Azure Load Balancer Flashcards

1
Q

What are the primary features of Azure Load Balancer?

A

Layer 4 (Transport Layer)
TCP and UDP load balancing,
High availability,
Autoscaling,
Health probes,
Outbound rules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What types of Azure Load Balancers are available?

A

Basic
Standard
Public and Internal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the difference between Basic and Standard Load Balancer?

A

Standard supports zonal failover, higher scale, and SLA-backed availability. Basic is limited to regional failover and smaller scale.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the purpose of health probes in Azure Load Balancer?

A

To monitor the health of backend instances, ensuring traffic is routed only to healthy instances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How does Azure Load Balancer ensure high availability?

A

Distributes traffic across healthy instances in multiple availability zones and fault domains.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What security features are integrated into Azure Load Balancer?

A

NSG (Network Security Groups) for traffic filtering, DDoS protection for Standard tier.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What use cases are suited for Azure Load Balancer?

A

Web applications, distributed microservices, on-premises to cloud load balancing, and cross-region traffic distribution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What purchasing tiers are available for Azure Load Balancer?

A

Basic and Standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What integration options does Azure Load Balancer support?

A

Azure Virtual Network, NSGs, Azure Firewall, DDoS Protection, Azure Monitor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How does Azure Load Balancer handle disaster recovery?

A

Zonal failover with Standard Load Balancer, and geo-redundancy with cross-region load balancing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How does Azure Load Balancer work with Azure Entra ID and RBAC?

A

RBAC provides role-based access control for managing load balancers and associated resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How does Azure Load Balancer manage outbound connections?

A

Outbound rules define how outbound connectivity is handled, supporting dynamic and static IPs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the architecture of a Standard Load Balancer?

A

Zonal redundancy, managed endpoints in a region, supports HA and scale-out.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are outbound rules in Azure Load Balancer?

A

Rules that define how traffic from internal VMs gets routed to external networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the SLA for Standard Load Balancer?

A

99.99% availability when used with two or more availability zones.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a Load Balancing rule?

A

Defines how traffic is distributed across instances based on IP and port configurations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the key differences between Public and Internal Load Balancers?

A

Public exposes services to the internet, Internal is used within a virtual network for private services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

How does Azure Load Balancer handle session persistence?

A

Session persistence (or sticky sessions) ensures that client requests are directed to the same backend instance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What monitoring tools are available for Azure Load Balancer?

A

Azure Monitor, Log Analytics, diagnostic settings for metrics and logs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is a scenario where an Internal Load Balancer is preferred?

A

When distributing traffic within a private network, such as between VMs in a VNet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

How does Azure Load Balancer support scaling?

A

Automatic scaling based on traffic patterns and backend pool instance count.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is cross-region load balancing?

A

Distributing traffic across multiple regions to improve availability and latency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

How does Azure Load Balancer integrate with Virtual Machines?

A

Distributes traffic to VMs in a backend pool based on defined load balancing rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How is load distribution performed in Azure Load Balancer?

A

Hash-based distribution algorithm using 5-tuple (source/destination IP, port, and protocol).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What are backend pools in Azure Load Balancer?

A

A collection of virtual machines or instances that traffic is routed to based on load balancing rules.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the benefit of using a Standard Load Balancer for zonal redundancy?

A

Ensures traffic distribution across multiple availability zones, increasing fault tolerance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

How does Azure Load Balancer handle multiple front-end IPs?

A

Supports multiple front-end IPs for services that require different public or private IPs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What is a floating IP in Azure Load Balancer?

A

Allows multiple front-end configurations with the same public IP, used in multi-tiered applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What type of workloads is Basic Load Balancer best suited for?

A

Small-scale, non-critical workloads, such as dev/test environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

How does Azure Load Balancer manage multi-tenant scenarios?

A

Supports multiple back-end pools and IP configurations to handle different tenant requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is the relationship between NSGs and Azure Load Balancer?

A

NSGs can be used to control inbound and outbound traffic on Load Balancer endpoints.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is the maximum number of backend instances supported in a Standard Load Balancer?

A

Up to 1,000 backend instances per load balancer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What type of protocols does Azure Load Balancer support?

A

TCP and UDP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What are inbound NAT rules in Azure Load Balancer?

A

Rules that map specific inbound traffic to individual backend instances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

How is session persistence configured in Azure Load Balancer?

A

Configured through Load Balancing rules, which allow enabling of session persistence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is the benefit of cross-region load balancing?

A

Improved latency, global redundancy, and automatic failover across multiple regions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

How does Azure Load Balancer ensure traffic distribution based on backend health?

A

Uses health probes to check the health of backend instances and only routes traffic to healthy instances.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What are health probes?

A

Probes used to check the health of backend VMs or services, configured with specific protocols and ports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

How does Azure Load Balancer improve network resiliency?

A

Ensures balanced traffic distribution across healthy instances and uses zonal redundancy for fault tolerance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What is a common use case for Azure Load Balancer?

A

Load balancing traffic across web applications or microservices for better availability and scalability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

How does Azure Load Balancer handle auto-scaling?

A

Automatically scales backend pool instances based on traffic and health probes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

What Azure services integrate with Azure Load Balancer?

A

Azure Virtual Machines, Virtual Machine Scale Sets, App Service Environments, and Azure Kubernetes Service.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What is the cost difference between Basic and Standard Load Balancers?

A

Basic is free for limited use, Standard has charges based on usage (rules, data processed, etc.).

44
Q

What is the purpose of a frontend IP configuration?

A

Defines the public or private IP used by the Load Balancer for distributing traffic.

45
Q

How does Azure Load Balancer support outbound connections?

A

By defining outbound rules that handle SNAT (Source Network Address Translation) for instances.

46
Q

What is the maximum number of rules supported in a Standard Load Balancer?

A

Up to 300 rules per load balancer.

47
Q

What is a benefit of using a Public Load Balancer?

A

Expose services to the internet for inbound traffic distribution.

48
Q

What are the purchasing tiers for Azure Load Balancer?

A

Basic and Standard.

49
Q

How does Azure Load Balancer handle load distribution?

A

Hash-based distribution of traffic using 5-tuple (source/destination IP, port, and protocol).

50
Q

What is the difference between static and dynamic IP in Azure Load Balancer?

A

Static IPs are reserved, while dynamic IPs change when the resource is deleted or re-created.

51
Q

How does Azure Load Balancer provide session affinity?

A

Session persistence (also called sticky sessions) directs subsequent traffic from the same client to the same backend instance.

52
Q

When using Azure Load Balancer, what is port forwarding?

A

This is when a configured port on the front end is mapped and forwarded traffic to a configured fort on the backend.

53
Q

What are the two types of Azure Load Balancer?

A

Internal Load Balancer and External Load Balancer

54
Q

What is the primary function of an Internal Load Balancer?

A

To balance traffic within a virtual network

55
Q

What is the primary function of an External Load Balancer?

A

To balance traffic from external endpoints to internal virtual machines

56
Q

How does Azure Load Balancer ensure availability?

A

Azure Load Balancer is zonal, meaning it can be deployed in a zone to increase availability

57
Q

What are the two SKUs available for Azure Load Balancer?

A

Basic SKU and Standard SKU

58
Q

What is the key difference between the Basic and Standard Load Balancer?

A

Standard offers more advanced features like increased scalability, zone redundancy, and enhanced security

59
Q

Can a Basic Load Balancer be upgraded to Standard?

A

Yes, using automated scripts or Azure PowerShell

60
Q

Which load balancer supports global VNet peering?

A

Standard Load Balancer supports global virtual network peering, Basic does not

61
Q

What type of outbound connectivity does Standard Load Balancer offer?

A

Explicitly defined using standard public IP addresses or standard public load balancer

62
Q

What is IP 168.63.129.16?

A

It is the virtual IP for the Azure infrastructure load balancer used by health probes

63
Q

What are inbound NAT rules used for?

A

To direct traffic to a specific backend resource, such as a VM

64
Q

How do load balancing rules work?

A

They distribute traffic across a pool of backend resources based on defined rules

65
Q

Can Azure Load Balancer terminate SSL/TLS traffic?

A

No, SSL/TLS termination is not supported by Azure Load Balancer

66
Q

How do you configure Azure Load Balancer with Azure SQL Server Always On?

A

Use Portal or PowerShell to configure the load balancer with the SQL Server

67
Q

What monitoring options are available for Load Balancer?

A

Load Balancer integrates with Azure Monitor for metrics and logging

68
Q

Can Azure Load Balancer be used with Azure Firewall?

A

Yes, follow the official documentation for setup

69
Q

How can you configure outbound rules for Standard Load Balancer?

A

Outbound rules must be explicitly defined for standard public and internal load balancers

70
Q

What are the cost considerations for Basic vs Standard Load Balancer?

A

Standard Load Balancer generally has higher costs but offers more features

71
Q

Can DDoS protection be enabled on Load Balancer?

A

Yes, enabling DDoS Protection applies protection to all backend resources

72
Q

What happens if DDoS protection is enabled for the frontend IP of a load balancer?

A

All backend pool resources are protected

73
Q

Can a VM be added to multiple backend pools?

A

Not for NIC-based load balancers, but IP-based load balancers can support this

74
Q

Can an on-premises IP be added to an Azure Load Balancer backend pool?

A

No, only Azure-specific resources can be added to the backend pool

75
Q

What is the maximum throughput of an Azure Load Balancer?

A

Throughput is determined by the backend virtual machines’ capacity

76
Q

What is the importance of health probes?

A

Health probes ensure that backend instances are available before traffic is routed to them

77
Q

Which tool can be used to view health probe traffic?

A

Netstat can be used to view health probe traffic

78
Q

How can you upgrade from a Basic to Standard Load Balancer?

A

Use automated scripts or Azure PowerShell for an upgrade

79
Q

Can you ping the frontend of your Standard Load Balancer?

A

Yes, you can ping the Standard Public Load Balancer frontend

80
Q

Can Load Balancer work with custom IP address prefixes?

A

Yes, Load Balancer supports Bring Your Own IP (BYOIP) scenarios

81
Q

Does Load Balancer support multi-region availability?

A

Yes, Standard Load Balancer supports zonal and cross-regional availability

82
Q

How does Standard Load Balancer differ from Basic in terms of security?

A

Standard offers advanced security features such as DDoS protection

83
Q

Does Load Balancer support global load balancing?

A

No, Azure Traffic Manager or Front Door is used for global load balancing

84
Q

How do you integrate Load Balancer with Azure Monitor?

A

You can enable logging and metrics via Azure Monitor

85
Q

Can Load Balancer be used for both IPv4 and IPv6?

A

Yes, Load Balancer supports both IPv4 and IPv6 configurations

86
Q

How can Load Balancer help in disaster recovery?

A

By distributing traffic across multiple regions, Load Balancer ensures redundancy and failover

87
Q

What features does Standard Load Balancer offer for high availability?

A

Zone redundancy, health probes, multi-region deployments, and integration with virtual machines

88
Q

Can Load Balancer balance traffic across different Availability Zones?

A

Yes, Standard Load Balancer supports traffic distribution across zones

89
Q

How are outbound rules defined in a Standard Load Balancer?

A

Outbound rules need to be explicitly defined for outbound traffic

90
Q

What is the difference between health probes in Standard and Basic Load Balancer?

A

Standard has more robust health probe configurations and monitoring options

91
Q

How do you monitor backend instance traffic?

A

Use Azure Monitor metrics or netstat to analyze traffic

92
Q

What happens if a health probe fails?

A

If a health probe fails, the Load Balancer stops routing traffic to that instance until it is healthy again

93
Q

Does Load Balancer have built-in DDoS protection?

A

DDoS protection is available on Standard SKU, but must be enabled

94
Q

How is load distributed among VMs in a backend pool?

A

Load is distributed using load-balancing rules and health probes

95
Q

How do Availability Sets work with Load Balancer?

A

All VMs in an Availability Set must follow the same load balancing rules if using the same Load Balancer

96
Q

How can Load Balancer help with application failover?

A

By using health probes and zonal configurations, traffic is rerouted in case of instance failure

97
Q

How does Load Balancer handle inbound NAT rules?

A

Inbound NAT rules direct traffic to a specific backend resource like a VM

98
Q

Does Load Balancer support session persistence?

A

Yes, Load Balancer can configure session persistence using ‘source IP’

99
Q

Can you view the public IP used by your VM through Load Balancer?

A

Yes, by using services like OpenDNS or the nslookup command

100
Q

What ports are restricted for health probes?

A

Ports 19, 21, 25, 70, 110, 119, 143, 220, 993 are restricted for security reasons

101
Q

How do you configure Azure Load Balancer with Azure SQL Always On availability?

A

Use Portal or PowerShell to configure Load Balancer for SQL Always On

102
Q

What happens when a frontend IP reaches connection limits?

A

The Load Balancer uses another frontend IP for traffic distribution.

When a frontend IP in an Azure Load Balancer reaches its connection limits, several key behaviors occur:

Connection Denial: The load balancer can no longer accept new inbound connections once the limit is reached. Any new connection attempts are denied or dropped. Existing connections will continue to function unless the connections themselves hit other limits or encounter issues.

Scaling Considerations: For a Standard Load Balancer, connection limits are higher, and you can use multiple front-end IPs or scale the backend pool to distribute the traffic more evenly across resources. This way, the load balancer can handle higher volumes of traffic without hitting a single IP limit.

Application Impact: Applications relying on that frontend IP may experience degraded performance or outages for new incoming requests if the connection limit is breached. Ongoing traffic could be rerouted or dropped depending on how the infrastructure is configured (e.g., failover mechanisms).

Possible Workaround: To avoid such limits, you can distribute traffic across multiple front-end IP configurations or multiple load balancers. Additionally, configuring autoscaling for backend services ensures the infrastructure can scale to handle more connections effectively.

103
Q

Explain an outbound rule

A

An Outbound Rule in Azure Load Balancer is used to manage and define how outbound traffic flows from your virtual machines (VMs) or virtual machine scale sets to external destinations (i.e., the internet). The rule helps provide predictable and reliable outbound connectivity for resources deployed in Azure.

Key Concepts of an Outbound Rule:
NAT for Outbound Traffic: The outbound rule defines how the source network address translation (SNAT) is handled for outbound traffic. Without an explicit outbound rule, Azure assigns ephemeral IP addresses for outbound connectivity, but you might need control over which IP address is used (e.g., a fixed public IP).

Frontend and Backend Association: The outbound rule connects the backend VMs (or VM scale sets) with a frontend public IP address. When VMs initiate outbound traffic, the load balancer applies SNAT using the frontend public IP as the source, making it appear as if the traffic is originating from that IP.

Idle Timeout: You can configure an idle timeout for outbound connections. This helps you control how long a connection can remain idle before the load balancer closes it.

Allocation of Ports: For each frontend IP configuration, there’s a limit on the number of ports available for SNAT. You can configure outbound rules to distribute these ports more effectively across the backend instances, helping manage high outbound connection volumes.

Benefits:

Predictable IP Addressing: By assigning a static public IP to the outbound rule, you ensure that all outbound traffic from your VMs appears to come from the same IP, which is helpful for security, whitelisting, or compliance purposes.
Scalability: Outbound rules allow for scaling of outbound connectivity, particularly useful when multiple VMs or scale sets need to connect to the internet concurrently.
Example Use Case:
Imagine you have a web application hosted on VMs behind a load balancer. You want all outbound traffic from your VMs to use a single public IP address so that third-party services can whitelist it. You create an Outbound Rule that associates the backend VMs with the frontend public IP, ensuring that any outbound internet traffic uses this IP.

104
Q

Explain how zones are used with the Azure Load Balancer for high availability.

A

Azure Load Balancer supports zone-redundant and zone-specific configurations to ensure high availability for applications deployed across multiple Availability Zones. This provides resilience against zone-level failures and ensures continuous operation of your services.

Key Concepts for Using Availability Zones with Azure Load Balancer:
Availability Zones:

Availability Zones are physically separate data centers within an Azure region. Each zone has its own power, cooling, and networking. Azure Load Balancer can leverage multiple zones to provide redundancy and fault tolerance.
Zone-Redundant Load Balancer:

A zone-redundant load balancer spreads its frontend IP across multiple Availability Zones. This means that the load balancer is highly available across the entire region, and traffic will continue to flow even if one zone goes down.
When you configure the frontend IP of the load balancer as zone-redundant, the load balancer distributes incoming traffic to backend resources spread across multiple zones, improving reliability and availability.
The key benefit here is resilience to zone failures. Even if an entire zone fails, the load balancer continues to route traffic to resources in the remaining zones.
Zone-Specific Load Balancer:

In a zone-specific configuration, the frontend IP is tied to a specific zone. This setup is useful when you want to limit traffic routing to resources only within a certain zone.
Each zone-specific load balancer is isolated within a single zone, which can be beneficial for applications that have strict latency requirements or need to be deployed in specific zones for compliance purposes.
However, in this configuration, if that zone goes down, the load balancer and its associated services may become unavailable.
Backend Pool with Availability Zones:

When deploying VMs or VM scale sets in the backend pool, you can spread these resources across multiple Availability Zones. The load balancer will automatically distribute traffic to these backend resources, ensuring that if one zone fails, traffic is still routed to healthy instances in other zones.
This setup ensures that applications maintain high availability and are protected against zone failures.
Health Probes and Failover:

The load balancer uses health probes to monitor the status of backend resources. In a multi-zone setup, the load balancer can detect if a resource in a specific zone becomes unhealthy or unavailable (due to zone failure) and route traffic to resources in other zones.
This ensures that application traffic is routed to the remaining healthy zones, minimizing downtime.
Example Scenario:
Suppose you have an application deployed across three Availability Zones in a region. You configure a zone-redundant load balancer with VMs in the backend pool spread across all three zones. This ensures that if one zone experiences a failure (power outage, network failure, etc.), the load balancer continues to distribute traffic to VMs in the other two zones. Users experience no downtime because traffic is seamlessly redirected to healthy resources in the remaining zones.

Benefits of Using Availability Zones with Azure Load Balancer:
High Availability: Ensures that your application remains available even if an entire zone fails.
Fault Tolerance: By distributing both the load balancer and backend resources across zones, you minimize the impact of localized failures.
Reduced Latency: In some cases, zone-specific load balancers can be used to reduce latency by keeping traffic within a single zone.
Seamless Failover: Automatic routing of traffic to healthy resources in the event of zone failures.
By leveraging Availability Zones with Azure Load Balancer, you can build highly available and resilient applications that withstand failures at the zone level, providing robust uptime and ensuring business continuity.

105
Q

Explain?

A