Any business website depends on optimal performance and availability 24 hours a day, 7 days a week. Ensuring high performance to handle any kind of traffic — and especially spiky and high-volume traffic — can be a challenge if you aren’t using the right approach for managing requests.
Amazon Web Services recently expanded its load balancing options with a new service designed for latency-sensitive applications and extreme performance: Network Load Balancer. So what is a Network Load Balancer? In this post, we’ll explore the features and costs of this new service and help you navigate all of AWS’s load balancing options so that you know how to choose the best service for your applications.
What is a Network Load Balancer?
Until now, when you anticipated extremely spiky workloads or even instantaneous fail-over between regions, you would ask AWS to provision a load balancer in preparation for the surge in traffic. This meant the load balancer was “pre-warmed” for you by AWS, which is a wonderful example of AWS customer obsession. However, this process is dependent on several variables: you are responsible for creating the support ticket, knowing the dates for the traffic surge, the expected rate request per second, the size of a typical request. Finally, the process relies on AWS support to manage the pre-warming process for you.
The Network Load Balancer reduces some of these dependencies. Network Load Balancer has been designed to handle sudden and volatile traffic patterns, making it ideal for load balancing TCP traffic. It is capable of handling millions of requests per second while maintaining low latencies and doesn’t have to be “pre-warmed” before traffic arrives.
With Network Load Balancer, we have a simple load balancing service specifically designed to handle unpredictable burst TCP traffic. It makes a single static IP address available per Availability Zone, and it operates at the connection level (Layer 4) to route inbound connections to AWS targets. The target can be EC2 instances, containers, or an IP address. Network Load Balancer is tightly integrated with other AWS managed services such as Auto Scaling, ECS (Amazon EC2 Container Service), and CloudFormation. It also supports static and elastic IP addresses and load balancing to multiple ports on the same instance.
Best use cases for Network Load Balancer:
- When you need to seamlessly support spiky or high-volume inbound TCP requests.
- When you need to support a static or elastic IP address.
- If you are using container services and/or want to support more than one port on an EC2 instance. NLB is especially well suited to ECS (The Amazon EC2 Container Service).
Choosing the Right Load Balancer
There are three options for Elastic Load Balancing in AWS: Classic Load Balancer, Application Load Balancer, and Network Load Balancer. How do you know which one is the right fit for your applications?
Application Load Balancer is arguably the most protocol-oriented load balancing service. Because the service enforces the latest SSL/TLS ciphers and protocols, it is ideal for negotiating HTTP requests. Application Load Balancer also operates at the request level (layer 7), but provides more advanced routing capabilities than the Classic and Network Load Balancers.
Additionally, its support for host-based and path-based routing, X-Forwarded-For headers, server name indication (SNI), and sticky sessions makes the Application Load Balancer ideal for balancing loads to microservices and container-based applications.
Here is another reason why it’s a great choice for containers: Application Load Balancer enables load balancing across multiple ports on a single Amazon EC2 instance. This is really powerful when you are using ECS as you can specify a dynamic port in the ECS task definition. This creates an unused port on the container when an EC2 instance is scheduled. The ECS scheduler automatically adds the task to the load balancer using this port, which is one less thing for you to worry about. The Network Load Balancer also supports multiple ports on the same instance, so you might consider using Network Load Balancer over Application Load Balancer if you need to support a static or dynamic IP address.
Best use cases for Application Load Balancer: Containerized applications, microservices, and anytime you need to support a static elastic IP address.
Classic Load Balancer is still a great solution if you just need simple load balancing with multiple protocols. Classic Load Balancer supports many of the same Layer 4 and Layer 7 features as Application Load Balancer: sticky sessions, IPv6 support, monitoring, logging, and SSL termination. Both the Classic and Application Load Balancers support offloading SSL decryption from application instances, management of SSL certificates, and encryption to back-end instances with optional public key authentication.
One plus with Classic Load Balancer is that it permits flexible cipher support, allowing you to control the ciphers and protocols the load balancer presents to clients. This makes Classic Load Balancer a good choice if you have to use or limit use to a specific cipher.
Best use cases for Classic Load Balancer: Simple load balancing or flexible cipher support.
So, should I consider upgrading from Classic Load Balancer to the new Network Load Balancer? The answer should probably be yes if you:
- Want to support spiky and unpredictable TCP traffic without pre-warming.
- Need to support an IP address or an IP target outside of the VPC.
- Want to support and monitor multiple services running on ports on an EC2 instance.
Does Network Load Balancer cost more?
Costs vary per region so always check the AWS pricing page before using or changing a load balancer. Currently, all three load balancers attract a charge for each hour or partial hour the load balancer is running. Both Application and Network Load Balancers incur an additional charge for the number of Load Balancer Capacity Units (LCUs) used per hour. This cost is currently calculated based on the number of new connections, active connections, bandwidth, and rule evaluations made in an equation explained on the AWS load balancer pricing page. Classic Load Balancer has a simple charge for each GB of data transferred through the load balancer.
While each load balancing use case will be unique, here are the simple rules of thumb that I use when considering which load balancer to choose:
- If you need to support a static or elastic IP address: Use Network Load Balancer
- if you need control over your SSL cipher: Use Classic Load Balancer
- If using container services and/or ECS: Use Application Load Balancer or Network Load Balancer
- If you need to support SSL offloading: Use Application Load Balancer or Classic Load Balancer
New Content: Platforms, Programming, and DevOps – Something for Everyone
This month our team of expert certification specialists released three new or updated learning paths, 16 courses, 13 hands-on labs, and four lab challenges! New content on Cloud Academy You can always visit our Content Roadmap to see what’s just released as well as what’s coming soon....
Mastering AWS Organizations Service Control Policies
Service Control Policies (SCPs) are IAM-like policies to manage permissions in AWS Organizations. SCPs restrict the actions allowed for accounts within the organization making each one of them compliant with your guidelines. SCPs are not meant to grant permissions; you should consider ...
New Content: Focus on DevOps and Programming Content this Month
This month our team of expert certification specialists released 12 new or updated learning paths, 15 courses, 25 hands-on labs, and four lab challenges! New content on Cloud Academy You can always visit our Content Roadmap to see what’s just released as well as what’s coming soon. Ja...
New Content: Get Ready for the CISM Cert Exam & Learn About Alibaba, Plus All the AWS, GCP, and Azure Courses You Know You Can Count On
This month our team of intrepid certification specialists released five learning paths, seven courses, 19 hands-on labs, and three lab challenges! One particularly interesting new learning path is Certified Information Security Manager (CISM) Foundations. After completing this learn...
Which Certifications Should I Get?
The old AWS slogan, “Cloud is the new normal” is indeed a reality today. Really, cloud has been the new normal for a while now and getting credentials has become an increasingly effective way to quickly showcase your abilities to recruiters and companies. With all that in mind, the s...
The 12 AWS Certifications: Which is Right for You and Your Team?
As companies increasingly shift workloads to the public cloud, cloud computing has moved from a nice-to-have to a core competency in the enterprise. This shift requires a new set of skills to design, deploy, and manage applications in cloud computing. As the market leader and most ma...
AWS Certified Solutions Architect Associate: A Study Guide
Want to take a really impactful step in your technical career? Explore the AWS Solutions Architect Associate certificate. Its new version (SAA-C02) was released on March 23, 2020. The AWS Solutions Architect - Associate Certification (or Sol Arch Associate for short) offers some ...
New Content: AWS Terraform, Java Programming Lab Challenges, Azure DP-900 & DP-300 Certification Exam Prep, Plus Plenty More Amazon, Google, Microsoft, and Big Data Courses
This month our Content Team continues building the catalog of courses for everyone learning about AWS, GCP, and Microsoft Azure. In addition, this month’s updates include several Java programming lab challenges and a couple of courses on big data. In total, we released five new learning...
Where Should You Be Focusing Your AWS Security Efforts?
Another day, another re:Invent session! This time I listened to Stephen Schmidt’s session, “AWS Security: Where we've been, where we're going.” Amongst covering the highlights of AWS security during 2020, a number of newly added AWS features/services were discussed, including: AWS Audit...
AWS re:Invent: 2020 Keynote Top Highlights and More
We’ve gotten through the first five days of the special all-virtual 2020 edition of AWS re:Invent. It’s always a really exciting time for practitioners in the field to see what features and services AWS has cooked up for the year ahead. This year’s conference is a marathon and not a...
WARNING: Great Cloud Content Ahead
At Cloud Academy, content is at the heart of what we do. We work with the world’s leading cloud and operations teams to develop video courses and learning paths that accelerate teams and drive digital transformation. First and foremost, we listen to our customers’ needs and we stay ahea...
Excelling in AWS, Azure, and Beyond – How Danut Prisacaru Prepares for the Future
Meet Danut Prisacaru. Danut has been a Software Architect for the past 10 years and has been involved in Software Engineering for 30 years. He’s passionate about software and learning, and jokes that coding is basically the only thing he can do well (!). We think his enthusiasm shines t...