP Address | Private IP from the VNet address space | Public IP Address |
Scope | Within VNet or interconnected VNets | Internet to VMs |
Access Control | Network Security Groups (NSGs) | NSGs and optionally, by using DDoS Protection |
Use Case | Intra-application or cross-tier traffic | Internet-facing applications |
Before creating a load balancer, decide whether you need a public or an internal load balancer based on the nature of your application or service.
A resource group is a container that holds related resources for an Azure solution. You can create a new resource group or use an existing one.
Navigate to the Azure portal, select “Create a resource,” search for “Load balancer,” and choose “Create.”
After creating the load balancer, you need to define the backend pool:
Health probes check the status of your VM instances. If an instance is deemed unhealthy, the load balancer will stop sending traffic to it until it’s healthy again.
Load balancing rules define how traffic is distributed to the VMs:
Set up NSG rules to allow or deny traffic to VMs:
After configuration, test the load balancer to ensure it is correctly distributing traffic:
Lastly, monitor your load balancer to ensure it is performing optimally. Azure Monitor and Log Analytics can provide insights into health and metrics.
Configure an Azure load balancer with careful planning and testing to ensure it supports your application’s needs and resilience requirements. Whether you are using a public load balancer for internet-facing applications or an internal load balancer for traffic within a VNet, the above steps will guide you through the process of setting up a foundational element for your Azure infrastructure.
Explanation: Azure Load Balancer supports both TCP and UDP protocols, as well as other protocols such as HTTP and HTTPS when used with an Application Gateway.
Answer: D
Explanation: An Azure Internal Load Balancer (ILB) is designed to balance traffic within a virtual network (VNet) and can also be accessed from an on-premises network via VPN or ExpressRoute.
Explanation: Azure allows you to use an existing public IP address when configuring a Load Balancer. You are not required to create a new one every time.
Answer: C
Explanation: A Standard Azure Load Balancer can support up to 1000 instances in its backend pool, offering higher scale than the Basic Load Balancer.
Explanation: Azure Load Balancer operates at the regional level and cannot distribute traffic across different regions. For global traffic distribution, Azure Traffic Manager or Azure Front Door Service could be used instead.
Answer: C
Explanation: NAT rules (Network Address Translation) can be used to forward traffic from a specific source IP address and port to a specific destination IP address and port.
Explanation: Azure’s internal load balancer is intended only for internal traffic, and therefore, can only be assigned a private IP address within the Virtual Network.
Answer: D
Explanation: Health probes are used to determine the health of backend resources. If a probe fails, Load Balancer stops sending traffic to the unhealthy instance.
Answer: C
Explanation: Standard SKU provides a broader range of features than Basic, including improved performance, diagnostics, and availability. It is also zone-redundant, offering high availability across Availability Zones.
Explanation: A single health probe can be used for multiple backend pools in Azure Load Balancer, as long as the health check requirements are the same for all backend instances.
Answer: B
Explanation: A Public Load Balancer is recommended for outbound connectivity scenarios because it allows resources in the VNet to communicate out to the internet.
Azure Load Balancer is a Layer-4 (TCP/UDP) load balancer service that distributes incoming traffic among healthy instances of services defined in a load-balanced set.
There are two types of Load Balancers in Azure Public and Internal.
Public Load Balancer is used to balance incoming Internet traffic, whereas Internal Load Balancer is used to balance traffic within a Virtual Network (VNet).
You can create an internal load balancer by selecting the internal option in the Azure portal when creating a basic load balancer resource.
A health probe is used to check the health of the backend instances in the load-balanced set. If an instance is not responding to the probe, it is marked as unhealthy and traffic is not routed to it.
A load-balanced set is a collection of backend instances that are associated with a load balancer to distribute incoming traffic.
You can configure a load-balanced set by adding backend instances to it, configuring health probes, and configuring load-balancing rules in the Azure portal.
Basic Load Balancer is a lower-cost, lower-capacity, and regional service that provides basic load-balancing functionality. Standard Load Balancer is a global service that provides additional features such as cross-region load balancing, SSL offloading, and high availability.
A load-balancing rule is used to specify how incoming traffic should be distributed to the backend instances in a load-balanced set, based on the source and destination IP addresses, ports, and protocols.
A NAT rule is used to map a public IP address and port to a private IP address and port, to enable traffic to reach a specific backend instance.
You can configure a public IP address for a Load Balancer by creating a public IP resource and associating it with the Load Balancer resource.
You can create a Standard Load Balancer in Azure by selecting the Standard option in the Azure portal when creating a load balancer resource.
You can enable SSL offloading in a Standard Load Balancer by configuring an SSL certificate and a backend server authentication certificate.
A backend pool is a collection of backend instances that are associated with a load-balancing rule, and used to distribute incoming traffic based on the load-balancing rule configuration.
TCP load balancing is used for protocols that require a reliable connection, such as HTTP and HTTPS, whereas UDP load balancing is used for protocols that do not require a reliable connection, such as DNS and SIP.
If this material is helpful, please leave a comment and support us to continue.