All Products
Search

This Product

    :Use an NLB instance to forward requests to an RDS Custom instance

    Document Center

    :Use an NLB instance to forward requests to an RDS Custom instance

    Last Updated:Dec 05, 2025

    You can use Network Load Balancer (NLB) to efficiently forward access requests to an RDS Custom instance to achieve load balancing. This solution allows you to connect to your RDS Custom instance over the Internet. This effectively protects the security of the internal network and improves the service availability and scalability.

    Prerequisites

    An application is deployed on the RDS Custom instance. In this example, NGINX is deployed. Deployment commands:

    yum install -y nginx
systemctl start nginx.service
cd /usr/share/nginx/html/
echo "Hello World !  this is RDS Custom." > index.html

    Step 1: Create an NLB instance

    1. Log on to the NLB console.

    2. In the top navigation bar, select the region in which the RDS Custom instance resides.

    3. On the Instances page, click Create NLB.

    4. On the NLB (Pay-As-You-Go) page, configure the required parameters. Click Buy Now and complete the payment.

      The following table describes only the key parameters. Other parameters use the default values. For more information, see Create and manage an NLB instance.

      Parameter

      Description

      Region

      Select the region in which the RDS Custom instance resides.

      Network Type

      Select a network type. The system assigns public or private IP addresses to the NLB instance based on the selected network type. In this example, Internal-facing is selected.

      • Internal-facing: If you create an internal-facing NLB instance, a private IP address is assigned to each zone. In this case, the NLB instance is accessible only over the internal network. For example, you can connect to the NLB instance from an Elastic Compute Service (ECS) instance in the same virtual private cloud (VPC).

      • Internet-facing: If you create an Internet-facing NLB instance, a public IP address and a private IP address are assigned to each zone. Internet-facing NLB instances use elastic IP addresses (EIPs) to provide services over the Internet. If you create an Internet-facing NLB instance, you are charged instance fees and bandwidth or data transfer fees for the EIPs.

      VPC

      Select the VPC in which the RDS Custom instance resides.

      Zone

      Select at least two zones. For example, if the RDS Custom instance resides in the China (Shanghai) region, Shanghai Zone E and Shanghai Zone L are selected, and a vSwitch in each zone is selected.

      IP Version

      Select an IP version. In this example, IPv4 is selected.

      Service-linked Role

      If this is the first time you create an NLB instance, click Create Role to create a service-linked role named AliyunServiceRoleForNlb. The role is assigned the AliyunServiceRolePolicyForNlb policy, which allows NLB to access other cloud services. For more information, see System policies for NLB.

      Instance Name

      Enter an instance name.

      Resource Group

      Select a resource group.

    Step 2: Create a server group for the NLB instance

    1. In the left-side navigation pane, choose NLB > Server Group.

    2. On the Server Group page, click Create Server Group.

    3. In the Create Server Group dialog box, configure the parameters and click Create.

      The following table describes only the key parameters. Other parameters use the default values. For more information, see Create and manage a server group.

      Parameter

      Description

      Server Group Type

      Select a server group type. In this example, IP is selected.

      Server Group Name

      Enter a name for the server group.

      VPC

      Select the VPC in which the RDS Custom instance resides.

      Backend Server Protocol

      Select a backend protocol. In this example, TCP is selected.

      Scheduling Algorithm

      Select a scheduling algorithm. In this example, Weighted Round-Robin is selected.

      Health Check

      The health check is enabled by default, and default health check settings are used.

    4. Click the ID of the server group to go to the Backend Servers tab.

    5. Click Add IP Address. In the Add Backend Server panel, add the private IP address of the RDS Custom instance and click Next.

    6. In the Ports/Weights step, set the Port parameter to 80 and the Weight parameter to 100 and click OK.

      Note

      If multi-port forwarding is enabled for a server group, you do not need to specify a port when you add a backend server. NLB forwards requests to the backend server based on the frontend port.

    Step 3: Configure a listener

    1. In the left-side navigation pane, choose NLB > Instances.

    2. On the Instances page, find the NLB instance that you want to manage and click Create Listener in the Actions column.

    3. On the Configure Server Load Balancer page, configure the parameters and click Next.

      The following table describes only the key parameters. Other parameters use the default values. For more information, see Add a TCP listener.

      Parameter

      Description

      Select Listener Protocol

      Select a listener protocol. In this example, TCP is selected.

      Listener Port

      Specify the listener port to receive and forward requests to backend servers. In this example, port 80 is specified.

      Listener Name

      Enter a name for the listener.

      Advanced Settings

      In this example, the default settings are used. You can click Modify to modify the settings.

    4. In the Server Group step, set the Server Type parameter to IP, select a server group from the drop-down list, view the backend server, and then click Next.

    5. In the Confirm step, confirm the configurations and click Submit.

    6. Click OK to return to the Listener tab. After the value in the Health Check Status column changes to Healthy, the RDS Custom instance can process the requests that are forwarded by the NLB instance.

    Step 4: Verify results

    1. Go to the Instance Details tab of the NLB instance and obtain the value of the Domain Name parameter of the NLB instance.

      image

      You can use CNAME records to map the custom domain name to the domain name of the NLB instance. For more information, see Add a DNS record.

    2. Run the following telnet command on an ECS instance that resides in the same region and VPC as the RDS Custom instance to verify the forwarding result. In this example, an ECS instance running CentOS 7 is used.

      Note

      If Telnet is not installed, you must run the yum install -y telnet command to install Telnet. 

      telnet <Destination address> <Listener port>

      • Destination address: the domain name of the NLB instance or the private IP address of the RDS Custom instance. In this example, the domain name of the NLB instance is used.

      • Listener port: the listener port configured for the NLB instance. In this example, port 80 is used.

      Examples:

      telnet nlb-r3rw8kyfwm5bfm****.cn-shanghai.nlb.aliyuncsslb.com 80

      If the following packet is returned, the NLB instance can forward requests to backend servers. 

      Trying 47.116.XXX.XXX...
Connected to nlb-r3rw8kyfwm5bfm****.cn-shanghai.nlb.aliyuncsslb.com.
Escape character is '^]'.

    3. Run the curl command to access the default web page of the NGINX service deployed on the RDS Custom instance. 

      curl http://nlb-r3rw8kyfwm5bfm****.cn-shanghai.nlb.aliyuncsslb.com

      The following result is returned:

      Hello World !  this is RDS Custom.

    (Optional) Use an NLB instance to forward requests to the RDS Custom instance over the Internet

    1. Log on to the NLB console.

    2. In the top navigation bar, select the region in which the NLB instance resides.

    3. On the Instances page, find the internal-facing NLB instance that you want to manage and click the instance ID.

    4. On the Instance Details tab of the instance details page, go to the Basic Information section and click Change Network Type next to IPv4 on the right side of the Network Type parameter.

    5. In the Change Network Type dialog box, set the IP Address Type parameter to EIP.

    6. Select Purchase EIP from the Assign EIP drop-down list or specify an existing EIP. Then, click OK.

      Note

      You must assign an EIP to each zone in the list.

      If you select Purchase EIP, the purchased EIP is released when you release the NLB instance or change the network type from Internet-facing to internal-facing. If you specify an existing EIP, the existing EIP is retained when you release the NLB instance or change the network type from Internet-facing to internal-facing.

      You can view the details about an EIP in the EIP console.

    7. Return to the Instance Details tab to check the value of the Network Type parameter.

      It requires about 1 minute to apply the change. If the value of the Network Type parameter on the Instance Details tab changes to Public, the network type is changed.

    8. Verify the result.

      Visit http://nlb-r3rw8kyfwm5bfm****.cn-shanghai.nlb.aliyuncsslb.com. The web page is normally loaded, and Hello World ! this is RDS Custom. is displayed.

    References