Exercises Written Labs Written Lab 4.1: Create a Network Load Balancer Written Lab 4.2: Use the Console to Enable Deletion Protection Written Lab 4.3: Use the Console to Disable Deletion Protection Written Lab 4.4: Enable Application-Based Stickiness

TLS Passthrough TLS passthrough is the more traditional design for load balancers that do not process SSL/TLS traffic on port 443. The load balancer does not have any digital certificates locally installed and just passes all encrypted traffic to the backend servers for them to perform the encryption and decryption functions, as shown in Figure […]

Slow Start To prevent a new target from being overwhelmed with connection requests when it is first brought online, there is a slow start feature that allows the server to gradually process new requests after the new target passes its health checking and comes online. This gives the server time to “warm up.” The ELB […]

Routing Algorithms Depending on your design, you can configure either a round-robin or least outstanding request algorithm to distribute the load to the backend servers in a target group. While the round-robin algorithm is widely used, it does have a few architectural issues to consider. It cannot take into consideration the target server’s capacity and […]

Target Groups A target group is a configuration container that groups targets and is used to route connection requests to one or more of the registered targets. When created, the listener is defined for incoming connections, and the target group lists the devices or servers to connect to on the backend. Also, the target group […]

Session Affinity and Sticky Sessions The application load balancer distributes connections to the backend servers based on the chosen load balancing algorithm such as round-robin or least connections. This may not work in applications that require the source to be bound to a specific server for the duration of the session. An example of this […]

X-Forwarded-For Protocol Since the application load balancer terminates the connection from the client and establishes a backend session to the target servers, the IP addressing will change along the path. The downside to this is that the target servers do not see who originated the packet since the load balancer has changed the source IP […]

AWS Certificate Manager The AWS Certificate Manager allows you to create both public and private digital certificates and has integrated the service into the application load balancer, as shown in Figure 4.6. This integration allows you to specify an AWS certificate directly from the ALB configuration GUI, API, and CLI. The Certificate Manager service enables you […]

Traffic Mirroring Network traffic captured in a VPC can be forwarded to a load balancer for analysis and troubleshooting. Mirroring is configured in the VPC and can send the traffic to a network load balancer listener to distribute the captured traffic to target groups associated with the NLB. Gateway load balancing is also supported, which […]

AWS Service Integrations AWS makes every effort to integrate its many service offerings for ease of deployment, ease of use, and added flexibility. Because of the nature of the ELB family, there are many networking services that work with the load balancers and are integrated into the ELB console. We will cover the services that […]