Elastic Load balancing

EC2's load balancers are two stage load balancers. The first stage is DNS round robin between user-selectable availability zones and the second stage is either NAT least connection balancing or layer 5 HTTP reverse proxying. The first stage will also not return the same IP address for each request even if it does go to the same availability zone. The DNS record has a TTL of 60 seconds and is rotated between several load balancer machines in each zone.

The distribution of nodes between availability zones becomes critical as connections will be evenly dispersed between zones even if nodes are not distributed evenly.

Layer 4 LB

Unlike common load balancers, ELB use both SNAT and DNAT when using layer 3, so you get the benefit of not having to change your routes. However this causes a problem with logging the source IP of users and makes IP based access control worthless. Benchmarking revealed a slight decrease (~7%) in performance vs a direct query to nodes.

Layer 7 HTTP LB

The LB adds X-Forwarded-For header to the request, so you can get the original IP address of the request from it. There is no way to control headers, lb according to header, cache, etc., so the common tricks of L7 LB are impossible with ELB; ELB now has sticky session, but still no advanced feature like arbitrary header manipulation, cache, etc.

Performance testing of a single node directly and with a load balancer in front of it revealed that performance is actually a little better with the load balancer. This is probably because the load balancer is buffering the response allowing the requests to end sooner.

-- AvishaiIshShalom - 28 Oct 2009