AWS Tutorials

Load Balancer (ALB, NLB, CLB)

Load Balancer (ALB, NLB, CLB) Detailed Notes

Load Balancer (ALB, NLB, CLB) 

Load balancers are one of the most critical components in modern cloud architecture. Whether you are building scalable web applications, deploying microservices, or designing high-availability systems on AWS, load balancers ensure a stable, secure, and optimized flow of traffic. In Amazon Web Services (AWS), three major Elastic Load Balancing (ELB) types dominate: Application Load Balancer (ALB), Network Load Balancer (NLB), and Classic Load Balancer (CLB). Each load balancer type serves a specific purpose, supporting different layers of the OSI model, performance needs, security requirements, and application design patterns.

Understanding Load Balancers in Cloud Computing

A load balancer acts as a highly available traffic distribution system. It automatically spreads incoming client requests across multiple backend targets (such as EC2 instances, containers, IPs, Lambda functions, or on-prem servers). The goal is to improve performance, prevent overload, and ensure redundancy. Load balancers help in achieving scalability, fault tolerance, and reliabilityβ€”all essential for distributed applications.

Why Load Balancing Is Important

The demand for always-on, low-latency applications has grown significantly. A single server cannot handle unpredictable traffic spikes, nor can it guarantee uptime. Load balancers solve this challenge by distributing traffic intelligently. They ensure:

  • High availability
  • Automatic failover
  • Improved response time
  • Efficient resource utilization
  • Zero-downtime deployments
  • Scalability for modern workloads

AWS Elastic Load Balancing Overview

AWS provides Elastic Load Balancing (ELB) as a managed solution. It automatically scales based on demand and can handle millions of requests per second. ELB integrates deeply with AWS autoscaling, VPC, security groups, AWS Certificate Manager (ACM), WAF, CloudWatch, and more.

ELB supports three main types of load balancers:

  • Application Load Balancer (ALB)
  • Network Load Balancer (NLB)
  • Classic Load Balancer (CLB)

Each load balancer type has unique features aligned with different use cases. Below is an in-depth breakdown covering architecture, features, performance, routing, security, best practices, and comparison.

Application Load Balancer (ALB)

The Application Load Balancer operates at Layer 7 (Application Layer) of the OSI model. It is optimized for advanced routing, microservices, containerized applications, and HTTP/HTTPS-based traffic.

Core Features of ALB

  • Layer 7 intelligent routing
  • Host-based routing (example.com vs api.example.com)
  • Path-based routing (/login, /api/users)
  • Query string and header-based routing
  • WebSocket and HTTP/2 support
  • Native integration with ECS and EKS
  • Supports Lambda as a target
  • Advanced authentication (OIDC, Cognito)
  • WAF integration for enhanced security

How ALB Works

ALB receives HTTP/HTTPS traffic and examines the request content (headers, path, host, method). Based on listener rules, it forwards the request to a target group. This helps achieve granular routing flexibility.

ALB Listener Rules Example


If Host = "api.example.com" β†’ Forward to API-Target-Group
If Path = "/users/*" β†’ Forward to Users-Target-Group
If HTTP header "version" = "v2" β†’ Forward to V2-Target-Group

Use Cases of ALB

  • Microservices architecture
  • Containerized applications (ECS, EKS)
  • Web applications using HTTP/HTTPS
  • API services requiring routing rules
  • Serverless applications using Lambda targets

ALB Target Types

  • EC2 instances
  • Containers (ECS tasks)
  • IP addresses
  • Lambda functions

Health Checks in ALB

Health checks operate at the application level. You can define a specific URL path, such as /health or /status. 


HTTP GET /health
Healthy Threshold: 2
Unhealthy Threshold: 2
Timeout: 5 seconds
Interval: 10 seconds

ALB removes unhealthy targets automatically and restores them when they recover.

ALB Advantages

  • Best for HTTP/HTTPS traffic
  • Advanced request-level routing
  • Supports microservices and container platforms
  • More cost-effective than NLB for L7 workloads

ALB Limitations

  • Not suitable for TCP/UDP use cases
  • Higher latency compared to NLB
  • Does not support static IPs directly

Network Load Balancer (NLB)

The Network Load Balancer operates at Layer 4 (Transport Layer). It is designed for extreme performance, ultra-low latency, TCP/UDP/TLS traffic handling, and high throughput workloads.

Core Features of NLB

  • Layer 4 (TCP, UDP, TLS) routing
  • Handles millions of requests per second
  • Static IP support
  • Zonal failover capability
  • Excellent for real-time applications
  • Preserves client source IP (client IP pass-through)
  • Long-lived connections (e.g., gaming, streaming)

How NLB Works

NLB routes traffic based on connection information, such as protocol, port, and source/destination. It does not inspect packet content, ensuring minimal latency.

NLB Target Types

  • EC2 instances
  • IP addresses
  • ALB (yes, NLB can front an ALB)

Health Checks in NLB

NLB supports TCP and HTTP health checks. TCP health checks are the fastest and ideal for low-level validation. 


TCP Health Check on Port 3306
Healthy Threshold: 3
Unhealthy Threshold: 3
Interval: 30 seconds

Use Cases of NLB

  • High-performance real-time applications
  • Gaming servers
  • VoIP and SIP-based services
  • Financial trading systems
  • IoT services needing massive throughput
  • Lift-and-shift legacy applications requiring TCP load balancing

NLB Advantages

  • Extremely low latency
  • Supports volatile traffic patterns
  • Static IP addresses
  • High scalability

NLB Limitations

  • No L7-based request routing
  • More expensive compared to ALB

Classic Load Balancer (CLB)

The Classic Load Balancer is the original AWS load balancer operating at both Layer 4 and Layer 7. It is considered a legacy load balancer and is recommended only for older, pre-modern architectures.

Core Features of CLB

  • Supports HTTP/HTTPS and TCP
  • Basic load balancing functionality
  • Health checks available
  • Integrated with older EC2-Classic environments

CLB Limitations

  • No host-based or path-based routing
  • Poor support for microservices
  • No WebSocket or HTTP/2 support
  • Less efficient than ALB and NLB

CLB is still maintained but no longer recommended for new deployments. Most modern architectures migrate to ALB or NLB for better performance, routing flexibility, and cost-effectiveness.

Comparison: ALB vs NLB vs CLB

Feature Comparison Table


Feature                 | ALB (L7)                | NLB (L4)                | CLB (L4/L7)
--------------------------------------------------------------------------------------------
OSI Layer              | Application             | Network                 | Both
Best For               | HTTP/HTTPS, APIs        | TCP/UDP, TLS            | Legacy apps
Performance            | High                    | Extremely High          | Moderate
Latency                | Low                     | Very Low                | Higher
Routing Features       | Advanced (host/path)    | Basic                   | Basic
WebSocket Support      | Yes                     | No                      | No
Static IP              | No                      | Yes                     | No
Target Types           | EC2, IP, Lambda         | EC2, IP, ALB            | EC2
Pricing                | Moderate                | Higher                  | Moderate

Choosing the Right Load Balancer

When to Use ALB

  • You need intelligent routing
  • Your architecture is microservices based
  • You require TLS termination with rule-based routing
  • You need WebSocket or HTTP/2

When to Use NLB

  • Need extreme performance or low latency
  • High traffic workloads with TCP/UDP
  • Static IP requirements
  • Real-time applications

When to Use CLB

  • Legacy architectures only
  • Existing CLB deployments without need for advanced features

Security Considerations for Load Balancers

Security Groups

ALB and CLB require security groups, but NLB does not directly use them. Target instances still use security groups for inbound control.

SSL/TLS Offloading

ALB is best suited for SSL offloading. NLB supports TLS pass-through for end-to-end encryption requirements.

Best Practices for AWS Load Balancers

  • Use ALB for microservices and modern web apps
  • Use NLB for extreme network performance
  • Enable cross-zone load balancing
  • Use AWS WAF with ALB to protect L7 workloads
  • Leverage health checks to remove bad targets
  • Use autoscaling groups with ELB for resilience

Sample CloudFormation Snippet for ALB


Resources:
  MyALB:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      Name: MyApplicationLoadBalancer
      Subnets:
        - subnet-12345
        - subnet-67890
      SecurityGroups:
        - sg-123abc
      Type: application

Load balancers are a foundation of scalable cloud architecture. AWS provides three powerful load balancersβ€”ALB, NLB, and CLBβ€”each designed for different workloads, latency needs, and traffic types. ALB excels in application-level routing, NLB leads in performance and low-level network handling, and CLB supports legacy systems. Understanding these options helps cloud engineers design resilient, optimized, and cost-efficient systems. 

logo

AWS

Beginner 5 Hours
Load Balancer (ALB, NLB, CLB) Detailed Notes

Load Balancer (ALB, NLB, CLB) 

Load balancers are one of the most critical components in modern cloud architecture. Whether you are building scalable web applications, deploying microservices, or designing high-availability systems on AWS, load balancers ensure a stable, secure, and optimized flow of traffic. In Amazon Web Services (AWS), three major Elastic Load Balancing (ELB) types dominate: Application Load Balancer (ALB), Network Load Balancer (NLB), and Classic Load Balancer (CLB). Each load balancer type serves a specific purpose, supporting different layers of the OSI model, performance needs, security requirements, and application design patterns.

Understanding Load Balancers in Cloud Computing

A load balancer acts as a highly available traffic distribution system. It automatically spreads incoming client requests across multiple backend targets (such as EC2 instances, containers, IPs, Lambda functions, or on-prem servers). The goal is to improve performance, prevent overload, and ensure redundancy. Load balancers help in achieving scalability, fault tolerance, and reliability—all essential for distributed applications.

Why Load Balancing Is Important

The demand for always-on, low-latency applications has grown significantly. A single server cannot handle unpredictable traffic spikes, nor can it guarantee uptime. Load balancers solve this challenge by distributing traffic intelligently. They ensure:

  • High availability
  • Automatic failover
  • Improved response time
  • Efficient resource utilization
  • Zero-downtime deployments
  • Scalability for modern workloads

AWS Elastic Load Balancing Overview

AWS provides Elastic Load Balancing (ELB) as a managed solution. It automatically scales based on demand and can handle millions of requests per second. ELB integrates deeply with AWS autoscaling, VPC, security groups, AWS Certificate Manager (ACM), WAF, CloudWatch, and more.

ELB supports three main types of load balancers:

  • Application Load Balancer (ALB)
  • Network Load Balancer (NLB)
  • Classic Load Balancer (CLB)

Each load balancer type has unique features aligned with different use cases. Below is an in-depth breakdown covering architecture, features, performance, routing, security, best practices, and comparison.

Application Load Balancer (ALB)

The Application Load Balancer operates at Layer 7 (Application Layer) of the OSI model. It is optimized for advanced routing, microservices, containerized applications, and HTTP/HTTPS-based traffic.

Core Features of ALB

  • Layer 7 intelligent routing
  • Host-based routing (example.com vs api.example.com)
  • Path-based routing (/login, /api/users)
  • Query string and header-based routing
  • WebSocket and HTTP/2 support
  • Native integration with ECS and EKS
  • Supports Lambda as a target
  • Advanced authentication (OIDC, Cognito)
  • WAF integration for enhanced security

How ALB Works

ALB receives HTTP/HTTPS traffic and examines the request content (headers, path, host, method). Based on listener rules, it forwards the request to a target group. This helps achieve granular routing flexibility.

ALB Listener Rules Example


If Host = "api.example.com" → Forward to API-Target-Group
If Path = "/users/*" → Forward to Users-Target-Group
If HTTP header "version" = "v2" → Forward to V2-Target-Group

Use Cases of ALB

  • Microservices architecture
  • Containerized applications (ECS, EKS)
  • Web applications using HTTP/HTTPS
  • API services requiring routing rules
  • Serverless applications using Lambda targets

ALB Target Types

  • EC2 instances
  • Containers (ECS tasks)
  • IP addresses
  • Lambda functions

Health Checks in ALB

Health checks operate at the application level. You can define a specific URL path, such as /health or /status. 


HTTP GET /health
Healthy Threshold: 2
Unhealthy Threshold: 2
Timeout: 5 seconds
Interval: 10 seconds

ALB removes unhealthy targets automatically and restores them when they recover.

ALB Advantages

  • Best for HTTP/HTTPS traffic
  • Advanced request-level routing
  • Supports microservices and container platforms
  • More cost-effective than NLB for L7 workloads

ALB Limitations

  • Not suitable for TCP/UDP use cases
  • Higher latency compared to NLB
  • Does not support static IPs directly

Network Load Balancer (NLB)

The Network Load Balancer operates at Layer 4 (Transport Layer). It is designed for extreme performance, ultra-low latency, TCP/UDP/TLS traffic handling, and high throughput workloads.

Core Features of NLB

  • Layer 4 (TCP, UDP, TLS) routing
  • Handles millions of requests per second
  • Static IP support
  • Zonal failover capability
  • Excellent for real-time applications
  • Preserves client source IP (client IP pass-through)
  • Long-lived connections (e.g., gaming, streaming)

How NLB Works

NLB routes traffic based on connection information, such as protocol, port, and source/destination. It does not inspect packet content, ensuring minimal latency.

NLB Target Types

  • EC2 instances
  • IP addresses
  • ALB (yes, NLB can front an ALB)

Health Checks in NLB

NLB supports TCP and HTTP health checks. TCP health checks are the fastest and ideal for low-level validation. 


TCP Health Check on Port 3306
Healthy Threshold: 3
Unhealthy Threshold: 3
Interval: 30 seconds

Use Cases of NLB

  • High-performance real-time applications
  • Gaming servers
  • VoIP and SIP-based services
  • Financial trading systems
  • IoT services needing massive throughput
  • Lift-and-shift legacy applications requiring TCP load balancing

NLB Advantages

  • Extremely low latency
  • Supports volatile traffic patterns
  • Static IP addresses
  • High scalability

NLB Limitations

  • No L7-based request routing
  • More expensive compared to ALB

Classic Load Balancer (CLB)

The Classic Load Balancer is the original AWS load balancer operating at both Layer 4 and Layer 7. It is considered a legacy load balancer and is recommended only for older, pre-modern architectures.

Core Features of CLB

  • Supports HTTP/HTTPS and TCP
  • Basic load balancing functionality
  • Health checks available
  • Integrated with older EC2-Classic environments

CLB Limitations

  • No host-based or path-based routing
  • Poor support for microservices
  • No WebSocket or HTTP/2 support
  • Less efficient than ALB and NLB

CLB is still maintained but no longer recommended for new deployments. Most modern architectures migrate to ALB or NLB for better performance, routing flexibility, and cost-effectiveness.

Comparison: ALB vs NLB vs CLB

Feature Comparison Table


Feature                 | ALB (L7)                | NLB (L4)                | CLB (L4/L7)
--------------------------------------------------------------------------------------------
OSI Layer              | Application             | Network                 | Both
Best For               | HTTP/HTTPS, APIs        | TCP/UDP, TLS            | Legacy apps
Performance            | High                    | Extremely High          | Moderate
Latency                | Low                     | Very Low                | Higher
Routing Features       | Advanced (host/path)    | Basic                   | Basic
WebSocket Support      | Yes                     | No                      | No
Static IP              | No                      | Yes                     | No
Target Types           | EC2, IP, Lambda         | EC2, IP, ALB            | EC2
Pricing                | Moderate                | Higher                  | Moderate

Choosing the Right Load Balancer

When to Use ALB

  • You need intelligent routing
  • Your architecture is microservices based
  • You require TLS termination with rule-based routing
  • You need WebSocket or HTTP/2

When to Use NLB

  • Need extreme performance or low latency
  • High traffic workloads with TCP/UDP
  • Static IP requirements
  • Real-time applications

When to Use CLB

  • Legacy architectures only
  • Existing CLB deployments without need for advanced features

Security Considerations for Load Balancers

Security Groups

ALB and CLB require security groups, but NLB does not directly use them. Target instances still use security groups for inbound control.

SSL/TLS Offloading

ALB is best suited for SSL offloading. NLB supports TLS pass-through for end-to-end encryption requirements.

Best Practices for AWS Load Balancers

  • Use ALB for microservices and modern web apps
  • Use NLB for extreme network performance
  • Enable cross-zone load balancing
  • Use AWS WAF with ALB to protect L7 workloads
  • Leverage health checks to remove bad targets
  • Use autoscaling groups with ELB for resilience

Sample CloudFormation Snippet for ALB


Resources:
  MyALB:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      Name: MyApplicationLoadBalancer
      Subnets:
        - subnet-12345
        - subnet-67890
      SecurityGroups:
        - sg-123abc
      Type: application

Load balancers are a foundation of scalable cloud architecture. AWS provides three powerful load balancers—ALB, NLB, and CLB—each designed for different workloads, latency needs, and traffic types. ALB excels in application-level routing, NLB leads in performance and low-level network handling, and CLB supports legacy systems. Understanding these options helps cloud engineers design resilient, optimized, and cost-efficient systems. 

Related Tutorials

Frequently Asked Questions for AWS

An AWS Region is a geographical area with multiple isolated availability zones. Regions ensure high availability, fault tolerance, and data redundancy.

AWS EBS (Elastic Block Store) provides block-level storage for use with EC2 instances. It's ideal for databases and other performance-intensive applications.



  • S3: Object storage for unstructured data.
  • EBS: Block storage for structured data like databases.

  • Regions are geographic areas.
  • Availability Zones are isolated data centers within a region, providing high availability for your applications.

AWS pricing follows a pay-as-you-go model. You pay only for the resources you use, with options like on-demand instances, reserved instances, and spot instances to optimize costs.



AWS S3 (Simple Storage Service) is an object storage service used to store and retrieve any amount of data from anywhere. It's ideal for backup, data archiving, and big data analytics.



Amazon RDS (Relational Database Service) is a managed database service supporting engines like MySQL, PostgreSQL, Oracle, and SQL Server. It automates tasks like backups and updates.



  • Scalability: Resources scale based on demand.
  • Cost-efficiency: Pay-as-you-go pricing.
  • Global Reach: Availability in multiple regions.
  • Security: Advanced encryption and compliance.
  • Flexibility: Supports various workloads and integrations.

AWS Auto Scaling automatically adjusts the number of compute resources based on demand, ensuring optimal performance and cost-efficiency.

The key AWS services include:


  • EC2 (Elastic Compute Cloud) for scalable computing.
  • S3 (Simple Storage Service) for storage.
  • RDS (Relational Database Service) for databases.
  • Lambda for serverless computing.
  • CloudFront for content delivery.

AWS CLI (Command Line Interface) is a tool for managing AWS services via commands. It provides scripting capabilities for automation.

Amazon EC2 is a web service that provides resizable compute capacity in the cloud. It enables you to launch virtual servers and manage your computing resources efficiently.

AWS Snowball is a physical device used for data migration. It allows organizations to transfer large amounts of data into AWS quickly and securely.

AWS CloudWatch is a monitoring service that collects and tracks metrics, logs, and events, helping you gain insights into your AWS infrastructure and applications.



AWS (Amazon Web Services) is a comprehensive cloud computing platform provided by Amazon. It offers on-demand cloud services such as compute power, storage, databases, networking, and more.



Elastic Load Balancer (ELB) automatically distributes incoming traffic across multiple targets (e.g., EC2 instances) to ensure high availability and fault tolerance.

Amazon VPC (Virtual Private Cloud) allows you to create a secure, isolated network within the AWS cloud, enabling you to control IP ranges, subnets, and route tables.



Route 53 is a scalable DNS (Domain Name System) web service by AWS. It connects user requests to your applications hosted on AWS resources.

AWS CloudFormation is a service that enables you to manage and provision AWS resources using infrastructure as code. It automates resource deployment through JSON or YAML templates.



AWS IAM (Identity and Access Management) allows you to control access to AWS resources securely. You can define user roles, permissions, and policies to ensure security and compliance.



  • EC2: Provides virtual servers for full control of your applications.
  • Lambda: Offers serverless computing, automatically running your code in response to events without managing servers.

Elastic Beanstalk is a PaaS (Platform as a Service) offering by AWS. It simplifies deploying and managing applications by automatically handling infrastructure provisioning and scaling.



Amazon SQS (Simple Queue Service) is a fully managed message queuing service that decouples and scales distributed systems.

AWS ensures data security through encryption (both at rest and in transit), compliance with standards (e.g., ISO, SOC, GDPR), and access controls using IAM.

AWS Lambda is a serverless computing service that lets you run code in response to events without provisioning or managing servers. You pay only for the compute time consumed.



AWS Identity and Access Management controls user access and permissions securely.

A serverless compute service running code automatically in response to events.

A Virtual Private Cloud for isolated AWS network configuration and control.

Automates resource provisioning using infrastructure as code in AWS.

A monitoring tool for AWS resources and applications, providing logs and metrics.

A virtual server for running applications on AWS with scalable compute capacity.

Distributes incoming traffic across multiple targets to ensure fault tolerance.

A scalable object storage service for backups, data archiving, and big data.

EC2, S3, RDS, Lambda, VPC, IAM, CloudWatch, DynamoDB, CloudFront, and ECS.

Tracks user activity and API usage across AWS infrastructure for auditing.

A managed relational database service supporting multiple engines like MySQL, PostgreSQL, and Oracle.

An isolated data center within a region, offering high availability and fault tolerance.

A scalable Domain Name System (DNS) web service for domain management.

Simple Notification Service sends messages or notifications to subscribers or other applications.

Brings native AWS services to on-premises locations for hybrid cloud deployments.

Automatically adjusts compute capacity to maintain performance and reduce costs.

Amazon Machine Image contains configuration information to launch EC2 instances.

Elastic Block Store provides block-level storage for use with EC2 instances.

Simple Queue Service enables decoupling and message queuing between microservices.

A serverless compute engine for containers running on ECS or EKS.

Manages and groups multiple AWS accounts centrally for billing and access control.

Distributes incoming traffic across multiple EC2 instances for better performance.

A tool for visualizing, understanding, and managing AWS costs and usage over time.

line

Mail us :

Address :

India
  • Facebook_logo
  • Instagram_logo
  • Linkedin_logo
  • X-twitter_logo
  • Youtube_logo
  • Pinterest_logo

Sub Categories

Copyrights © 2024 letsupdateskills All rights reserved