Networking & Content Delivery
Category: Elastic Load Balancing
Building a global, low-latency NTP service with static IP addresses
As organizations continue to roll out cloud-connected Internet-of-Things (IoT) applications, the need for accurate and reliable time synchronization has become increasingly critical. Although Amazon Web Services (AWS) provides the Amazon Time Sync Service for basic Network Time Protocol (NTP) needs, some IoT scenarios need a custom NTP solution. For example, users want to serve many IoT […]
Accelerate IPv6 application migration with AWS PrivateLink and dual stack Network Load Balancers UDP support
This post was co-authored by: Ashish Kumar, Senior Product Manager; Blayze Stefaniak, Senior Solutions Architect; Natti Swaminathan, Senior Solutions Architect; and Yogesh Patel, Senior Solutions Architect In this post, we review how you can leverage AWS PrivateLink support for User Datagram Protocol (UDP) services, and accelerate Internet Protocol version 6 (IPv6) migrations with UDP support […]
Introducing configurable TCP idle timeout for Gateway Load Balancer
Update: Sep 10, 2024 – Corrected a CloudWatch metric name. Amazon Web Service (AWS) Gateway Load Balancer (GWLB) is a managed AWS service that allows you to insert third-party firewall appliances into the data path. GWLB helps you deploy, scale, and manage third-party appliances, and it acts as a bump-in-the-wire device and passes traffic transparently […]
Security best practices when using ALB authentication
At AWS, security is the top priority, and we are committed to providing you with the necessary guidance to fortify the security posture of your environment. In 2018, we introduced built-in authentication support for Application Load Balancers (ALBs), enabling secure user authentication as they access applications. This feature allows developers to offload the authentication responsibility […]
Preserving client IP address with Proxy protocol v2 and Network Load Balancer
When a load balancer or proxy cannot preserve the client’s original IP address, it may rewrite the IP address or use its own IP address for routing purposes. In this scenario, common practices such as inserting the original IP address into the request headers (for example, X-Forwarded-For) or utilizing Proxy protocol are widely used to […]
Introducing dual-stack without public IPv4 Application Load Balancer
In May 2024, Amazon Web Services (AWS) launched a new feature for internet-facing Application Load Balancers. This enhancement allows you to provision an internet-facing Application Load Balancer without needing public IPv4 addresses, enabling clients to connect using only IPv6 addresses. To connect, clients resolve the AAAA DNS records assigned to the Application Load Balancer. The […]
Tenant routing strategies for SaaS applications on AWS
A key challenge for SaaS providers is designing secure, scalable tenant routing mechanisms to identify tenants and route requests to appropriate resources. Effective tenant routing ensures isolation, scalability, and security. This post explores strategies for routing HTTP requests in multi-tenant SaaS environments on AWS, including considerations, best practices, and example scenarios. For routing strategies at […]
Using connection tracking improvements to increase network performance
Connection tracking (conntrack) is a networking concept where a networking device, like a firewall, router, or NAT device, needs to track and maintain information about the state of IP traffic going through it. The AWS Nitro System that underlies AWS networking does connection tracking for some types of network traffic to implement the stateful nature […]
Scaling strategies for Elastic Load Balancing
Elastic Load Balancing (ELB) offers four types of load balancers, all featuring high availability, automatic scaling, and robust security support for your applications: Application Load Balancer (ALB), Network Load Balancer (NLB), Gateway Load Balancer (GWLB), and Classic Load Balancer (CLB). ELB automatically scales up and down, and scales in and out in response to traffic […]
Introducing mTLS for Application Load Balancer
AWS recently announced support for mutually authenticating clients that present X509 certificates to Application Load Balancer (ALB). In this post, we discuss options for implementing this new feature, and things to consider while implementing. ALB operates at the application layer (layer 7 in the OSI model) and load balances incoming HTTP/HTTPS requests to backend targets. […]