Skip to main content
This guide explains how to configure Azure Traffic Manager, step by step. You’ll learn about endpoint types, nested profiles, probe configuration, DNS behavior, and how to validate routing using diagnostics tools. Keywords: Azure Traffic Manager, routing methods, endpoints, health probes, custom domain, DNS-based load balancing. Traffic Manager uses a parent Traffic Manager profile that references multiple endpoints. Endpoints can be:
  • Azure endpoints — services running in your Azure subscription (App Services, Cloud Services, Public IPs).
  • External endpoints — services outside Azure (on-premises or other clouds), referenced by IP (IPv4/IPv6) or FQDN.
  • Nested endpoints — references to other Traffic Manager profiles (useful for hierarchical routing and large-scale deployments).
Azure Traffic Manager is DNS-based: it returns one or more IPs/FQDNs to the client according to the selected routing method (performance, priority, weighted, geographic, multivalue, subnet).
The image is a diagram illustrating external endpoints in a traffic manager setup, showing a parent profile with regional nodes and endpoint distribution including failed and trial endpoints.

Nested profiles

Nested profiles let the parent profile reference other Traffic Manager profiles. The parent profile has its routing method (for example, latency), and each nested profile can use a different routing method (for example, priority). Use nested profiles to aggregate regions or implement conditional failover across multiple child profiles.
The image is a diagram illustrating nested endpoints in a traffic manager setup, showing the relationship between parent and child profiles across different regions like West US, West Europe, and East Asia. It explains traffic routing, including conditions for failed endpoints and advanced routing configurations for complex deployments.
Important note on nested profiles:
  • The min child endpoints option enforces how many healthy child endpoints must exist before the nested profile accepts traffic. For example, if min child endpoints = 2, the nested profile will only be considered healthy when at least two child endpoints are healthy. If the primary endpoint fails and the nested profile does not meet its minimum healthy child requirement, Traffic Manager will not route traffic to that nested profile.

Portal workflow — create and configure a Traffic Manager profile

Follow these steps in the Azure portal to create a Traffic Manager profile and prepare endpoints.
  1. Create a Traffic Manager profile
    • Choose a globally unique name — this forms the FQDN: your-profile-name.trafficmanager.net.
    • Select a routing method:
      • Performance, Weighted, Priority, Geographic, Multivalue, Subnet
      • Notes:
        • Performance/Weighted/Priority/Geographic typically return a single endpoint per DNS response.
        • Multivalue can return multiple healthy endpoints in one response.
        • Subnet maps client source subnets to specific endpoints.
    • Choose the subscription and resource group. (Traffic Manager is a global resource; the region you pick is only for metadata/storage.)
    • Click Create to deploy the profile.
  2. Configure probes and endpoint health checks
    • Under the profile’s Configuration tab, set:
      • Protocol: HTTP, HTTPS, or TCP
      • Port: probe port (e.g., 80 or 443)
      • Path: probe path (e.g., /health or /)
      • Optional headers and expected status codes
      • Probe interval, tolerated failures, probe timeout
    • These probe settings tell Traffic Manager how to determine endpoint health.
Example of common probe settings:
The image displays a configuration screen for a Traffic Manager profile, highlighting the "Configuration" tab with options like routing method, DNS time to live, and protocol settings. It instructs users to navigate to this tab to manage the Traffic Manager endpoints.
  1. Add endpoints
    • Azure endpoint: choose target resource type (App Service, Cloud Service, Public IP) and select the resource.
    • External endpoint: enter the FQDN or IP address of the non-Azure service.
    • Nested endpoint: reference another Traffic Manager profile.
    • Example portal flow: Add → Azure endpoint → Name (e.g., EUS) → Target App Service in East US → enable health checks. Do not select “Always serve traffic” unless you intentionally want to bypass health probes.
The image shows a Microsoft Azure dashboard with details of an app service named "app-az700-tm-eastus." It provides information like the resource group, status, location, and subscription details.
After adding additional App Service endpoints (for example, Southeast Asia and West Europe), Traffic Manager will probe each endpoint and show status in the portal.
The image shows a Microsoft Azure portal interface displaying three endpoints under a Traffic Manager profile, with their status and locations listed.

Host header behavior and App Service integration

When clients access the Traffic Manager FQDN, understand the Host header implications:
  • Browsers set the Host header to the domain requested. For example, when requesting your-profile.trafficmanager.net, the Host header will be your-profile.trafficmanager.net.
  • App Service requires the Host header to match one of its configured hostnames (e.g., *.azurewebsites.net or a custom domain you mapped). If it does not match, the App Service will return a 404.
The image shows a "404 Web Site not found" error message on a blue background, with technical details in the browser's developer tools highlighting a failed GET request.
Production best practice:
  • Use a custom domain (for example, www.kodekloud.com) and map it to Traffic Manager.
    • In DNS: create a CNAME record from www.kodekloud.com to your-profile.trafficmanager.net.
    • In each App Service: add the custom domain so the App Service accepts requests with Host: www.kodekloud.com. This avoids 404s due to host header mismatch.
Accessing the Traffic Manager endpoint directly (without a custom domain mapped to App Service) will result in a mismatched Host header and likely a 404. For realistic testing, map a custom domain or explicitly set the Host header in your test requests.

Diagnostics — DNS resolution and request testing

To validate Traffic Manager behavior and which endpoint is returned, use nslookup and curl.
  • Observe the CNAME chain returned by DNS for the Traffic Manager profile:
  • If you change your network location (for example, via VPN), Traffic Manager may resolve to a different App Service according to the routing method:
  • Test an App Service response by setting the Host header to an App Service hostname returned by DNS:
If successful, the App Service HTML page will be returned. Example trimmed response body:
Tip: On Windows, clear the local DNS cache before testing:

Quick reference

The image shows the Azure Traffic Manager interface, with navigation options and a section for adding endpoints. It describes the service as a DNS-based traffic load balancer for distributing traffic with high availability.
Summary
  • Azure Traffic Manager is a DNS-based routing service for distributing client requests across multiple endpoints.
  • Choose the right routing method and endpoint types for your architecture (Azure, external, nested).
  • Configure health probes carefully to match your application’s health endpoints.
  • Use a custom domain (CNAME to your-profile.trafficmanager.net) and add that custom domain to your App Services for production.
  • For testing, use nslookup, curl with a custom Host header, and flush local DNS caches as needed.
I hope this clarifies Traffic Manager configuration. Next, we’ll continue with the following topic.

Watch Video