locked
Traffic manager Vs load balancer for hosts that need direct access RRS feed

  • Question

  • Hi there,

        We have a service we're looking to move into Azure and have hit a bit of a stumbling block that it looks like traffic manager may help solve.  Figure it's good to ask the experts though :)

    We have a service that listens on a TCP and UDP port for connections on Linux VMs.  No problem there, I can implement linux VMs, add them to a cloud service, add endpoints as a load balanced set and voila.  However.  The service uses a 2 stage connection method which breaks using a load balancer.  The method is:

    Connection 1 - connect via TCP for a control channel

    Connection 2 - connect via UDP for a data channel

    Both of these connections need to end up at the same machine of course.  So the problem is when using the load balancer, the first connection is fine but because the 2nd connection uses a different port/protocol, the LB will send it to another machine.

    I'd tried using the 'direct return path' option on a LB set but that doesn't appear to work as the Linux VMs have no directly accessible IP address so the traffic is just dropped.

    SO...I'm thinking perhaps we can use traffic manager with a round robin approach to balance the traffic.  The only issues I see are:

    1) DNS TTL will most likely not send the traffic to different VMs (and we need a good round-robin spread)

    2) Traffic manager only lets us select cloud services as an endpoint rather than individual VMs.  SO we'll need to create each VM with it's own cloud service.  I suspect we'll run into a resource limit here

    Can anyone think of any other solution?  The 'native' LB solution is very close (and in fact, is exactly what we use in another cloud solution but there we have direct access to the VMs behind the LB as well as through the LB).

    Thanks!

    Dave

    Friday, July 4, 2014 3:22 PM

All replies

  • Hi Dave,

    Traffic Manager works at the DNS level.  That means you get a good traffic spread when you have lots of callers, using different local (caching/recursive) DNS servers.  If you have a small number of callers, or callers behind a small number of local DNS servers, you won't get a good traffic spread.

    Also, please beware that creating individual VMs in separate Cloud Services creates a risk that multiple VMs are off-line during Azure Fabric updates / patching cycles.

    I'm afraid I don't have a good alternative proposal.  I'll ask some colleagues and respond again if I come up with anything.

    Regards,

    Jonathan

    Senior Program Manager

    Azure Networking - DNS and Traffic Manager

    Friday, July 4, 2014 3:37 PM
  • Thanks Jonathan.  We could live with the multiple VMs being taken offline if we could make sure each cloud service was in a different set...

    However, your point about the DNS traffic spread is a good one and may perhaps be "the reason" not to solve this with traffic manager.

    If only the load balancer could allow the direct access to the VMs. 

    Do let me know if you dig up anything.

    Thanks again!

    Dave

    Tuesday, July 8, 2014 12:21 AM