Monthly Archives: February 2016

Azure Application Gateway


Azure Application Gateway provides application-level routing and load balancing services which let you build a scalable and highly-available web front end in Azure. You control the size of the gateway and can scale your deployment based on your needs.
Application Gateway currently supports layer-7 application delivery for the following:

  • HTTP load balancing
  • Cookie-based session affinity
  • Secure Sockets Layer (SSL) offload


Demonstration Scenario

Here, in order to demonstrate the session affinity of the Azure Application Gateway load balancer without the VM scaling option. We need to setup the infrastructure in following architecture.
Here, We have two VM configure in different Cloud Services. We have chosen two cloud services to demonstrate that App Gateway load balancer is different from implicit load balancer which each cloud service has. Each cloud service have just one VM inside it. Both the VM’s are configured in the same azure virtual network, so they can talk to each other and share the same IP convention as specified in the subnet.
Then, we create Application Gateway in the same virtual network and configured to load balance between this two VM with cookie affinity.
Azure appliaction gateway will get the request from the internet of configured DNS address or public IP and would route the request to each VM in the round robin fashion. It monitors the health of the VM by probing configured port (which you specify in BackendHttpSettings section) very 30 second. If the response from these endpoint doesn’t like in 200-390 range, the endpoint is taken out from the pool this next probes happen.

Configure Azure Application Gateway

In order to configure azure application gateway for mention architecture, following are the steps

  1. Create Virtual Network in which VM needs to be placed
  2. Create two identical VM and configure it to be place in same virtual network created above
  3. Configure each VM to host ASP.NET web application and deploy the sample application on them
  4. Create Application Gateway loadbalancer and configure it to load balance the VMs
  5. Validate the application and check if the connection is persists for entire session to same machine

Steps 1

Create Virtual Network in Classic


Give a logical name,

Create Address Space :
Create Two Subnets :

  • 1st Subnet :
  • 2nd Subnet:

Steps 2

Create two VM’s with the Name as sbag1vm1 and sbag1vm2

During the creation of these VM,

VM were put in Virtual Network “Shabs-VirNet” which we had configured earlier

Subnet was of address space which we configure while creating the Shabs-VirNet


Step 3

Each VM needs to be configure as Web server which need to host sample ASP.NET web application on it. Here, we had deployed the sample ASP.NET web application to demonstrate the use of session affinity. ASP.NET application generate session cookie everytime new request hits the server and maintains it through the lifetime of the user session on the server.

Sample app will save a counter in the session state in memory (metal love) and respond to your page refreshes with updated session data.


Step 4

Create the new Application Gateway with following powershell script.

I won’t go in details of explaining each of command in this entire powershell script, but on the whole it creates the Application Gateway with name ‘noscaleapplicationgateway’ and configure it for load balance across two VM’s

$checkGateway = Get-AzureApplicationGateway noscaleapplicationgateway
if($checkGateway -eq $null)
   New-AzureApplicationGateway -Name noscaleapplicationgateway -VnetName applicationgatewaynetwork -Subnets("Subnet-1")
Get-AzureApplicationGateway noscaleapplicationgateway
#Set Application Gateway Configuration
Set-AzureApplicationGatewayConfig -Name noscaleapplicationgateway -ConfigFile $GatewayconfigurationFilePath
#Start Gateway
Start-AzureApplicationGateway noscaleapplicationgateway
#Verify that gateway is running
Get-AzureApplicationGateway noscaleapplicationgateway

Once the Gateway starts (at which point billing also starts), the Get-AzureApplicationGateway command will return a result that looks like the following. Note the DnsName field which contains the URL which users can access to interface with the Application Gateway.


Step 5

Verify the application,  Try accessing the Application Gateway URL from different browsers to hopefully hit the different VMs that you deployed (you can keep closing and reopening browsers until you succeed). Your screen .should look similar to the following. Note that I am accessing the Application Gateway URL here.


If you view the cookies now, you would find the secret sauce that is making the Application Gateway tick.


ARRAffinity cookie contains data that helps Azure Application Gateway determine the endpoint to which it should route the request (yes it is ARR under the hood). ASP.NET_Sessionid cookie is a standard session cookie that contains session identifier.

Azure Traffic Manager Overview

What is Azure Traffic Manager?

Microsoft Azure Traffic Manager allows you to control the distribution of user traffic to your specified endpoints, which can include Azure cloud services, websites, and other endpoints. Traffic Manager works by applying an intelligent policy engine to Domain Name System (DNS) queries for the domain names of your Internet resources. Your Azure cloud services or websites can be running in different datacenters across the world.

Where does Azure Traffic Manager help?

Improves availability

Traffic manager improves the availability of the applications by providing automatic failover capabilities when an Azure cloud service, Azure website, or other location goes down.

Reduce latency

Traffic manager improves the responsiveness of your application and content delivery by directing end-users to the endpoint with the lowest network latency from the client.

Scaling up across globe

Traffic manager help you application to scale across various Azure datacentre across the globe and load balance traffic across the varied region endpoints

Traffic distribution for large, complex deployments

Traffic manager supports the nested profile, which you would need to create configurations to optimize performance and distribution for larger, more complex deployments

How Azure Traffic Manager work?


This figure explain the how the Traffic Manager works in the action. Follow the number in the blue bubble to the interaction in action.


This is typical network architecture looks like. Note, this is just sample architectural splice, and do not that this as definite exclusive.


How do you create one?

Here, how you create Traffic Manager on the Web


Here, you need to give the DNS name for the traffic manager.

It would be, and you choose the load balancing method.

Performance – Shortest latency between the region

Round Robin – Equal distribute traffic across the region

Failover – DR scenarios


Performance – When you choose Performance, Microsoft maintains the latency table in the routes, which guides the latency with various data center. It not real time, but pretty quick to find the shortest latency from the point.

Failover – All connection to one set of server, and if failover, then it send connections to second set of server

This can be change later on, once you define the traffic manager

Click on the Configure Tab


You can configure the Endpoints for the Traffic Manager, where you can add websites, or add Webapps to the site.



In Configuration tab, you can change the load balacing method, you you can use PowerShell to create nested Traffic manager profile.


You can mask the DNS with the CNAME, which mask the * URL with you DNS url.