Hello @SafiyullahSA ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you would like to understand how Azure load balancer works.
Azure Load Balancer operates at the transport layer of the OSI model. This Layer 4 functionality allows traffic management based on specific properties of the traffic. Properties including, source and destination address, TCP or UDP protocol type, and port number.
Load Balancer has several components that work together to ensure an application's high availability and performance.
Refer: https://learn.microsoft.com/en-us/azure/load-balancer/components
- The front-end IP address is the address clients use to connect to your web application. A front-end IP address can be either a public or a private IP address. Azure load balancers can have multiple front-end IPs.
- A load balancer rule defines how traffic is distributed to the back-end pool. The rule maps a given front-end IP and port combination to a set of back-end IP addresses and port combination.
- The back-end pool is a group of VMs or instances in a Virtual Machine Scale Set that responds to the incoming request.
- A health probe is used to determine the health status of the instances in the back-end pool. This health probe determines if an instance is healthy and can receive traffic.
- Azure Load Balancer uses a five-tuple hash-based distribution mode by default. The five-tuple consists of Source IP, Source port, Destination IP, Destination port and Protocol type. The hash is used to route traffic to healthy backend instances within the backend pool and traffic from the same client IP can be routed to any healthy backend. You can also configure Session persistence distribution mode which uses two-tuple (source IP and destination IP) or three-tuple (source IP, destination IP, and protocol type) hash to route to backend instances. When using session persistence, connections from the same client go to the same backend instance within the backend pool.
Refer: https://learn.microsoft.com/en-us/azure/load-balancer/distribution-mode-concepts
Now, the question arises about how the response from the backend VM is routed back to the source. Is the response routed directly by the VM or is it routed by the internal load balancer (ILB).
Yes, you are correct. A response to an inbound flow is always a response from a virtual machine. When the flow arrives on the virtual machine, the original source IP address is also preserved. Every endpoint is answered by a VM. For example, a TCP handshake occurs between the client and the selected backend VM. A response to a request to a front end is a response generated by a backend VM. When you successfully validate connectivity to a front end, you're validating the connectivity throughout to at least one backend virtual machine.
Refer: https://learn.microsoft.com/en-us/azure/load-balancer/concepts
Kindly let us know if the above helps or you need further assistance on this issue.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.