AWS ALB vs NLB
Huge workloads demand many resources and when there are many resources it becomes difficult to manage. This is where load balancers come into picture. Load balancers act like managers of these resources and they perform the task of distributing workloads equally across all resources. There are several algorithms used in the load balancing nodes - Round Robin, Weighted Round Robin, Chained Failover, Weighted Response Time to name a few.
But, these algorithms are not the topic today. We are talking about AWS Application Load Balancers (ALB) and Network Load Balancers (NLB). AWS offers 3 types of load balancers - the third one being Classic Load Balancer which is legacy.
NLBs work on the transport layer of OSI model. Load assignment decisions are done using above mentioned algorithms but these algorithms work on certain inputs. These inputs are nothing but the incoming traffic parameters, based on which load balancers route incoming requests to appropriate internal nodes. Since NLBs work on Layer 4 (Transport) they have access to address information and other bits which are available on TCP protocol and they don’t care about other packets of information. They usually have dedicated hardware. Since it required less computation, NLBs have been a popular choice in the past however they do have a hefty presence even today.
ALBs on the other hand are Layer 7 (Application) load balancers. Since they work on HTTP/HTTPS they have access to much more information. With respect to the history, these could also be imagined as an evolved version of NLBs where the evolution is attributed to improved hardware capabilities and computing power. ALBs have access to request headers as well as the content of the message, based on which complex routing rules can be configured. This really gives a freehand on the overall load balancing concept which helps improve the efficiency of the system.
ALBs come across as an obvious choice when it comes to load balancers, but one case where I have to select NLB over ALB is in case of setting up mutual authentication. ALBs are known to terminate SSL connection when the request hits them, thus the request does not carry client certificate to the actual node for client certification validation. Thus I decided to use NLB which is not so intelligent.