Network Load Balancer (NLB) is a next-generation Layer 4 load balancing service from Alibaba Cloud that is designed for the Internet of Things (IoT) era. NLB provides ultra-high performance and automatic elastic scaling. A single NLB instance can support up to 100 million concurrent connections, which lets you easily handle high-concurrency workloads. For more information, see NLB performance and limits.
Benefits
Ultra-high performance
A single NLB instance can support up to 100 million concurrent connections and 100 Gbps of bandwidth. This makes NLB ideal for high-concurrency Internet of Things (IoT) scenarios that involve a massive number of device connections.
Automatic elastic scaling
You do not need to specify an instance type for an NLB instance. NLB automatically scales its performance based on your workload.
High availability
A multilayer disaster recovery architecture ensures instance availability through mechanisms such as cluster disaster recovery, session persistence, and multi-zone active-active deployment.
TCP SSL offloading
NLB supports large-scale TCP SSL offloading. You can centrally manage SSL certificates and offload SSL processing to NLB to improve the processing efficiency of backend servers.
Multi-scenario traffic distribution
NLB can use IP addresses as backend servers. You can use NLB with Cloud Enterprise Network (CEN) to distribute traffic across regions, VPCs, and on-premises data centers.
Rich advanced features
NLB supports advanced features, such as dual-stack (IPv4/IPv6), listening on all ports, new connection rate limiting, and connection draining, to meet various business requirements.
Scenarios
Ingress for IoT services
You can use NLB for services such as smart homes, smart parking, video surveillance, and the Internet of Vehicles (IoV). NLB serves as the ingress for your services and can process many concurrent connections. NLB also supports SSL offloading for TCP traffic and limits the number of new connections per second to ensure the security and stability of your IoT services.
Ingress for Internet-facing cloud services
NLB can serve as an ingress for Internet traffic. An NLB instance provides high-performance Layer 4 processing and automatically scales based on workload changes. This requires no manual intervention during workload fluctuations and reduces operations management costs.
Ingress for hybrid cloud services
NLB lets you add servers in on-premises data centers (IDCs) as backend servers. You can use NLB with Cloud Enterprise Network (CEN) to forward requests from the cloud to on-premises servers. This enables seamless connectivity between on-premises IDCs and cloud services.
NLB components
Term | Description |
Instance | NLB operates at Layer 4 and provides ultra-high Layer 4 load balancing capabilities, increasing the service throughput capacity of your applications by distributing traffic across different backend servers. An NLB instance supports up to 100 million concurrent connections. |
Listener | A listener is the smallest configurable unit of NLB. You must configure a protocol and a port on a listener to tell NLB what traffic to process, such as TCP traffic on port 80. NLB supports TCP, UDP, and SSL over TCP. Each NLB instance must have at least one listener to start processing and distributing traffic. For the maximum number of listeners that can be configured for each NLB instance by default, see NLB quotas. |
Server group | A server group is a logical group that contains one or more backend servers to process requests distributed by NLB. Server groups for NLB are independent of NLB, and you can attach the same server group to different NLB instances. For the maximum number of backend servers that you can add to each server group by default, see NLB Quotas. You can specify Elastic Compute Service (ECS) instances, elastic container instances, and elastic network interfaces (ENIs) as the backend servers of NLB. You can also add backend servers by IP address. For more information, see: |
Health check | NLB determines the availability of backend servers through health checks. NLB detects unhealthy servers in server groups and avoids distributing traffic to unhealthy servers. NLB supports extensive and flexible health check configurations, such as protocol, port, and various health check thresholds. |
NLB types
This topic describes the network types and protocol versions of NLB. The following figure shows dual-stack Internet-facing NLB instances and dual-stack internal-facing NLB instances.
Network types
Alibaba Cloud provides Internet-facing and internal-facing NLB instances. You can specify the type of NLB instance based on your requirements. The NLB instance type determines whether you can use Internet Shared Bandwidth and Elastic IP Address (EIP) instances. In the preceding figure, the elements in the semi-transparent boxes represent an Internet-facing NLB instance and an internal-facing NLB instance.
Term | Description |
Domain name | A domain name that can be accessed over the Internet or a private network and can be resolved to the virtual IP address (VIP) of an NLB instance. You can also configure Canonical Name (CNAME) records to map readable domain names that you own to the domain name of NLB. Note Starting at 00:00:00 on November 15, 2024 (UTC+8), all newly created NLB instances use a new domain name. Alibaba Cloud will no longer allow direct access using the platform-provided default domain name. Existing NLB instances created before 00:00:00 on November 15, 2024 (UTC+8) are unaffected. For details, see Load Balancer domain name upgrade announcement. |
Internet Shared Bandwidth | You need to use Internet Shared Bandwidth only when you create an Internet-facing NLB instance. Internet Shared Bandwidth provides region-level bandwidth sharing and reuse and supports multiple billing methods, such as pay-by-bandwidth and pay-by-enhanced-95th-percentile, to help you reduce Internet bandwidth costs. Internet-facing NLB instances use Internet Shared Bandwidth to support the pay-by-bandwidth and pay-by-enhanced-95th-percentile billing methods. |
EIP | Only Internet-facing NLB instances require EIPs. You do not need to configure EIPs when creating internal-facing NLB instances. An EIP is the IP address that NLB uses to provide services over the Internet. An Internet-facing NLB instance can have multiple EIPs. To ensure high availability, an Internet-facing NLB instance must include at least two EIPs distributed across different zones. |
VIP (Virtual IP address) | VIPs of NLB are the entities that distribute traffic. Each VIP is a private IP address that belongs to a virtual private cloud (VPC). |
Protocol versions
NLB supports IPv4 and dual-stack networking.
Term | Description |
IPv4 | An IPv4 instance exposes an IPv4 virtual IP address (VIP). |
Dual-stack | Dual-stack NLB instances provide both IPv4 and IPv6 VIPs. Each instance uses a single unified domain name for external access. |
Activate NLB
Click Create Network Load Balancer to go to the NLB product page.
Deploy and manage NLB
After you create an Alibaba Cloud account, you can deploy and manage NLB instances in the following ways:
NLB console: a web-based user interface that you can use to manage your NLB service. You can log on to the console to create, manage, or release NLB instances. For more information, see Create and manage an NLB instance.
Alibaba Cloud SDK: SDKs for Java, Go, Python, and other programming languages.
OpenAPI Explorer: Allows you to quickly search for API operations, call them online, and dynamically generate SDK sample code.
Terraform: An open-source tool that uses configuration files to provision and manage compute resources on Alibaba Cloud and other supported platforms. Terraform provides built-in version control.