Load Balancing and DNS Exam Tips

This section consolidates key concepts for exam preparation covering:

• Azure Load Balancer
• Azure DNS
• These are commonly tested topics in Azure networking exams (AZ-104, AZ-700, AZ-305).

1️⃣ Azure Load Balancer – What You MUST Remember for the Exam#

✅ Core Concept#

• Azure Load Balancer is a Layer 4 (Transport Layer) load balancer.

It distributes traffic based on:

• Source IP
• Source Port
• Destination IP
• Destination Port
• Protocol (TCP/UDP)
• ⚠ It does NOT inspect HTTP headers (that’s Layer 7).

2️⃣ Regional vs Global Load Balancer#

🔹 Regional#

Balances traffic within one Azure region

Can be Public or Internal

🔹 Global (Public Only)#

• Balances traffic across multiple regions
• Still has a “home region”
• Only supported for Public Load Balancer
• ⚠ Internal Load Balancer cannot be Global.

3️⃣ Core Components (Highly Testable)#

1️⃣ Frontend IP Configuration#

Determines:

• Public or Private
• Entry point for traffic
• Exam trap: If frontend is private → not internet accessible.

2️⃣ Backend Pool#

Contains:

• VMs
• VM Scale Sets
• NICs
• IPs
• Traffic is distributed across backend pool members.

3️⃣ Health Probe#

• Critical for exam questions.
• If probe fails: → Instance removed from rotation.

Common mistakes:

• Wrong port
• NSG blocking probe
• Application not running

4️⃣ Load Balancing Rules#

• Maps: Frontend Port → Backend Port

Defines:

• Protocol
• Health probe association
• Session persistence
• Exam scenario example: SSH failing because backend port set incorrectly.

4️⃣ Troubleshooting – Exam Strategy#

Always troubleshoot in this order:

Step 1: Configuration#

• Frontend IP exists?
• Backend pool correct?
• Rule ports correct?
• Health probe healthy?

Step 2: Connectivity#

Determine:

• Inbound issue?
• Outbound issue?

Outbound Connectivity Exam Scenario#

• Common issue: VM cannot access internet.

Causes:

• No public IP
• No outbound rules
• No NAT Gateway
• Default outbound access deprecated
• Best production solution: Use Azure NAT Gateway
• Why?
• Prevents SNAT port exhaustion
• Scales better than public IP per VM

5️⃣ Performance Troubleshooting#

Know these tools:

Azure Monitor Metrics#

Check:

• Byte count
• SNAT usage
• Flow count

Diagnostic Settings#

Send logs to:

• Log Analytics
• Storage Account
• Event Hub

Load Balancer Insights#

View:

• Backend health
• Flow distribution
• Availability
• Throughput
• Exam tip: If uneven traffic → check hash distribution and session persistence.

6️⃣ Azure DNS – What You Must Know#

Public DNS#

Used for:

• Public websites
• Public load balancers
• Records publicly resolvable.

Supports:

• A
• AAAA
• CNAME
• MX
• TXT
• NS
• SOA
• SRV
• PTR
• ⚠ DNSSEC not supported.

Private DNS#

Used for:

• Internal VM communication
• Private endpoints
• Internal Load Balancer

Requires:

• Virtual Network Link

Optional:

• Auto-registration

7️⃣ Auto-Registration (Private DNS)#

If enabled:

• Automatically creates A records for VMs
• Updates if IP changes

If disabled:

• Must manually create records
• Exam tip: If VM not resolving → check VNet link + DNS settings.

8️⃣ Public vs Private DNS (Exam Comparison)#

9️⃣ Common Exam Traps#

🚩 Internal Load Balancer exposed to internet → Impossible 🚩 Health probe failing → No traffic to VM 🚩 VM cannot access internet → Outbound config issue 🚩 DNS record exists but not resolving → VNet link missing 🚩 Custom DNS configured → Azure Private DNS ignored

🔟 Architecture-Level Understanding (High-Level Questions)#

• Internet → Public DNS → Public Load Balancer → Backend Pool
• Internal communication: VM → Private DNS → Private IP
• Hybrid scenario: On-prem DNS ↔ Azure DNS Private Resolver ↔ Azure Private DNS

11️⃣ Key Differences You Must Memorize#

12️⃣ High-Yield Exam Questions#

• Q: What removes a backend VM from load balancing? → Failed health probe.
• Q: Can internal Load Balancer be global? → No.
• Q: Best outbound method for production? → NAT Gateway.
• Q: What enables private DNS resolution? → VNet link.
• Q: What happens if VM uses custom DNS? → Private DNS zone may not resolve.

13️⃣ Reference Documentation#

• Azure Load Balancer Overview
• Troubleshoot Load Balancer
• Outbound Connections
• Azure DNS Overview
• Private DNS

Final Exam Strategy#

If a question mentions:

• “Layer 4” → Azure Load Balancer
• “URL routing” → Application Gateway
• “Global HTTP routing” → Front Door
• “DNS-based routing” → Traffic Manager
• “Internal name resolution” → Private DNS

Ultimate Takeaway#

• Azure Load Balancer = Traffic distribution (L4) Azure DNS = Name resolution (Public & Private) Troubleshooting = Configuration → Connectivity → Performance

If you'd like, I can now create:

• 🧠 40–60 mock exam questions
• 📊 Rapid revision sheet (1-page cram guide)
• 🏗 Architecture scenario-based exam practice
• 🎯 AZ-104 / AZ-700 targeted cheat sheet
• Tell me which certification you're preparing for.