/
Azure Traffic Manager

Azure Traffic Manager

Owned by Roger Cruz
Last updated: Feb 27, 2022

Intro

Azure Traffic Manager is a DNS-based traffic load balancer. This service allows you to distribute traffic to your public facing applications across the global Azure regions. 

 

Documentation

 

Tips and Tidbits

 

  • DNS-based traffic load balancer that enables you to distribute traffic optimally to services across global Azure regions, while providing high availability and responsiveness.

  • Traffic Manager uses DNS to direct the client requests to the appropriate service endpoint based on a traffic-routing method.

    • Clients connect to the selected endpoint directly.

    • Traffic Manager is not a proxy or a gateway.

    • Traffic Manager does not see the traffic passing between the client and the service.

  • Traffic Manager works at the DNS level which is at the Application layer (Layer-7).

  • It uses DNS to determine the nearest Azure datacenter to which external traffic should be routed.

  • Because Traffic Manager is a DNS-based load-balancing service, it load-balances only at the domain level.

    • For that reason, it can't fail over as quickly as Front Door, because of common challenges around DNS caching and systems not honoring DNS time-to-live values (TTLs).

  • Traffic manager also provides health monitoring for every endpoint.

  • A recursive DNS service, sometimes called a 'local DNS' service, does not host DNS domains directly.

    • Rather, the client off-loads the work of contacting the various authoritative DNS services across the Internet needed to resolve a DNS name.

    • The recursive DNS service caches the DNS responses it receives.

  • The DNS resolver on the client device also caches the result.

    • Caching enables subsequent DNS queries to be answered more quickly by using data from the cache rather than querying other name servers.

    • The duration of the cache is determined by the 'time-to-live' (TTL) property of each DNS record.

 

Azure provides a suite of fully managed load-balancing solutions for your scenarios.

  • If you want to load balance between your servers in a region at the application layer, review Application Gateway.

  • If you need to optimize global routing of your web traffic and optimize top-tier end-user performance and reliability through quick global failover, see Front Door.

  • To do network layer load balancing, review Load Balancer.

Your end-to-end scenarios may benefit from combining these solutions as needed. For an Azure load-balancing options comparison, see Overview of load-balancing options in Azure

 

  • Traffic Manager selects an endpoint based on the configured traffic-routing method.

  • Traffic Manager supports a range of traffic-routing methods to suit different application needs.

  • Once the endpoint is selected the clients then connect directly to the appropriate service endpoint.

Traffic Manager Routing Methods

  • Traffic routing methods

  • Azure Traffic Manager supports six traffic-routing methods to determine how to route network traffic to the various service endpoints.

  • For any profile, Traffic Manager applies the traffic-routing method associated to it to each DNS query it receives.

  • The traffic-routing method determines which endpoint is returned in the DNS response.

Priority routing

  • Select this routing method when you want to have a primary service endpoint for all traffic.

    • You can provide multiple backup endpoints in case the primary or one of the backup endpoints is unavailable.

  • When a Traffic Manager profile is configured for priority routing it contains a prioritized list of service endpoints.

    • Traffic Manager sends all traffic to the primary (highest-priority) endpoint first. If the primary endpoint is not available, Traffic Manager routes the traffic to the second endpoint, and so on.

    • Availability of the endpoint is based on the configured status (enabled or disabled) and the ongoing endpoint monitoring.

    • The Priority traffic routing method allows you to easily implement a failover pattern.

 

Weighted routing

  • Select this routing method when you want to distribute traffic across a set of endpoints based on their weight.

  • Set the weight the same to distribute evenly across all endpoints

 

Performance routing

  • Select the routing method when you have endpoints in different geographic locations, and you want end users to use the "closest" endpoint for the lowest network latency.

  • The Performance routing method is designed to improve the responsiveness by routing traffic to the location that is closest to the user.

  • The closest endpoint is not necessarily measured by geographic distance. Instead Traffic Manager determines closeness by measuring network latency.

 

Geographic routing

  • Select this routing method to direct users to specific endpoints (Azure, External, or Nested) based on where their DNS queries originate from geographically.

    • With this routing method, it enables you to be compliant with scenarios such as data sovereignty mandates, localization of content & user experience and measuring traffic from different regions.

  • When a Traffic Manager profile is configured for Geographic routing, each endpoint associated with that profile needs will have a set of geographic locations assigned to it.

    • Any requests from those regions gets routed only to that endpoint.

    • Some planning is required when you create a geographical endpoint.

    • A location cannot be in more than one endpoint.

  • based on the geographic location their DNS query originates from.

    • IP address used to determine the region isn't the client's IP address, but rather the IP address of the recursive DNS service.

  • enables you to be in compliance with data sovereignty mandates, localization of content & user experience and measuring traffic from different regions.

 

A geographic region can be at following levels of granularity

  • World– any region

  • Regional Grouping – for example, Africa, Middle East, Australia/Pacific etc.

  • Country/Region – for example, Ireland, Peru, Hong Kong SAR etc.

  • State/Province – for example, USA-California, Australia-Queensland, Canada-Alberta etc. (note: this granularity level is supported only for states / provinces in Australia, Canada, and USA).

MultiValue

  • Select this routing method for Traffic Manager profiles that can only have IPv4/IPv6 addresses as endpoints.

  • When a query is received for this profile, all healthy endpoints are returned.

 

Subnet

  • Select this routing method to map sets of end-user IP address ranges to a specific endpoint.

  • When a request is received, the endpoint returned will be the one mapped for that request’s source IP address.

 

Load Balancing

 

  • Understand Azure load balancing - Pay attention to the global vs regional use and the type of traffic.

  • The following table summarizes the Azure load balancing services by these categories:

Service

Global/regional

Recommended traffic

Service

Global/regional

Recommended traffic

Azure Front Door

Global

HTTP(S)

Traffic Manager

Global

non-HTTP(S)

Application Gateway

Regional

HTTP(S)

Azure Load Balancer

Regional + Global

non-HTTP(S)

 

Traffic Manager endpoint monitoring

 

  • Traffic Manager endpoint monitoring

  • Azure Traffic Manager includes built-in endpoint monitoring and automatic endpoint failover.

    • This feature helps you deliver high-availability applications that are resilient to endpoint failure, including Azure region failures

    • When the monitoring protocol is set as HTTP or HTTPS, the Traffic Manager probing agent makes a GET request to the endpoint using the protocol, port, and relative path given. An endpoint is considered healthy if probing agent receives a 200-OK response, or any of the responses configured in the Expected status code ranges.

Nested Traffic Manager profiles

  • Each Traffic Manager profile can only specify one traffic-routing method.

  • However, you may have scenarios that require more complicated traffic routing than the routing that can be provided by a single Traffic Manager profile.

  • In these situations, you can combine traffic routing methods by using nested Traffic Manager profiles to gain the benefits of multiple traffic-routing methods.

  • Nested profiles enable you to override the default Traffic Manager behavior to support larger and more complex traffic-routing configurations for your application deployments.

 

see Nested Traffic Manager profiles.

  • Each Traffic Manager profile specifies a single traffic-routing method.

 

  • Suppose that you deployed an application in the following Azure regions: West US, West Europe, and East Asia.

  • You use Traffic Manager's 'Performance' traffic-routing method to distribute traffic to the region closest to the user.

  • You want to use the 'weighted' traffic-routing method to direct a small percentage of traffic to your test deployment.

 

  • In this configuration, traffic directed via the parent profile distributes traffic across regions normally.

  • Within West Europe, the nested profile distributes traffic to the production and test endpoints according to the weights assigned.

  • 'MinChildEndpoints' determines the minimum number of available endpoints in the child profile.

 

Traffic Manager endpoints

  • Azure Traffic Manager enables you to control how network traffic is distributed to application deployments running in your different datacenters.

    • You configure each application deployment as an endpoint in Traffic Manager.

    • When Traffic Manager receives a DNS request, it chooses an available endpoint to return in the DNS response.

    • Traffic manager bases the choice on the current endpoint status and the traffic-routing method.

Traffic Manager supports three types of endpoints:

  • Azure endpoints - Use this type of endpoint to load-balance traffic to a cloud service, web app, or public IP address in the same subscription within Azure.

  • External endpoints - Use this type of endpoint to load balance traffic for IPv4/IPv6 addresses, FQDNs, or for services hosted outside Azure. These services can either be on-premises or with a different hosting provider.

  • Nested endpoints - Use this type of endpoint to combine Traffic Manager profiles to create more flexible traffic-routing schemes to support the needs of larger, more complex deployments. With Nested endpoints, a child profile is added as an endpoint to a parent profile. Both the child and parent profiles can contain other endpoints of any type, including other nested profiles.

 

Configuring endpoint monitoring

  • Azure Traffic Manager includes built-in endpoint monitoring and automatic endpoint failover.

  • HTTPS monitoring doesn't verify whether your TLS/SSL certificate is valid; it only checks that the certificate is present.

  • Custom Header settings: This configuration setting helps you add specific HTTP headers to the health checks that Traffic Manager sends to endpoints under a profile.

    • The custom headers can be specified at a profile level to be applicable for all endpoints in that profile and / or at an endpoint level applicable only to that endpoint.

    • You can use custom headers for health checks of endpoints in a multi-tenant environment.

    • That way it can be routed correctly to their destination by specifying a host header.

    • You can also use this setting by adding unique headers that can be used to identify Traffic Manager originated HTTP(S) requests and processes them differently.

    • You can specify up to eight header:value pairs separated by a comma. Example - header1:value1, header2:value2

  • For HTTP or HTTPS monitoring protocol, a common practice on the endpoint side is to implement a custom page within your application - for example, /health.aspx.

    • Using this path for monitoring, you can perform application-specific checks, such as checking performance counters or verifying database availability.

    • Based on these custom checks, the page returns an appropriate HTTP status code.

 

Configure a custom domain name in Azure App Service with Traffic Manager integration