Azure Load Balancer Basics

3 minute read

Azure Load Balancer evenly distributes incoming network traffic load among backend resources or servers. It works at layer 4 (Transport Layer) of OSI (Open Systems Interconnection) Model. Inbound load flows from frontend to backend instances of load balancer.

Load Balancer Types

There are Basic and Standard Azure Load Balancers.

Scope of Load Balancers

Public Load Balancer and Private Load Balancer.

Load Balancer Components

  • Frontend IP configuration - Public and Private IP Address.
  • Backend Pool
  • Health Probes
  • Load-Balancing Rules
  • High Availability Ports
  • Inbound NAT rules
  • Outbound Rules

Frontend IP Configuration

It is the IP address for Load Balancer where clients can connect.

There are 2 types:

  • Public IP Address is public IP & Port for incoming traffic from the internet.
  • Private IP Address is the IP and Port never exposed to the internet & only exposed to the VMs internal to the VNet (Virtual Network)

Backend Pool

Backend pool is all of the groups of VMs or VM scale set inside the VNet serving the incoming request.

Health Probes

Health Probes explains the health status of the instances in the given backend pool. It supports TCP, HTTP and HTTPs. Basic Load Balancer canโ€™t support HTTPS probes and only support TCP health probes.

Load Balancing Rules

Load Balancing rules define the rule for a port to route the traffic from frontend IP to port of your backend instances of VNet.

For example, you can create a rule to route all traffic from frontend IP port 80 to route to backend pool instances port 80.

High Available Ports

This is only available for Standard load balancer to manage large number of request and having large set of VMs. Here you define a rule protocol -all and port -0.

This single rule to load balance all TCP & UDP flows that arrives to all ports of an internal standard load balancer.

Inbound NAT rules

This is a rule to forward any incoming traffic sent to frontend IP address and port combination to a specific backend pool instances or VMs within a VNet.

Outbound rules

It configures outbound Network Address Mapping for all VMs or instances in a backend pool within a VNet.


In order to understand any concept concretely you must know its limitations.

Below are the limitations of Azure Load Balancers:

  • Forwarding rules are only for TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) no support for ICMP (Internet Control Message Protocol).
  • Outbound flow from a backend VM to a frontend IP of internal load balancer will fail.
  • You can only have 1 public and internal load balancer for single Availability Set.
  • Both frontends and backendโ€™s instances must be within the same Virtual Network (VNet). Since, load balancer rules canโ€™t span across 3 VNets.

    You can use Standard Load Balancer to be zonal redundant for high availability however they must be within single VNet.

Knowledge Check ๐Ÿ‘จโ€๐Ÿซ

How many Virtual Networks can a load balancer connect?
Correct Answer: only 1

At which OSI Layer does an Azure load balancer operate?
Correct Answer: Layer 4 (Transport Layer) of OSI (Open Systems Interconnection) Model.

Thanks for reading my article till end. I hope you learned something special today. If you enjoyed this article then please share to your friends and if you have suggestions or thoughts to share with me then please write in the comment box.

Become full stack developer ๐Ÿ’ป

I teach at Fullstack Master. If you want to become Software Developer and grow your carrier as new Software Engineer or Lead Developer/Architect. Consider subscribing to our full stack development training programs. You will learn Angular, RxJS, JavaScript, System Architecture and much more with lots of hands on coding. We have All-Access Monthly membership plans and you will get unlimited access to all of our video courses, slides, download source code & Monthly video calls.

  • Please subscribe to All-Access Membership PRO plan to access current and future angular, node.js and related courses.
  • Please subscribe to All-Access Membership ELITE plan to get everything from PRO plan. Additionally, you will get access to a monthly live Q&A video call with Rupesh and you can ask doubts/questions and get more help, tips and tricks.

Your bright future is awaiting for you so visit today FullstackMaster and allow me to help you to board on your dream software company as a new Software Developer, Architect or Lead Engineer role.

๐Ÿ’– Say ๐Ÿ‘‹ to me!
Rupesh Tiwari
Founder of Fullstack Master