Category
Azure Traffic Manager – Blog No 1
Time to Read
25 Minutes
Who should read this blog?
If you want to learn about the Traffic Manager as a concept in Azure

Preface

Air Traffic Controller, I am sure you would have heard this term quite often.

What does ATC do – They help thousands of airplanes globally to navigate their way in open skies and help them land at their destinations. This is Job One but the major role ATC play is during turbulent times, What if the actual destination is not safe to land due to various reasons like bad weather, civil issues, or unseen capacity issues. ATC will determine another possible destination in the vicinity and help the airplanes land. Now for this ATC has to keep a close eye on all the airports and their availability to take in the flights. So ATC helps not only in load balancing the Air traffic but helps to achieve high availability for airports.

This is exactly what Azure Traffic Manager does with your traffic of course with a lot more feature sets. Let’s understand in detail.

Why use Azure Traffic Manager

Azure offers multiple load-balancing solutions based on specific requirements and Azure Traffic Manager is one of the solutions. Below is the list of the load-balancing solutions offered by Azure.

❄️ If you want to load balance between your servers in a region at the application layer, use Application Gateway.

❄️ If you need to optimize the global routing of your web traffic and optimize top-tier end-user performance and reliability through quick global failover, use Front Door.

❄️ To do network layer load balancing, use Azure Load Balancer.

❄️ If you want to load balance between your web services across the regions using dns service, based on different traffic routing methods, use Traffic Manager.

the below table would help you to identify the right solution for your application traffic.

Feature	Azure Load Balancer	Azure Front Door	Azure Application Gateway	Azure Traffic Manager
Load Balancing	Layer 4 (TCP/UDP)	Layer 7 (HTTP/HTTPS)	Layer 7 (HTTP/HTTPS)	DNS-based
Use Case	Distributing traffic across VMs, VM scale sets, or availability zones for a single region.	Global CDN and load balancing for web applications, APIs, and microservices.	Web application delivery and SSL offloading with URL-based routing.	Global traffic distribution for applications across multiple regions or endpoints.
Request Routing	IP-based	URL-based	URL-based with path-based rules	DNS-based
SSL Offloading	Not Supported	Supported	Supported	Not Supported
Web Application Firewall	Not Supported	Supported	Not Supported	Not Supported
Scalability	Limited to a single region	Global distribution	Limited to a single region	Global distribution
Health Probing	Basic TCP and HTTP	Advanced health probes	Advanced health probes	Basic HTTP
SSL Certificate Management	N/A	Integrated with Azure Key Vault	Integrated with Azure Key Vault	N/A
Caching and Compression	N/A	Caching at edge nodes	N/A	N/A
Geographical Routing	N/A	Geographical routing	N/A	Geographical routing

As we can see the Azure Front door overlaps or exceeds some features as compared to Traffic Manager but if I would in the shoe of a sales Person, I would pitch it to the customer for below reasons

❄️ Different use cases: Azure Traffic Manager is specifically designed for DNS-based traffic routing, allowing you to control the distribution of user traffic to endpoints based on various routing methods like geographic location, performance, and priority. On the other hand, Azure Front Door focuses on application delivery and provides features like SSL termination, caching, and application acceleration.

❄️ Flexibility and customization: Azure Traffic Manager offers more flexibility in defining routing policies and allows you to use custom endpoints outside of Azure, making it suitable for multi-cloud scenarios or hybrid environments.

❄️ Cost considerations: Depending on the specific requirements of the customer, Azure Traffic Manager may be more cost-effective for their particular use case compared to other solutions.

❄️ Familiarity with the service: The customer might already be using Azure Traffic Manager and be comfortable with its capabilities, making it easier to extend their existing infrastructure rather than adopting a new service.

❄️ Compatibility with existing setups: Azure Traffic Manager might be the best fit for the customer’s current architecture and complement other Azure services they are using.

❄️ Regional limitations: While Azure Front Door and Global Load Balancer are available in multiple regions, there might be instances where Azure Traffic Manager is available in regions where the other services are not.

---

How Traffic manager works

Since it is clear that Azure Traffic Manager uses DNS for its functioning, hence the prerequisite to understanding Traffic Manager is to understand DNS. Refer to my blog Public DNS-Infrastructure and Types of DNS Records before you proceed further. If you already have a good understanding of DNS you may proceed to the next section.

let’s walk through the step-by-step flow of how Azure Traffic Manager would work for the website “www.thecloudblogger.com,” which is hosted on Azure Web Apps endpoints in the EU region (website-eu.cloudapp.net) and the US region (website-us.cloudapp.net). Let us assume that the domain provider is GoDaddy. Refer to the diagram –

---

Configuration in Azure

❄️ Set up Azure Web Apps: The website owner has created two instances of Azure Web Apps, one in the EU region and another in the US region, hosting the website under the domains website-eu.cloudapp.net and website-us.cloudapp.net, respectively.

❄️ Create Azure Traffic Manager Profile: The website owner creates an Azure Traffic Manager profile and configures it to manage the traffic for the domain “www.thecloudblogger.com.”

❄️ Add Endpoints: The website owner adds the two Azure Web Apps endpoints (website-eu.cloudapp.net and website-us.cloudapp.net) to the Traffic Manager profile. These endpoints represent the different instances of the website in the EU and US regions.

❄️ Configure Traffic Manager Settings: The website owner configures the desired traffic routing method in the Traffic Manager profile. For this example, let’s assume they choose the “Performance” routing method to direct users to the endpoint with the lowest latency.

DNS Configuration at GoDaddy

❄️ DNS Record Creation: In the DNS settings provided by GoDaddy, the website owner creates a new CNAME (Canonical Name) record for the domain “www.thecloudblogger.com.”

❄️ Point CNAME to Traffic Manager: The CNAME record is set to point to the Azure Traffic Manager domain name provided by Azure. It typically looks like “mywebsite.trafficmanager.net.”

User Accesses the Website

❄️ User’s DNS Query: When a user enters “www.thecloudblogger.com” in their web browser, their Recursive DNS resolver 1.1.1.1 (usually provided by their ISP or a public DNS service also known as LDNS IP) sends a DNS query to resolve the IP address associated with that domain to GoDaddy name servers. On GoDaddy name servers we would have the CNAME record of www.thecloudblogger.com mapped to mywebsite.trafficmanager.net. The Recursive DNS resolver 1.1.1.1 sends the query to trafficmanager.net domain name servers. Domain trafficmanager.net and its name servers are managed by Azure for traffic manager DNS queries.

❄️ Traffic Manager Response: The DNS query reaches Azure Traffic Manager since the CNAME record points to “mywebsite.trafficmanager.net.”

❄️ Endpoint Selection: Azure Traffic Manager uses the “Performance” routing method to determine which endpoint (EU or US) will provide the best performance for the user based on their geographic location and network conditions.

❄️ DNS Response: Azure Traffic Manager responds to the DNS query with the IP address of the selected endpoint. If the EU endpoint provides better performance for the user, it returns the IP address of “website-eu.cloudapp.net.” If the US endpoint is better, it returns the IP address of “website-us.cloudapp.net.” In our case, since the end user is accessing from a London location he would get website-eu.cloudapp.net as a preferred endpoint.

❄️ Under the trafficmanager.net domain we will have CNAME record for mywebsite.trafficmanager.net as website-eu.cloudapp.net and the traffic manager returns this record to Recursive DNS resolver 1.1.1.1 .

❄️ The Recursive DNS resolver 1.1.1.1 now sends the query to cloudapp.net domain name servers. Domain cloudapp.net and its name servers are managed by Azure for WebApps DNS queries.

❄️ cloudapp.net domain has a A record for website-eu.cloudapp.net as IP 89.117.188.61 which is returned back to Recursive DNS resolver 1.1.1.1.

❄️ Recursive DNS resolver 1.1.1.1 now returns this DNS response back to the Original client who made the request. The flow can be viewed by performing the nslookup on the client machine.

nslookup www.thecloudblogger.com
Server: UnKnown
Address: 1.1.1.1

Non-authoritative answer:
Name: website-eu.cloudapp.net
Addresses: 89.117.188.61
Aliases: www.thecloudblogger.com
mywebsite.trafficmanager.net
website-eu.cloudapp.net

❄️ User Accesses the Website: The user’s browser receives the IP address from the DNS response and establishes a connection to the selected endpoint EU directly, retrieving the website content from that specific Azure Web App instance. Kindly note traffic manager does not come in transit for actual data traffic.

Monitoring and Failover

❄️ Health Monitoring: Azure Traffic Manager continuously monitors the health of the two endpoints. If one of the Azure Web Apps becomes unavailable or unresponsive, Traffic Manager will automatically route traffic to the healthy endpoint.

❄️ Failover: If, for example, the EU endpoint experiences issues, Traffic Manager will detect it and route all traffic to the US endpoint until the EU endpoint becomes healthy again.

By using Azure Traffic Manager, the website owner can ensure that users are directed to the best-performing endpoint based on their geographic location, leading to improved user experience and availability of the website across different regions.

---