• 3 min read

The new Azure Load Balancer – 10x scale increase

Azure Load Balancer is a network load balancer offering high scalability, throughput and low latency across TCP and UDP load balancing. Today, we are excited to announce the new Standard SKU of the Azure Load Balancer.

Azure Load Balancer is a network load balancer offering high scalability, throughput and low latency across TCP and UDP load balancing.

Today, we are excited to announce the new Standard SKU of the Azure Load Balancer. The Standard SKU adds 10x scale, more features along with deeper diagnostic capabilities than the existing Basic SKU. The new offer is designed to handle millions of flows per second and built to scale and support even higher loads. Standard and the Basic Load Balancer options share APIs and will offer our customers several options to pick and choose what best match their needs.

Below are some of the important features of the new Standard SKU:

Vastly increased Scalability

Standard Load Balancer can distribute network traffic of up to one thousand (1000) VM instances in a backend pool. This is a 10x scale improvement over the existing Basic SKU. One or more large scale virtual machine Scale Sets can be configured behind a single highly available IP address and the health and availability of each instance is managed and monitored by health probes.


Versatility within the Vnet

The new Standard Load Balancer spans an entire virtual network (VNet). Any virtual machine in the VNet can be configured to join the backend pool and is not restricted to a single availability set as is the case of our Basic Load Balancer. Customers can combine multiple scale sets, availability sets, or individual virtual machines in the backend pool.

Blazingly fast provisioning

The new SKU sits atop a brand-new control plane that executes configuration changes within seconds. The result is a highly responsive API frontend that is quick to react to updates and needs for sudden changes.

IP address control and flexibility

The use and full control of a static public IP address for the frontend, makes it possible to use it in conjunction with traditional network firewalls which typically requires hardcoded IP addresses. Azure also supports moving a static Public IP address between load balancers, providing stickiness and stability during re-deployments and upgrades. 

Increased outbound connectivity

Both Basic and Standard Load Balancers allow multiple frontend IP addresses to be used. The Standard Load Balancer expands on this ability to allow any or all IPs  to be used for outbound flows, hence increasing the number of overall outbound connections by spinning up more frontends. 

Resiliency and AZ support

We have opted to also include additional functionality when using standard load balancer with Azure Availability Zones (AZs). Customers can now enable zone redundancy on their public and internal frontends using a single IP address or tie their frontend IP addresses to a specific zone. This type of cross-zone load balancing can address any VM or VM Scale Set in a region. A zone-redundant IP address is served (advertised) by the load balancer in every zone, since the data path is anycast within the region. In the unlikely chance that a zone goes down completely, the load balancer is able to serve the traffic from instances in another zone, very quickly. More details can be found in the Availability Zones & Standard Load Balancer documentation.


High-availability (HA) Ports

Creation of active-active setups and n+1 redundancy for network virtual appliances like firewalls and other network proxies have been a customer ask for a while. Customers can enable HA Ports for per flow to load balancing on all ports on the frontend of an internal Standard Load Balancer. This enables simple set up of highly-available configurations, while removing the need for many individual load-balancing rules. More details can be found in the HA Ports documentation.

New insights and diagnostics

Introducing new telemetry, automatic in-band health measurements, as well as insights into traffic volumes, inbound connection attempts, outbound connection health, and Azure’s platform health, the new load balancer brings a wealth of extra value to customers looking for increased control and network visibility across their deployments. As soon as a customer configures a public frontend of the Standard Load Balancer, Azure begins in-band active measurements to determine the health of a customer’s endpoint from within the region, allowing for new insights into the network. All of this information is exposed as a collection of multi-dimensional metrics in Azure Monitor and can be consumed by Azure’s Operations Management Suite and others. For complete details, please visit the diagnostics and monitoring improvements documentation.


Secure by Default

Lastly, we have made a few changes and tweaks to the security posture of our new SKU. IP addresses and load balanced endpoints now default to closed until or unless a customer has opened specific ports to permit traffic using a Network Security Group (NSG) that is attached to the backend VM or the subnet in which the VM resides.

Azure Standard Load Balancer is now generally available in 27 public cloud regions. For more details please refer to the load balancer documentation page.