Welcome to Day 70 of the #100DaysOfDevOps Challenge! Today we will see the Network Load Balancer in AWS
Network Load Balancer (NLB)
Network Load Balancer It is designed to handle tens of millions of requests per second while maintaining high throughput at ultra low latency, with no effort on your part. The Network Load Balancer is API-compatible with the Application Load Balancer, including full programmatic control of Target Groups and Targets.
This is the distribution of traffic based on network variables, such as IP address and destination ports. It is Layer 4 (TCP) and below and is not designed to take into consideration anything at the application layer such as content type, cookie data, custom headers, user location, or the application behavior. It is context-less, caring only about the network-layer information contained within the packets it is directing this way and that.
This is a TCP Load Balancer only that does some NAT magic at the VPC level. It uses EIPs, so it has a static endpoint unlike ALB and CLBs (by default). Each Target can be on different ports.
Protocols: TLS, TCP, UDP, TCP_UDP
Protocol versions: TLS, TCP, UDP, TCP_UDP
Target Types: Instance, IP, ALB
With NLB, Elastic Load Balancing creates a network interface for each Availability Zone that you enable.
Network Load Balancer Features
Support Static IP:
Under Network Mapping. Automatically get assigned a single IP per Availability zone. If you don’t want this IP to be changed for the life of the load balancer, you can also pick your own EIP from your own EIP pool and assign it to NLB. Helps with whitelisting for firewalls.
2. Preserve Source IP
Because NLB doesn’t terminate the connection on the load balancer itself, it’s a pass-through. It can preserve the Source IP to your backend. You can use these IPs for logging purposes, or you can use these IPs to take further action like geo-location mapping, etc.
3. Proxy Protocol V2 Feature
Preserve Source IP is useful when you are using instances in the backend. But if you are using IP outside your VPC, then you can use Proxy Protocol V2 when load balancing to IP addresses. What Proxy Protocol V2 does in the header information is it passes all your connection IPS. The source and destination IPs are passed onto the backend applications that you can use either for IP blocking or any other filtering.
4. Health Checks
Supports both Network and Application Target health checks. You were using Network Health checks based on the overall response of your target to normal traffic within a span of milliseconds. Application-level health checks can be HTTP, HTTPS, and TCP health checks. You can set up the frequency of these health checks and also determine the failure thresholds for a particular health check to fail.
5: Support cross zone load-balancing
This feature allows the network load balancer to route incoming requests equally to applications deployed in multiple availability zones.
6: Support SSL termination
The network load balancer supports the termination of the TLS connection at the Load balancer layer. This will free the backend server from performing compute-intensive tasks like encrypting and decrypting all the traffic. For more info https://aws.amazon.com/blogs/aws/new-tls-termination-for-network-load-balancers/
7: Support Stickness
The network load balancer supports a sticky session that binds the session to a specific instance within the target group.
8: Integrated with other AWS System:
It’s integrated well with other AWS services like Config, Private link, etc.
9: Access logs
You can enable access log for Network Load Balancer. This feature allows direct access logs to the S3 bucket. These logs include detailed information like TLS protocol version, cipher suite, handshake time, connection time, etc.
10: Integration with CloudWatch
Integration with CloudWatch will give you a rich set of metrics like Active Flow count(total number of concurrent flow and connection from the client to targets), processed bytes(total number of bytes processed by a load balancer), Healthy Host Counts(number of targets that are considered healthy), Unhealthy Host Counts(number of targets that are considered unhealthy).
