[Explained] The Ultimate Handbook for Traffic Manager VS CDN VS Front Door VS Application Gateway
Updated: Jun 29, 2020
Disclaimer:The following content is not officially endorsed by Microsoft.
All of us, at some point, have struggled with the difference between Application Gateway, Load Balancer, Traffic Manager. To further complicate our understanding of this space, Microsoft recently introduced a new service to this pack, Azure Front Door. In this article, I will try to outline a few basic differences between them, and explain the same with an example.
I expect you are familiar with the basics of Azure Front Door/Traffic Manager/Application Gateways, if not I'd suggest to visit this for a level 100 understanding, Azure Networking/Routing solutions.
Let's start with the first distinction,
Global Load Balancer, GLB
Regional Load Balancer, RLB
Out of these, Traffic Manager and Front Door fall under the category of Global Load Balancer, whereas Application Gateway and Load Balancer in the category of Regional Load Balancer.
For CDN is not a Load Balancer, at all. CDN is used for caching static content to improve the overall performance of your application by providing maximum bandwidth for delivery.
Now let’s talk about the differentiating factor between Global and Regional Load Balancer.
If I talk in the most basic terms, GLB distributes traffic to the regional backends(in most cases, to the RLB), while these RLB distributes traffic within virtual networks (VNETs) across Virtual Machine(VMs).
In most multi-region applications, you will need a combination of Global Load Balancer and Regional Load Balancer, which will provide an end-to-end reliable, performant, and secure way to route traffic to and from your users to your IaaS, PaaS, or on-premises services.
Azure Front Door VS Traffic Manager
While both offer, multi-geo redundancy and closest region routing. The most important distinction lies with their routing strategies. While Traffic Manager routing being point to point, Azure Front Door, has its benefit of working with HTTP requests, wherein different URL paths can route to different backends based on rules and health of the applications.
Application Gateway VS Load Balancer
This should be simple. Traditionally, the Load Balancer operates at Layer 4, which is the transport layer to route to specific virtual networks. Application Gateways are Load Balancer which in turn, operates at Network 7, i.e. the Application Layer.
By saying that a traditional Load Balancer operates at Layer 4, it means that it routes traffic between the source and destination IP address and port. While Application Gateway which operates at the Application Layer can also use the additional HTTP Attributes like path or host headers for making routing decisions.
Let’s try to understand this from an example, of a university, who offers both MS and MBA
Any student of this university can fall into either one of these,
An MS Student who wants to go to UPenn’s Department to take tech classes.
An MBA Student who wants to go to Wharton Department to take MBA classes.
How do we route an incoming student between these two?
We will add an application gateway to route between the two based on URL, like this
Now lets say that Wharton decided to provide some online classes, which also consists of downloadable lectures which can be downloaded from any part of the world.
For this, we bring into picture the Global Load Balancer. We would need to use both, Traffic Manager and Azure Front Door for this.
Traffic Manager will be connecting to the CDN endpoints which would ensure faster access to the Class Lectures available as static videos/PDFs, while the Azure Front Door will route all the /online traffic to the Live Class Streaming Services. Azure Front Door takes care of load balancing and routing to the closest region.
Why did we not do all of this with the same Traffic Manager?
Because we do not want to Load Balance between all 4 services, but we wanted to load balance between the 2 regional instances of the Live Class Streaming Service and 2 regional instance of the Class Lectures. At any given point, student might either be consuming the video/PDF content for the Class Lectures OR attending any Professor's Live Streaming Class. He/She will be requesting the Traffic Manager endpoint for the former, while the Front Door endpoint for the latter.
However, we could have achieved the same, had we used an additional Traffic Manager in place of Front Door. Why did we use Front Door we will explore in the next section.
In case Upenn decided to open up a new Campus in Dubai (DXB), how will the entire design change?
Now you will understand, how our earlier choice of using a Front Door will prove to be beneficial, as now we will use the same Front Door to route to Application Gateway of Regional Institute Buildings, and the Regional Live Class Streaming Services, based on the URL path attribute. Whereas, the Traffic Manager Endpoint as before, will be used to download the static content for Class Lectures.
For the Class Lecture Delivery, we have also added a CDN, in the two regions, for better bandwidth.
I hope this makes sense and gave you some insights into each of these Services which would be useful to you in your future projects.