Azure – Networking – Part 26 – Azure Load Balancer – Outbound Connectivity

Hello Friends,

Hope you all are doing good. In our last article we have discussed about, how to configure Azure Basic Load Balance. Today in this article, we will discuss on Outbound Rule of Azure Load balancer.

Tool Installation Articles :

1. Configure Azure Command Line Interface ( Azure CLI) On Windows
2. Configure PowerShell For Microsoft Azure Az Module On Windows

Previous Azure Series :

1. Learn Basics Of Azure Networking In 100 Hours
2. Learn Basics Of Microsoft Azure Storage services
3. Learn Basic Of Azure Active Directory And Azure Identity And Access Management
4. Azure DevOps – Learn at one place
5. Learn Basics Of Lift-And-Shift Migration To Azure

If you have missed our previous articles on Azure Networking, please check it in following links.

Part 1 – Basics of Azure Networking

• *
• *
• *

Part 19 – Azure Traffic Manager 2 -Create Traffic Manager Profile using (Cloud Shell)

Part 20 – Azure Route Table

Part 21 – Azure Route Table 2 – Configure User Define Route (UDR)

Part 22 – Azure Load Balancer – Overview

Part 23 – Azure Load Balancer -Configure Basic Load Balancer – 1

Part 24 – Azure Load Balancer – Configure Basic Load Balancer – 2

Part 25 – Azure Load Balancer – Configure Basic Load Balancer -3

Next Article : Part 27 – Azure Load Balancer – Outbound Rule – Lab Exercise

Azure Load Balancer Rules

There are following 3 types of rules when we are talking about load balancer.

1. Load Balancing Rule – When a request comes on to Azure LB, based on this rule LB decide, where to direct the traffic and on which backend pool.
2. NAT Inbound Rule : An inbound NAT rule forwards incoming traffic sent to frontend IP address and port combination. The traffic is sent to a specific virtual machine or instance in the backend pool.
3. Outbound Rule – Outbound rules allow us to explicitly define SNAT(source network address translation) for a public standard load balancer.

Azure Load Balancer (LB) Outbound Rule

Here in the above section, point 1 and point 2 is all about Inbound Connectivity. They have been initiating on to the Azure VM and the VM giving response back to the user.

Now in this article I would like to go through the concept of Outbound Rules of Azure load balancer for Outbound Connectivity.

This LB allows us to use the public IP(s) of our load balancer to provide outbound internet connectivity for our backend instances.

Benefits of Azure LB Outbound Rule

As per Microsoft documentation and showing in the above figure, using Outbound rules, we can control following scenarios like,

• Which virtual machines are translated to which public IP addresses.
  • Two rules were backend pool 1 uses the blue IP address 1 and 2, backend pool 2 uses the yellow IP prefix.
• How outbound SNAT ports are allocated.
  • If backend pool 2 is the only pool making outbound connections, give all SNAT ports to backend pool 2 and none to backend pool 1.
• Which protocols to provide outbound translation for.
  • If backend pool 2 needs UDP ports for outbound, and backend pool 1 needs TCP, give TCP ports to 1 and UDP ports to 2.
• What duration to use for outbound connection idle timeout (4-120 minutes).
  • If there are long running connections with keepalives, reserve idle ports for long running connections for up to 120 minutes. Assume stale connections are abandoned and release ports in 4 minutes for fresh connections
• Whether to send a TCP Reset on idle timeout.
  • When timing out idle connections, do we send a TCP RST to the client and server so they know the flow is abandoned?

Scenarios With Azure LB Outbound Rules

• Configure outbound connections to a specific set of public IPs or prefix.
• Modify SNAT port allocation.
• Enable outbound only.
• Outbound NAT for VMs only (no inbound).
• Outbound NAT for internal standard load balancer.
• Enable both TCP & UDP protocols for outbound NAT with a public standard load balancer.

With the above information, I am concluding this article. I hope this is informative to you. Please let me know if I missed anything important or if my understanding is not up to the mark. In our next article, we will go through a simple example on Azure LB Outbound Rule.

Next Article : Part 27 – Azure Load Balancer – Outbound Rule – Lab Exercise

Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more. In our next article we will continue with the Lab exercise with configuring load balancer.

If you have any suggestion / feedback / doubt, you are most welcome. Stay tuned on Knowledge-Junction, will come up with more such articles.

Thanks for reading 🙂