Routing Rules in Azure Application Gateway: Options, Design, and Implementation

Azure Application Gateway is a Layer 7 (HTTP/HTTPS) load balancer that provides intelligent traffic routing, SSL termination, and Web Application Firewall (WAF) capabilities. At the core of its traffic management functionality are routing rules, which determine how incoming client requests are processed and forwarded to backend resources. Well-designed routing rules are essential for the scalability, security, and maintainability of modern web applications.

What are Routing Rules?

Routing rules in Azure Application Gateway define the mapping logic between frontend listeners and backend target pools. Each rule evaluates incoming requests based on specified criteria, such as protocol, hostname, or URL path, and routes them accordingly.

A routing rule typically links the following components:

• Listener: Defines protocol (HTTP/HTTPS), port, and hostname.
• Backend Pool: One or more target resources (VMs, VM Scale Sets, App Services, or IPs).
• Backend HTTP Settings: Define protocol, port, affinity, timeout, and health probe.
• Optional Path Map or Rewrite Rules: For more granular routing and request modification.

Types of Routing Rules

Basic Routing Rules: Basic rules provide one-to-one routing. All traffic that matches a listener is forwarded to a single backend pool using predefined HTTP settings.

Use cases:

• Single web application per gateway
• Simple load balancing scenarios
• Non-multi-tenant environments

Advantages:

• Easy to configure and manage
• Lower complexity and cost

Limitations:

• No support for path-based routing
• Less flexible for microservices or multi-application hosting

Path-Based Routing Rules: Path-based rules enable routing based on URL paths (for example, /api/*, /images/*). A single listener can route traffic to multiple backend pools depending on the request path.

Use cases:

• Microservices architectures
• Hosting multiple applications behind a single domain
• API and frontend separation

Advantages:

• Efficient resource usage
• Enables application consolidation
• Reduces gateway sprawl

Example:

• com/api/* → BackendPool-API
• com/app/* → BackendPool-Web

Source: Microsoft Learn

Host-Based Routing: In addition to path-based routing, Azure Application Gateway supports host-based (multi-site) routing. This uses different listeners for different hostnames, such as:

app.contoso.com

api.contoso.com

Each hostname is mapped to its own routing rules and backend pools. Host-based routing is commonly combined with HTTPS and multi-site listeners to host multiple applications on a single gateway.

Design Considerations for Routing Rules

When designing routing rules, several factors must be carefully evaluated:

Application Architecture

• Monolithic applications usually work better with basic rules.
• Microservices benefit from path-based routing.
• Multi-tenant platforms often require host-based routing.

Security Requirements

• HTTPS listeners with SSL termination at the gateway improve performance and security.
• WAF policies can be attached at the gateway, listener, or path level.
• Separate routing rules can isolate sensitive endpoints (e.g., /admin/).

Scalability and Maintainability

• Overuse of listeners increases administrative overhead.
• Logical path grouping improves readability and long-term management.
• Consistent naming conventions are critical in environments with many rules.

Performance

• Each routing rule adds processing overhead.
• Health probes should align with path-based backends for accurate monitoring.
• Session affinity should be enabled only when required.

Best Practices

• Use path-based routing to reduce infrastructure footprint.
• Terminate SSL at the gateway and re-encrypt if compliance requires it.
• Keep routing rules simple and documented.
• Regularly review unused rules and backend pools.
• Combine routing rules with rewrite rules for clean URLs and header manipulation

For professionals looking to deepen their understanding of these concepts and apply them in real-world scenarios, the AZ-700: Designing and Implementing Microsoft Azure Networking Solutions course offers structured, hands-on guidance aligned with Microsoft best practices.

Efficient Traffic Management

Routing rules form the foundation of Azure Application Gateway’s traffic management capabilities. By carefully selecting the appropriate routing type, whether basic, path-based, or host-based, and applying well-considered design principles, organisations can create application delivery architectures that are scalable, secure, and easy to maintain. Effective implementation, combined with continuous monitoring and optimization, ensures that Azure Application Gateway adapts to evolving application demands and business requirements while delivering consistent performance and reliability.

About CloudThat