Azure Load Balancing and Content Delivery

Quick Answer: Azure Load Balancer = Layer 4 (TCP/UDP) within a region. Application Gateway = Layer 7 (HTTP) within a region. Front Door = global HTTP load balancing + CDN. Traffic Manager = DNS-based global routing. Azure CDN = edge caching for static content.

Azure Load Balancing Services

Azure provides four load balancing services, each designed for different scenarios:

Azure Load Balancer (Layer 4)

Distributes inbound traffic across VMs or other resources within a region at the transport layer (TCP/UDP). It does not inspect the content of packets.

Key features:

• Layer 4 — Operates at TCP/UDP level (does not understand HTTP)
• Public or Internal — Public Load Balancer for internet traffic; Internal Load Balancer for private VNet traffic
• Health probes — Monitors backend health and routes traffic only to healthy instances
• Port forwarding — Forward traffic from a specific port to a specific backend VM
• High performance — Handles millions of flows with ultra-low latency

Azure Application Gateway (Layer 7)

A web traffic load balancer that operates at the application layer (HTTP/HTTPS). It understands HTTP traffic and can make routing decisions based on URLs, headers, and cookies.

Key features:

• Layer 7 — URL-based routing, cookie-based session affinity
• SSL/TLS termination — Offload encryption/decryption to the gateway
• Web Application Firewall (WAF) — Built-in protection against OWASP top 10 vulnerabilities (SQL injection, XSS, etc.)
• Autoscaling — Automatically scales based on traffic
• Regional — Operates within a single Azure region

Azure Front Door (Global Layer 7)

A global, scalable entry point for web applications that combines load balancing, CDN, and WAF into a single service.

Key features:

• Global — Routes traffic to the nearest Azure region for lowest latency
• CDN integration — Caches content at Microsoft's global edge network
• WAF — Global web application firewall protection
• SSL offloading — Handles encryption at the edge
• URL-based routing — Route different URL paths to different backends
• Session affinity — Route users to the same backend for the duration of a session

Azure Traffic Manager (DNS-Based)

A DNS-based traffic load balancer that distributes traffic across global Azure regions. It does NOT proxy traffic — it simply returns the IP address of the best endpoint.

Routing methods:

Load Balancing Comparison

Azure Content Delivery Network (CDN)

Azure CDN caches static content at strategically placed Points of Presence (PoP) locations around the world. When a user requests content, it is served from the nearest PoP rather than the origin server, reducing latency.

Key features:

• Global edge network — Hundreds of PoP locations worldwide
• Dynamic site acceleration — Optimize delivery of dynamic content too
• Custom domains — Use your own domain name with HTTPS
• Caching rules — Control how long content is cached
• Compression — Automatically compress content for faster delivery
• Integration — Works with Blob Storage, App Service, and any public web endpoint

When to use Azure CDN:

• Static website content (images, CSS, JavaScript)
• Video streaming
• Software downloads
• IoT firmware updates

On the Exam: Remember that Azure CDN reduces latency by caching content at edge locations close to users. For load balancing decisions, focus on whether the scenario needs Layer 4 (Load Balancer), Layer 7 regional (Application Gateway), or Layer 7 global (Front Door).