ELB — Concept
What it is
Elastic Load Balancing (ELB) = managed load balancers that distribute traffic across multiple targets (EC2, ECS tasks, IPs, Lambda) across multiple AZs. Three flavors live on the exam: ALB, NLB, GWLB. (Classic Load Balancer / CLB is legacy.)
Why it exists
Single instance = single point of failure. ELB provides HA, scaling, TLS termination, health checks, and integrates with Auto Scaling, ECS, and WAF.
Types compared (must memorize)
| ALB (Application LB) | NLB (Network LB) | GWLB (Gateway LB) | CLB (Classic) | |
|---|---|---|---|---|
| OSI | L7 (HTTP/HTTPS/WebSocket/gRPC) | L4 (TCP/UDP/TLS) | L3/L4 (IP packets) | L4 + basic L7 |
| Latency | ~ms | sub-ms, ultra-low | low | higher |
| Targets | EC2, IP, Lambda, ECS | EC2, IP, ALB | Appliances (FW/IDS) via GENEVE | EC2 |
| Static IP / Elastic IP | No (DNS only) | Yes (1 EIP per AZ) | No | No |
| Routing rules | Host-, path-, header-, query-, source-IP, method-based | Port + protocol | Forward-through (insert appliance) | Round-robin, sticky |
| Use | Web apps, microservices, gRPC, HTTP/2 | Extreme perf, TCP/UDP, static IP, IP whitelist | Inline 3rd-party security appliances | Legacy, don't pick |
Listeners, target groups, rules
- Listener = port + protocol on the LB.
- Target group = set of targets (EC2, IP, Lambda) with health check + protocol.
- Rules (ALB) route based on host header, path, headers, query strings, source IP, HTTP method, weighted target groups.
Health checks
- ALB: HTTP/HTTPS check, configurable path, thresholds.
- NLB: TCP probe (or HTTP).
- Unhealthy targets stop receiving traffic.
Cross-zone load balancing
- ALB: enabled by default, no extra cost.
- NLB: disabled by default, $$ for cross-zone data.
- Important for the exam: a hot AZ can imbalance NLB if cross-zone is off.
TLS / certificates
- ACM-issued certs attached to listener.
- SNI supported for multiple certs on one listener.
- ALB: HTTPS to LB, then HTTP or HTTPS to target (end-to-end TLS).
- NLB: TLS listeners (TLS termination) or pass-through TCP.
Connections & sticky sessions
- Sticky sessions (ALB / CLB): cookie-based; for stateful apps before you make them stateless.
- ALB also supports application-controlled cookies.
- Connection draining / Deregistration delay lets in-flight requests finish before target leaves.
Integrations
- Auto Scaling Group → register/deregister automatically.
- AWS WAF → attach WebACL to ALB.
- API Gateway VPC Link → uses NLB.
- ECS service → registers targets dynamically.
When to use vs alternatives
| Need | Use |
|---|---|
| HTTP/HTTPS, microservices, host/path routing | ALB |
| Ultra-low latency / TCP / UDP / static IPs | NLB |
| Inline FW / IDS / IPS chain | GWLB |
| Global, multi-region anycast IPs | Global Accelerator + ALB/NLB |
| HTTP caching | CloudFront in front of ALB |
Common exam scenarios
- "Path-based routing /api → service A, /web → service B" → ALB with rules.
- "Need a static IP per AZ for partner whitelisting" → NLB with EIP per AZ.
- "Microservice routes on hostname (api.example.com vs web.example.com)" → ALB host-based.
- "Insert 3rd-party firewall transparently for VPC traffic" → GWLB + appliance fleet.
- "Lambda must be the target for HTTP requests" → ALB → Lambda target.
- "Reduce cross-AZ traffic charges on NLB" → enable / weigh cross-zone carefully (it costs $).
- "Web app with WAF + caching + multi-region" → CloudFront + WAF in front of ALB(s), Route 53 latency.
Exam tip
- L7 routing keywords (host, path, header) → ALB.
- TCP / UDP / static IP → NLB.
- Firewall appliance insertion → GWLB.
- Global low-latency UDP → Global Accelerator, not ELB.