An Azure load balancer is a Layer-4 (TCP, UDP) load balancer. Usually a load balancer gave distributed traffic among VMs in it even if one VM is in down state. I prepared this article by referring the Azure doc

In this article I am going to create a load balancer for incoming traffic on HTTP service. Both on port 80 and 443.

At very first we need to have a windows PC/Laptop or a Server which is installed with Azure PowerShell. Because we are going to use Azure PowerShell for implementing Azure Load balancer. Details are in the below Azure doc. I installed Azure powershell using MSI available from github.

Now Open powershell. Issue below command to sign in to  azure account.


Get  existing subscription details using  below command. Note down the subscription ID


Choose which of your Azure subscriptions to use.

Select-AzureRmSubscription -SubscriptionId 'GUID of subscription'

Create a resource group. (Skip this step if you’re using an existing resource group.)

New-AzureRmResourceGroup -Name NRP-RG -location "West US"

Create a virtual network and a public IP address for the front-end IP pool

$backendSubnet = New-AzureRmVirtualNetworkSubnetConfig -Name LB-Subnet-BE -AddressPrefix
New-AzureRmvirtualNetwork -Name NRPVNet -ResourceGroupName NRP-RG -Location 'West US' -AddressPrefix -Subnet $backendSubnet
$publicIP = New-AzureRmPublicIpAddress -Name PublicIp -ResourceGroupName NRP-RG -Location 'West US' 
-AllocationMethod Static -DomainNameLabel loadbalancernrp

Create a front-end IP pool and a back-end address pool
$frontendIP = New-AzureRmLoadBalancerFrontendIpConfig -Name LB-Frontend -PublicIpAddress $publicIP
$beaddresspool = New-AzureRmLoadBalancerBackendAddressPoolConfig -Name LB-backend

Create NAT rules, a load balancer rule, a probe, and a load balancer

$inboundNATRule1= New-AzureRmLoadBalancerInboundNatRuleConfig -Name RDP1 -FrontendIpConfiguration $frontendIP 
-Protocol TCP -FrontendPort 3441 -BackendPort 3389

$inboundNATRule2= New-AzureRmLoadBalancerInboundNatRuleConfig -Name RDP2 -FrontendIpConfiguration $frontendIP
 -Protocol TCP -FrontendPort 3442 -BackendPort 3389

$healthProbe = New-AzureRmLoadBalancerProbeConfig -Name HealthProbe -RequestPath 'HealthProbe.aspx' -Protocol
 http -Port 80 -IntervalInSeconds 15 -ProbeCount 2

$lbrule = New-AzureRmLoadBalancerRuleConfig -Name HTTP -FrontendIpConfiguration $frontendIP -BackendAddressPool
 $beAddressPool -Probe $healthProbe -Protocol Tcp -FrontendPort 80 -BackendPort 80

$NRPLB = New-AzureRmLoadBalancer -ResourceGroupName NRP-RG -Name NRP-LB -Location 'West US' 
-FrontendIpConfiguration $frontendIP -InboundNatRule $inboundNATRule1,$inboundNatRule2 -LoadBalancingRule 
$lbrule -BackendAddressPool $beAddressPool -Probe $healthProbe

Create NICs

$vnet = Get-AzureRmVirtualNetwork -Name NRPVNet -ResourceGroupName NRP-RG
 $backendSubnet = Get-AzureRmVirtualNetworkSubnetConfig -Name LB-Subnet-BE -VirtualNetwork $vnet

$backendnic1= New-AzureRmNetworkInterface -ResourceGroupName NRP-RG -Name lb-nic1-be -Location 'West US' 
-PrivateIpAddress -Subnet $backendSubnet -LoadBalancerBackendAddressPool $nrplb.BackendAddressPools[0]
 -LoadBalancerInboundNatRule $nrplb.InboundNatRules[0]

$backendnic2= New-AzureRmNetworkInterface -ResourceGroupName NRP-RG -Name lb-nic2-be -Location 'West US' 
-PrivateIpAddress -Subnet $backendSubnet -LoadBalancerBackendAddressPool $nrplb.BackendAddressPools[0]
 -LoadBalancerInboundNatRule $nrplb.InboundNatRules[1]

Now we have to attach this Load balanced NICs “lb-nic1-be” and “lb-nic2-be” to the VMs we are going to use under LoadBalancer. If the VMs are already there, add this NIC as additional NIC of VMs. If VMs are not there, create a new one using this NICs.

One another important point is we we need to make sure all VMs under LoadBalancer is in same “availability set”.  If your existing VMs doesn’t have any availability set, then we need to recreate the VMs again to have any availability set.

Refer our own article for creating new VMs for LoadBalancer.

Two NIC cards can’t be added to the some Windows VMs basic plan(VM Size). So in such cases we need to either remove the current NIC in the server and only have the loadbalance NIC added to the VM or Upgrade the VM plan to next level that support two NICs.

In case replacing existing NIC with Load balanced NIC, we have condition as Subnet change of VM is only possible if the both subnet are in the same vnet.  Virtual network change of an existing VM is not possible at this moment.  So need to delete the existing VM and create it again.

Add the network interface to the load balancer

$lb= get-azurermloadbalancer -name NRP-LB -resourcegroupname NRP-RG

$backend=Get-AzureRmLoadBalancerBackendAddressPoolConfig -name backendpool1 -LoadBalancer $lb

$nic =get-azurermnetworkinterface -name lb-nic1-be -resourcegroupname NRP-RG


Set-AzureRmNetworkInterface -NetworkInterface $nic

After a network interface is added to the load balancer back-end pool, it starts receiving 
network traffic based on the load-balancing rules for that load balancer resource.  
At this point we have load balancer which will route traffic on port 80.