Forum Discussion

miksingh's avatar
miksingh
Copper Contributor
Dec 03, 2021

Azure load balancer - n-tier application

Hi,

 

I have a n-tier application, so the usual roles: web, processing, data. The would all go into a single vnet, but each tier will be deployed as active/passive, in this case using availability zones. 

 

Subnet 1

Web-1 (active in AZ 1)

Web-2 (passive in AZ2)

 

Subnet 2

Processing-1 (active in AZ1)

Processing-2 (passive in AZ2)

 

Subnet 3

Data-1 (active in AZ1)

Data-2 (passive AZ2)

 

I am planning to use a single Azure Standard LB, which would be in subnet 4 and have 3 front-ends (FE) and 3 backends (BE). There would be a LB rule using HA to map each FE to a BE. Additionally each subnet would be controller with NGS. The question I have is weather using a single Azure LB vs using one for each tier as well as the consideration for availability zones. To explain each app tier has a VM instance in zone 1 (active) and zone 2 (passive), however the LB also has zone redundancy options and I want establish what may be the best option to meet the best HA?

1 Reply

  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    Oct 26, 2025

    Below the best practice you may consider:

     

    1. Use Zone-Redundant Frontend IPs
    • Recommended: Use zone-redundant frontend IPs for your Standard Load Balancer.
    • This ensures the LB is not tied to a single zone, and traffic can be routed to healthy instances across zones.
    • This is critical for resiliency in case one AZ becomes unavailable.
    1. Single vs Multiple Load Balancers
    • Single Load Balancer is sufficient and recommended for most n-tier apps:
      • Reduces complexity and cost
      • Easier to manage and monitor
      • Still supports multiple frontends and backend pools
    • Multiple Load Balancers may be justified if:
      • You need different SLAs or configurations per tier
      • You want tier isolation for security or compliance
      • You have different traffic patterns or protocols per tier
    1. Backend Pool Configuration
    • Ensure each backend pool includes VMs from multiple zones.
    • Use availability zone-aware rules and health probes to detect failures and reroute traffic.
    1. HA Ports and Floating IP
    • Use HA Ports for backend rules if you're handling non-HTTP(S) traffic or need port agnostic load balancing.
    • Enable Floating IP if you're using SQL Always On or failover clustering in the data tier.
    1. NSG and UDR Considerations
    • Ensure NSGs and User Defined Routes (UDRs) do not block health probe traffic.
    • Allow traffic from Azure Load Balancer IP: 168.63.129.16 for health probes.

    Azure Load Balancer Best Practices - Azure Load Balancer | Microsoft Learn

     

    Azure Load Balancer and Availability Zones - Azure Load Balancer | Azure Docs

Resources