Beginning right this moment, Azure Load Balancer allows clients to handle port forwarding for Digital Machine Scale Units or a gaggle of digital machines in a backend pool with a single set-up with minimal administration overhead.
What’s port forwarding?
Port forwarding helps you to connect with particular digital machines by utilizing the Load Balancer frontend IP deal with and port quantity. Load Balancer, upon receiving the site visitors on a sure frontend port, will ahead site visitors to the goal digital machine on a particular backend port.
By using an inbound NAT rule, you may entry digital machines in a digital community by way of the IP deal with and port of the Load Balancer.
Inbound NAT rule or load balancing rule?
In a nutshell, inbound NAT rule is used for site visitors forwarding by mapping every digital machine to a frontend port of the Load Balancer for entry. All site visitors arriving on the specified frontend port of the Load Balancer will likely be straight forwarded to a single focused digital machine. Due to this fact, site visitors isn’t load balanced on this case. Inbound NAT guidelines are helpful once you wish to ahead site visitors on to a particular digital machine and port mixture. Whereas load balancing guidelines are used to distribute site visitors coming to a particular frontend of the Load Balancer throughout all digital machines within the backend pool.
Determine 1: Inbound NAT rule for single machine.
Determine 2: Load Balancing rule.
You possibly can have each load balancing guidelines and inbound NAT guidelines on the identical Load Balancer. For instance, a load balancing rule will be arrange for the precise backend pool from frontend port 80 to backend port 80, in order that incoming site visitors will be distributed throughout the digital machines within the backend pool. On the identical time, it’s also possible to arrange an inbound NAT rule for every digital machine on backend port 443 so that you could use Distant Desktop Protocol (RDP) to entry every digital machine for administration functions.
Determine three: Use each inbound NAT rule and cargo balancing rule on a backend pool.
What are the client challenges that we intention to resolve?
Inbound NAT guidelines for particular person goal machine
When you may have a big backend pool with frequent scaling up and down, this method will create pointless overhead. An inbound NAT rule must be deleted earlier than the goal digital machine will be taken out of the backend pool. Equally, every time scaling up happens, a brand new inbound NAT rule for the brand new digital machine must be created to finish the port forwarding set-up.
Inbound NAT pool
Inbound NAT pool is an current choice for backend pool composed of Digital Machine Scale Units. Nevertheless, updating inbound NAT pool introduces further steps behind the scenes which might lead to longer deployment time. Moreover, this method isn’t viable when your backend pool consists of a gaggle of digital machines.
Common port forwarding resolution for backend pool of every type
Inbound NAT rule for Digital Machines Scale Units, Digital Machines, or IP addresses in a backend pool
As we speak, we’re saying the addition of port administration for backend pool to inbound NAT guidelines. It’s the popular resolution for establishing port forwarding for backend pool of every type together with Digital Machines Scale Units, digital machines, and IP addresses.
Primarily based on frontend port vary begin, most variety of machines in backend pool outlined for an inbound NAT rule, Load Balancer will pre-allocate a spread of frontend ports ranging from frontend port vary begin. The vary finish is calculated by including most variety of machines within the backend pool to frontend port vary begin to make sure that there are sufficient frontend ports within the occasion of scaling up.
Determine four: Add inbound NAT rule.
On this instance, Load Balancer will pre-allocate 1000 frontend ports ranging from port 500. On this case, the backend pool can scale as much as 1000 machines with out requiring further administration from the client.
Determine 5: Inbound NAT rule for backend pool.
Retrieve port mapping for particular person machines
As soon as the inbound NAT rule is created, Load Balancer will assign the frontend port to every digital machine within the backend pool. Port mappings of current machines won’t change within the occasion of scaling up or down. On this instance, to entry centralus-vm1 on port 443, you need to use https://188.8.131.52:502.
Determine 6: Port mapping for particular person machines.