While preparing for the AZ-104 exam, many candidates stumble on correctly configuring Azure Load Balancer session affinity scenarios. In enterprise deployments, especially hybrid web farms governed by strict operational policies, ensuring consistent user session routing is critical to meet both performance SLAs and governance compliance. Let’s drill into a real-world inspired scenario.
The Scenario #
Northwind Foods is a traditional retail company modernizing their e-commerce platform by migrating their on-premises web tier to Azure. They currently run five Windows Server 2016 Azure virtual machines configured as web servers behind an Azure Load Balancer named NW-LB. The web servers host session-based applications needing consistent user experience. These VMs are integrated with the company’s Active Directory via Azure Arc and governed under their enterprise CAF policies.
Key Requirements #
Northwind Foods needs to ensure that every visitor’s requests are routed to the same backend web server instance to maintain session state during a user’s browsing session. The solution must be aligned with enterprise governance standards for performance and operational consistency.
The Options #
- A) Enable Floating IP (Direct Server Return)
- B) Set the idle timeout to 20 minutes
- C) Change the protocol to UDP
- D) Configure session persistence to Client IP and protocol
Correct Answer #
D) Configure session persistence to Client IP and protocol.
The Architect’s Analysis #
Correct Answer #
Option D — Configure session persistence to Client IP and protocol.
Step-by-Step Winning Logic #
This configuration enforces session affinity, which ensures that all connections from the same client IP and protocol are directed to the same backend VM. The Azure Load Balancer uses a 5-tuple hash (source IP, source port, destination IP, destination port, protocol), but session persistence adjusts this to maintain stickiness to one server. This supports:
- Reliability: Maintaining session continuity prevents application errors or lost data in session stateful apps.
- Performance Efficiency: Avoids repeated backend re-authentication or session rebuilds, lowering latency.
- Operational Excellence: Simplifies troubleshooting by providing predictable traffic flow.
- Security & Governance: Meets enterprise compliance by enabling predictable traffic flows consistent with hybrid AD integration and monitoring standards outlined in the Microsoft Cloud Adoption Framework.
The Traps (Distractor Analysis) #
- Option A (Floating IP): Useful for Direct Server Return with UDP load balancing scenarios, not applicable for session persistence or TCP-based web traffic.
- Option B (Idle timeout to 20 minutes): Increasing timeout does not guarantee session stickiness; it only affects the load balancer’s TCP flow idle timeout.
- Option C (Protocol as UDP): Changing to UDP is incompatible with typical TCP-based HTTP/HTTPS web workloads requiring session persistence.
The Architect Blueprint #
Mermaid diagram illustrating session persistence in Azure Load Balancer:
Diagram Note:
User requests are consistently routed to the same backend VM because the Azure Load Balancer enforces session persistence based on client IP and protocol.
The Decision Matrix (Associate-Level Analysis) #
| Option | Est. Complexity | Est. Monthly Cost | Pros | Cons |
|---|---|---|---|---|
| A) Enable Floating IP | Medium | Low | Useful for Direct Server Return in UDP scenarios | Not suitable for TCP-based session persistence scenarios; adds configuration complexity |
| B) Idle Timeout 20 min | Low | None (default config) | Extends inactive TCP flow timeout | Does not enforce session stickiness—only controls timeout duration |
| C) Protocol set to UDP | Medium | None | Required for UDP traffic load balancing | Web app traffic is TCP; breaks HTTP/HTTPS session persistence |
| D) Session Persistence: Client IP & Protocol | Low | None | Ensures user requests are routed to same backend VM; meets enterprise reliability needs | Slightly increased load balancer tracking overhead |
Real-World Practitioner Insight #
Exam Rule #
“For load-balanced Windows Server web VMs maintaining session state, always configure session persistence (Client IP and protocol) to meet user experience and SLA demands.”
Real World #
“In enterprise migrations integrating Azure Arc and hybrid identity, session persistence ensures user sessions remain consistent across hybrid-connected VM endpoints, reducing application errors while adhering to governance set by the Microsoft Cloud Adoption Framework.”