June 21, 2022

Getting started with AWS ELB - Network Load Balancer

This article is a quick introduction to network load balancing and how to create a Network Load Balancer on AWS.

Introduction

AWS Elastic Load Balancer helps to manage and control the flow of inbound requests destined to a group of targets by distributing these requests evenly across the targeted resource group. These targets could be a group of EC2 Instances, Containers, Lambda functions or a range of IP addresses.

Depending on the traffic distribution there are different types of ELBs available within AWS including Application Load Balancer, Network Load Balancer, Gateway Load Balancer, and Classic Load Balancer.

In this article we will focus on Network Load Balancer. Network Load Balancers are used for ultra high performance while at the same time maintaining very low latencies. It operates at the connection level, routing traffic to targets within your VPC. It is capable of handling millions of requests per second. The Network Load Balancer works at layer 4 of the OSI model, which is the Transport layer, enabling you to balance requests purely based on TCP and UDP protocols.

Creating a Network Load Balancer on AWS

Following are the steps to create a Network Load Balancer on AWS:

  1. Login to AWS account by the link https://aws.amazon.com
  1. Navigate to EC2 Console.
  1. On the Left side panel select Load balancers
Load balancers
  1. Once the Load Balancer console opens select Create Load Balancer
Create Load Balancer
  1. Select the load balancer type as Network Load Balancer and click on Create button

Select the load balancer type

  1. Enter the name you want to give to the Load balancer under the Basic Configuration section
basic configuration

  1. Select the Scheme as required. When you create a load balancer, you have to choose whether to make it an internal load balancer or an internet-facing load balancer. In internet-facing load balancer nodes have public IP addresses. In internal load balancer nodes have only private IP addresses.

scheme for load balancer

  1. Select the IP Address type

Choose IPv4 if your clients use IPv4 addresses to communicate with the load balancer, or choose Dualstack if your clients use both IPv4 and IPv6 addresses to communicate with the load balancer.

Select the IP Address type

  1. For Network Mapping select the VPC and enable at least one Availability Zone, to increase the fault tolerance. Also select the subnet for each zone.
select the VPC and enable at least one Availability Zone

  1. In the Listeners and routing section configure the protocol and port. Traffic received by the listener is then routed per your specification. You can specify multiple rules and multiple certificates per listener after the load balancer is created.
configure the protocol and port in listeners and routing

  1. Add Tags to your Load Balancer. Though this is a good practice, but this is optional
add tags

  1. Once done with the configuration of the Load Balancer, check the Summary section and go through all the details you have provided. Then select Create Load Balancer and the load balancer will be created successfully.

Conclusion

This article is a quick walkthrough of how you can create a Network Load Balancer on AWS. It serves as a step by step guide for those who are looking to get started with AWS Network Load Balancers.

You can also check out How to create Application Load Balancer on AWS as covered in our last academy article. We have also published an interesting article on How to protect your AWS Load Balancers against HTTP Desync Attacks that you might find interesting.

***

This article is brought to you by Kloudle Academy, a free e-resource compilation, created and curated by Kloudle. Kloudle is a cloud security management platform that uses the power of automation and simplifies human requirements in cloud security. Receive alerts for Academy by subscribing here.

Written by:
Priyam Singh

Priyam Singh

Cloud Security Specialist

Priyam is a Cloud Security Specialist at Kloudle. She also has experience as DevSecOps Engineer. She is part of security communities such as Infosecgirls and null - The Open Security Community. An active speaker and contributor to various security communities. She has given various technical talks and published content on DevSecOps.

Read more