Q: How do I decide which load balancer to select for my
application?
Elastic Load Balancing supports three types of load
balancers. You can select the appropriate load balancer based on your
application needs. If you need flexible application management and TLS
termination then we recommend you to use Application Load Balancer. If extreme
performance and static IP is needed for your application then we recommend you
to use Network Load Balancer. If your application is built within the EC2
Classic network then you should use Classic Load Balancer.
Q: Can I privately access Elastic Load Balancing APIs
from my Amazon Virtual Private Cloud (VPC) without using public IPs?
Yes, you can privately access Elastic Load Balancing APIs
from your Amazon Virtual Private Cloud (VPC) by creating VPC Endpoints.
With VPC Endpoints, the routing between the VPC and Elastic Load Balancing APIs
is handled by the AWS network without the need for an Internet gateway, NAT
gateway, or VPN connection. The latest generation of VPC Endpoints used by
Elastic Load Balancing are powered by AWS PrivateLink,
an AWS technology enabling the private connectivity between AWS services using
Elastic Network Interfaces (ENI) with private IPs in your VPCs. To learn more
about AWS PrivateLink, visit the AWS PrivateLink
documentation.
Application Load Balancer
FAQ
Q: Wich operating systems does an
Application Load Balancer support?
An Application Load Balancer supports targets with any operating system
currently supported by the Amazon EC2 service.
Q: Which protocols does an
Application Load Balancer support?
An Application Load Balancer supports load balancing of applications
using HTTP and HTTPS (Secure HTTP) protocols.
Q: Is HTTP/2 Supported on an Application Load Balancer?
Yes. HTTP/2 support is enabled natively on an Application Load Balancer. Clients that support HTTP/2 can connect to an Application Load Balancer over TLS.
Yes. HTTP/2 support is enabled natively on an Application Load Balancer. Clients that support HTTP/2 can connect to an Application Load Balancer over TLS.
Q:What TCP ports can I use to load balance?
You can perform load balancing for the following TCP ports: 1-65535
You can perform load balancing for the following TCP ports: 1-65535
Q: Is WebSockets supported on an Application Load Balancer?
Yes. WebSockets and Secure WebSockets support is available natively and ready for use on an Application Load Balancer
Yes. WebSockets and Secure WebSockets support is available natively and ready for use on an Application Load Balancer
Q: Is Request tracing supported on an Application Load Balancer?
Yes. Request tracing is enabled by default on your Application Load Balancer.
Yes. Request tracing is enabled by default on your Application Load Balancer.
Q: Will my existing load balancers (Classic Load Balancers) have the
same features and benefits of an Application Load Balancer?
While there is some overlap, we do not plan to maintain feature parity between the two types of load balancers. Application Load Balancers are the foundation of our application layer load-balancing platform for the future.
While there is some overlap, we do not plan to maintain feature parity between the two types of load balancers. Application Load Balancers are the foundation of our application layer load-balancing platform for the future.
Q: Can I configure my Amazon EC2 instances to accept traffic only from
my Application Load Balancers?
Yes.
Yes.
Q: Can I configure a security group for the front-end of an Application
Load Balancer?
Yes.
Yes.
Q: Can I use the existing APIs that I use with my Classic Load Balancer
with an Application Load Balancer?
No. Application Load Balancers require a new set of APIs.
No. Application Load Balancers require a new set of APIs.
Q: How do I manage both Application and Classic Load Balancers
simultaneously?
The ELB Console will allow you to manage Application and Classic Load Balancers from the same interface. If you are using the CLI or an SDK, you will use a different ‘service’ for Application Load Balancers. For example, in the CLI you will describe your Classic Load Balancers using `aws elb describe-load-balancers` and your Application Load Balancers using `aws elbv2 describe-load-balancers`.
The ELB Console will allow you to manage Application and Classic Load Balancers from the same interface. If you are using the CLI or an SDK, you will use a different ‘service’ for Application Load Balancers. For example, in the CLI you will describe your Classic Load Balancers using `aws elb describe-load-balancers` and your Application Load Balancers using `aws elbv2 describe-load-balancers`.
Q: Can I convert my Classic Load Balancer to an Application Load
Balancer (and vice versa)?
No, you cannot convert one load balancer type into another.
No, you cannot convert one load balancer type into another.
Q: How do I migrate to an Application Load Balancer?
Attach the same back-end instances to both a Classic Load Balancer and an Application Load Balancer simultaneously. This allows you to migrate traffic from one endpoint to another without altering their existing stack. Be sure to test the behavior of the application on the new platform before changing DNS to point to the Application Load Balancer.
Attach the same back-end instances to both a Classic Load Balancer and an Application Load Balancer simultaneously. This allows you to migrate traffic from one endpoint to another without altering their existing stack. Be sure to test the behavior of the application on the new platform before changing DNS to point to the Application Load Balancer.
Q: Can I use an Application Load Balancer as a Layer-4 load balancer?
No. If you need Layer-4 features, you should use Network Load Balancer.
No. If you need Layer-4 features, you should use Network Load Balancer.
Q: Can I use a single Application Load Balancer for handling HTTP and
HTTPS requests?
Yes, you can add listeners for HTTP port 80 and HTTPS port 443 to a single Application Load Balancer.
Q: Can I get a history of Application Load Balancing API calls made on my account for security analysis and operational troubleshooting purposes?
Yes. To receive a history of Application Load Balancing API calls made on your account, use AWS CloudTrail.
Yes, you can add listeners for HTTP port 80 and HTTPS port 443 to a single Application Load Balancer.
Q: Can I get a history of Application Load Balancing API calls made on my account for security analysis and operational troubleshooting purposes?
Yes. To receive a history of Application Load Balancing API calls made on your account, use AWS CloudTrail.
Q: Does an Application Load Balancer support HTTPS termination?
Yes, you can terminate HTTPS connection on the Application Load Balancer. You must install an SSL certificate on your load balancer. The load balancer uses this certificate to terminate the connection and then decrypt requests from clients before sending them to targets.
Yes, you can terminate HTTPS connection on the Application Load Balancer. You must install an SSL certificate on your load balancer. The load balancer uses this certificate to terminate the connection and then decrypt requests from clients before sending them to targets.
Q: What are the steps to get a SSL certificate?
You can either use AWS Certificate Manager to provision an SSL/TLS certificate or you can obtain the certificate from other sources by creating the certificate request, getting the certificate request signed by a CA, and then uploading the certificate either using AWS Certification Manager or the AWS Identity and Access Management (IAM) service.
You can either use AWS Certificate Manager to provision an SSL/TLS certificate or you can obtain the certificate from other sources by creating the certificate request, getting the certificate request signed by a CA, and then uploading the certificate either using AWS Certification Manager or the AWS Identity and Access Management (IAM) service.
Q: How does an Application Load Balancer integrate with AWS Certificate
Manager (ACM)?
An Application Load Balancer is integrated with AWS Certificate Management (ACM). Integration with ACM makes it very simple to bind a certificate to the load balancer thereby making the entire SSL offload process very easy. Purchasing, uploading, and renewing SSL/TLS certificates is a time-consuming manual and complex process. With ACM integration with Application Load Balancer, this whole process has been shortened to simply requesting a trusted SSL/TLS certificate and selecting the ACM certificate to provision it with the load balancer.
An Application Load Balancer is integrated with AWS Certificate Management (ACM). Integration with ACM makes it very simple to bind a certificate to the load balancer thereby making the entire SSL offload process very easy. Purchasing, uploading, and renewing SSL/TLS certificates is a time-consuming manual and complex process. With ACM integration with Application Load Balancer, this whole process has been shortened to simply requesting a trusted SSL/TLS certificate and selecting the ACM certificate to provision it with the load balancer.
Q: Is back-end server authentication supported with an Application Load
Balancer?
No, only encryption is supported to the back-ends with an Application Load Balancer.
No, only encryption is supported to the back-ends with an Application Load Balancer.
Q: How can I enable Server Name Indication (SNI) for my Application Load
Balancer?
SNI is automatically enabled when you associate more than one TLS certificate with the same secure listener on a load balancer. Similarly, SNI mode for a secure listener is automatically disabled when you have only one certificate associated to a secure listener.
SNI is automatically enabled when you associate more than one TLS certificate with the same secure listener on a load balancer. Similarly, SNI mode for a secure listener is automatically disabled when you have only one certificate associated to a secure listener.
Q: Can I associate multiple certificates for the same domain to a secure
listener?
Yes, you can associate multiple certificates for the same domain to a secure listener. For example, you can asoociate
(a) ECDSA and RSA certificates
(b) Certificates with different key sizes (e.g. 2K and 4K) for SSL/TLS certificates
(c) Single-Domain, Multi-Domain (SAN) and Wildcard certificates
Yes, you can associate multiple certificates for the same domain to a secure listener. For example, you can asoociate
(a) ECDSA and RSA certificates
(b) Certificates with different key sizes (e.g. 2K and 4K) for SSL/TLS certificates
(c) Single-Domain, Multi-Domain (SAN) and Wildcard certificates
Q: Is IPv6 supported with an Application Load Balancer?
Yes, IPv6 is supported with an Application Load Balancer.
Yes, IPv6 is supported with an Application Load Balancer.
Q: How do you set up rules on an Application Load Balancer?
You can configure rules for each of your listeners you configure for the load balancer. The rules include a condition and a corresponding action if the condition is satisfied. The condition will be a path URL path of a service (e.g. /img) and action is forward. Once you have set this up, the load balancer will use the rules to determine the service to which the request must be routed.
You can configure rules for each of your listeners you configure for the load balancer. The rules include a condition and a corresponding action if the condition is satisfied. The condition will be a path URL path of a service (e.g. /img) and action is forward. Once you have set this up, the load balancer will use the rules to determine the service to which the request must be routed.
Q: Are there limits on the resources for an Application Load Balancer?
Your AWS account has these limits for an Application Load Balancer.
Your AWS account has these limits for an Application Load Balancer.
Q. How can I protect my web applications behind a load balancer from web
attacks?
You can integrate your Application Load Balancer with AWS WAF, a web application firewall that helps protect web applications from attacks by allowing you to configure rules based on IP addresses, HTTP headers, and custom URI strings. Using these rules, AWS WAF can block, allow, or monitor (count) web requests for your web application. Please see AWS WAF Developer Guide for more information.
You can integrate your Application Load Balancer with AWS WAF, a web application firewall that helps protect web applications from attacks by allowing you to configure rules based on IP addresses, HTTP headers, and custom URI strings. Using these rules, AWS WAF can block, allow, or monitor (count) web requests for your web application. Please see AWS WAF Developer Guide for more information.
Q: Can I load balance to any arbitrary IP address?
You can use any IP address from the load balancer’s VPC CIDR for targets within load balancer’s VPC and any IP address from RFC 1918 ranges (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) or RFC 6598 range (100.64.0.0/10) for targets located outside the load balancer’s VPC (for example, targets in Peered VPC, EC2-Classic and on-premises locations reachable over AWS Direct Connect or VPN connection).
You can use any IP address from the load balancer’s VPC CIDR for targets within load balancer’s VPC and any IP address from RFC 1918 ranges (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) or RFC 6598 range (100.64.0.0/10) for targets located outside the load balancer’s VPC (for example, targets in Peered VPC, EC2-Classic and on-premises locations reachable over AWS Direct Connect or VPN connection).
Q: How can I load balance applications distributed across a VPC and
on-premises location?
There are various ways to achieve hybrid load balancing. If an application runs on targets distributed between a VPC and an on-premises location, you can add them to the same target group using their IP addresses. To migrate to AWS without impacting your application, gradually add VPC targets to the target group and remove on-premises targets from the target group. If you have two different applications such that the targets for one application are in a VPC and the targets for other applications are in on-premises location, you can put the VPC targets in one target group and the on-premises targets in another target group and use content based routing to route traffic to each target group. You can also use separate load balancers for VPC and on-premises targets and use DNS weighting to achieve weighted load balancing between VPC and on-premises targets.
There are various ways to achieve hybrid load balancing. If an application runs on targets distributed between a VPC and an on-premises location, you can add them to the same target group using their IP addresses. To migrate to AWS without impacting your application, gradually add VPC targets to the target group and remove on-premises targets from the target group. If you have two different applications such that the targets for one application are in a VPC and the targets for other applications are in on-premises location, you can put the VPC targets in one target group and the on-premises targets in another target group and use content based routing to route traffic to each target group. You can also use separate load balancers for VPC and on-premises targets and use DNS weighting to achieve weighted load balancing between VPC and on-premises targets.
Q: How can I load balance to EC2-Classic instances?
You cannot load balance to EC2-Classic Instances when registering their Instance IDs as targets. However if you link these EC2-Classic instances to the load balancer's VPC using ClassicLink and use the private IPs of these EC2-Classic instances as targets, then you can load balance to the EC2-Classic instances. If you are using EC2 Classic instances today with a Classic Load Balancer, you can easily migrate to an Application Load Balancer.
You cannot load balance to EC2-Classic Instances when registering their Instance IDs as targets. However if you link these EC2-Classic instances to the load balancer's VPC using ClassicLink and use the private IPs of these EC2-Classic instances as targets, then you can load balance to the EC2-Classic instances. If you are using EC2 Classic instances today with a Classic Load Balancer, you can easily migrate to an Application Load Balancer.
Application Load Balancer Pricing FAQ
Q: How does
Application Load Balancer pricing work?
You are charged for each hour or partial hour that an Application Load Balancer is running and the number of Load Balancer Capacity Units (LCU) used per hour.
You are charged for each hour or partial hour that an Application Load Balancer is running and the number of Load Balancer Capacity Units (LCU) used per hour.
Q: What is a
Load Balancer Capacity Unit (LCU)?
An LCU is a new metric for determining how you pay for an Application Load Balancer. An LCU defines the maximum resource consumed in any one of the dimensions (new connections, active connections, bandwidth and rule evaluations) the Application Load Balancer processes your traffic.
An LCU is a new metric for determining how you pay for an Application Load Balancer. An LCU defines the maximum resource consumed in any one of the dimensions (new connections, active connections, bandwidth and rule evaluations) the Application Load Balancer processes your traffic.
Q: Will I be
billed on Classic Load Balancers by LCU?
No, Classic Load Balancers will continue to be billed for bandwidth and hourly usage.
No, Classic Load Balancers will continue to be billed for bandwidth and hourly usage.
Q: How do I know
the number of LCUs an Application Load Balancer is using?
We expose the usage of all four dimensions that constitute an LCU via CloudWatch.
We expose the usage of all four dimensions that constitute an LCU via CloudWatch.
Q: Will I be
billed on all the dimensions in an LCU?
No. The number of LCUs per hour will be determined based on maximum resource consumed amongst the four dimensions that constitutes a LCU.
No. The number of LCUs per hour will be determined based on maximum resource consumed amongst the four dimensions that constitutes a LCU.
Q: Will I be
billed on partial LCUs?
Yes.
Yes.
Q: Is a free
tier offered on an Application Load Balancer for new AWS accounts?
Yes. For new AWS accounts, a free tier for an Application Load Balancer offers 750 hours and 15 LCUs. This free tier offer is only available to new AWS customers, and is available for 12 months following your AWS sign-up date.
Yes. For new AWS accounts, a free tier for an Application Load Balancer offers 750 hours and 15 LCUs. This free tier offer is only available to new AWS customers, and is available for 12 months following your AWS sign-up date.
Q: Can I use a
combination of Application Load Balancer and Classic Load Balancer as part of
my free tier?
Yes. You can use both Classic and Application Load Balancers for 15GB and 15 LCUs respectively. The 750 load balancer hours are shared between both Classic and Application Load Balancers.
Yes. You can use both Classic and Application Load Balancers for 15GB and 15 LCUs respectively. The 750 load balancer hours are shared between both Classic and Application Load Balancers.
Q: What are rule
evaluations?
Rule evaluations are defined as the product of number of rules processed and the request rate averaged over an hour.
Rule evaluations are defined as the product of number of rules processed and the request rate averaged over an hour.
Q: How does the
LCU billing work with different certificate types and key sizes?
Certificate key size affects only the number of new connections per second in the LCU computation for billing.
Network Load Balancer FAQ
Certificate key size affects only the number of new connections per second in the LCU computation for billing.
Network Load Balancer FAQ
Q: Can I create a TCP (Layer 4) listener for my Network
Load Balancer?
Yes. Network Load Balancers support only TCP (Layer 4)
listeners.
Q: What are the key features available with the Network
Load Balancer?
Network Load Balancer provides TCP (Layer 4) load
balancing. It is architected to handle millions of requests/sec, sudden
volatile traffic patterns and provides extremely low latencies. In addition
Network Load Balancer also preserves the source IP of the clients, provides
stable IP support and Zonal isolation. It also supports long-running
connections that are very useful for WebSocket type applications.
Q: How does Network Load Balancer compare to what I get
with the TCP listener on a Classic Load Balancer?
Network Load Balancer preserves the source IP of the
client which in the Classic Load Balancer is not preserved. Customers can use
proxy protocol with Classic Load Balancer to get the source IP. Network Load
Balancer automatically provides a static IP per Availability Zone to the load
balancer and also enables assigning an Elastic IP to the load balancer per
Availability Zone. This is not supported with Classic Load Balancer. Classic
Load Balancer provides SSL termination that is not available with Network Load
Balancer.
Q: How do I migrate to a Network Load Balancer from Classic
Load Balancer?
Attach the same back-end targets to both a Classic Load
Balancer and a Network Load Balancer simultaneously. This allows you to migrate
traffic from one endpoint to another without altering their existing stack. Be
sure to test the behavior of the application on the new platform before
changing DNS to point to the Network Load Balancer.
Q: Are there limits on the resources for my Network Load
Balancer?
Yes, please refer to Network Load Balancer limits
documentation for more information.
Q: Can I use the AWS Management Console to set up my
Network Load Balancer?
Yes, you can use the AWS Management Console, AWS CLI, or
the API to set up a Network Load Balancer.
Q: Can I use the existing API for Classic Load Balancers
for my Network Load Balancers?
No. To create a Classic Load Balancer, use the 2012-06-01
API. To create a Network Load Balancer or an Application Load Balancer, use the
2015-12-01 API.
Q: Can I create my Network Load Balancer in a single
Availability Zone?
Yes, you can create your Network Load Balancer in a
single availability zone by providing a single subnet when you create the load
balancer.
Q: Does Network Load Balancer support DNS regional and
zonal fail-over?
Yes, you can use Amazon Route 53 health checking and DNS
failover features to enhance the availability of the applications running
behind Network Load Balancers. Using Route 53 DNS failover, you can run
applications in multiple AWS Availability zones and designate alternate load
balancers for failover across regions. In the event that you have your Network
Load Balancer configured for multi-AZ, if there are no healthy EC2 instances
registered with the load balancer for that Availability Zone or if the load
balancer nodes in a given zone are unhealthy, then R-53 will fail away to
alternate load balancer nodes in other healthy availability zones.
Q: Can I have a Network Load Balancer with a mix of
ELB-provided IPs and Elastic IPs or assigned private IPs?
No. A Network Load Balancer’s addresses must be
completely controlled by you, or completely controlled by ELB. This is to
ensure that when using Elastic IPs with a Network Load Balancer, all addresses
known to your clients do not change.
Q: Can I assign more than one EIP to my NLB in each
subnet?
No. For each associated subnet that a NLB is in, the NLB
can only support a single public/internet facing IP address
Q: If I remove/delete a Network Load Balancer what will
happen to the Elastic IP addresses that were associated with it?
The Elastic IP Addresses that were associated with your
load balancer will be returned to your allocated pool and made available for
future use.
Q: Does NLB support internal load balancers?
NLB can be set-up as an internet-facing load balancer or
an internal load balancer similar to what is possible with Application Load
Balancer and Classic Load Balancer.
Q: Can the internal Network Load balancer support more
than one private IP in each subnet?
No. For each associated subnet that a load balancer is
in, the NLB can only support a single private IP.
Q: Can I set up Websockets with my Network Load Balancer?
Yes, configure TCP listeners that route the traffic to
the targets that implement WebSockets protocol
(https://tools.ietf.org/html/rfc6455 ). Because WebSockets is a layer 7
protocol and Network Load Balancer is operating at layer 4, no special handling
exists in Network Load Balancer for WebSockets or other higher level protocols.
Q: Can I load balance to any arbitrary IP address?
You can use any IP address from the load balancer’s VPC
CIDR for targets within load balancer’s VPC and any IP address from RFC 1918
ranges (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) or RFC 6598 range
(100.64.0.0/10) for targets located outside the load balancer’s VPC
(EC2-Classic and on-premises locations reachable over AWS Direct Connect).
Q: What benefit will I get by targeting containers behind
a load balancer with IP addresses instead of instance IDs?
Each container on an instance can now have its own
security group and does not need to share security rules with other containers.
You can attach security groups to an ENI and each ENI on an instance can have a
different security group. You can map a container to the IP address of a
particular ENI to associate security group(s) per container. Load balancing
using IP addresses also allows multiple containers running on an instance use
the same port (say port 80). The ability to use the same port across containers
allows containers on an instance to communicate with each other through
well-known ports instead of random ports.
Q: How can I load balance applications distributed across
a VPC and on-premises location?
There are various ways to achieve hybrid load balancing.
If an application runs on targets distributed between a VPC and an on-premises
location, you can add them to the same target group using their IP addresses.
To migrate to AWS without impacting your application, gradually add VPC targets
to the target group and remove on-premises targets from the target group.You
can also use separate load balancers for VPC and on-premises targets and use
DNS weighting to achieve weighted load balancing between VPC and on-premises
targets.
Q: How can I load balance to EC2-Classic instances?
You cannot load balance to EC2-Classic Instances when
registering their Instance IDs as targets. However if you link these
EC2-Classic instances to the load balancer's VPC using ClassicLink and use the
private IPs of these EC2-Classic instances as targets, then you can load
balance to the EC2-Classic instances. If you are using EC2 Classic instances
today with a Classic Load Balancer, you can easily migrate to a Network Load
Balancer.
Network
Load Balancer pricing FAQ
Q:How does Network Load Balancer pricing work?
You are charged for each hour or partial hour that a
Network Load Balancer is running and the number of Load Balancer Capacity Units
(LCU) used by Network Load Balancer per hour.
Q: What is a Load Balancer Capacity Unit (LCU)?
An LCU is a new metric for determining how you pay for a
Network Load Balancer. An LCU defines the maximum resource consumed in any one
of the dimensions (new connections/flows, active connections/flows, and
bandwidth) the Network Load Balancer processes your traffic.
Q: Is new connections/flows per sec same as requests/sec?
No. Multiple requests can be sent in a single connection.
Q: Will I be billed on Classic Load Balancers by LCU?
No. Classic Load Balancers will continue to be billed for
bandwidth and hourly charge
Q: How do I know the number of LCUs a Network Load
Balancer is using?
We will expose the usage of all three dimensions that
constitutes a LCU via Amazon CloudWatch.
Q: Will I be billed on all the dimensions in an LCU?
No. The number of LCUs per hour will be determined based
on maximum resource consumed amongst the three dimensions that constitutes a
LCU.
Q: Will I be billed on partial LCUs?
Yes.
Q: Is a free tier offered on a Network Load Balancer for
new AWS accounts?
Yes. For new AWS accounts, a free tier for a Network Load
Balancer offers 750 hours and 15 LCUs. This free tier offer is only available
to new AWS customers, and is available for 12 months following your AWS sign-up
date.
Q: Can I use a combination of Network Load Balancer,
Application Load Balancer and Classic Load Balancer as part of my free tier?
Yes. You can use Application and Network each for 15 LCUs
and Classic for 15 GB respectively. The 750 load balancer hours are shared
between Application, Network and Classic Load Balancers.
Classic Load Balancer
FAQ
Q: Which operating systems
does the Classic Load Balancer support?
The Classic Load Balancer
supports Amazon EC2 instances with any operating system currently supported by
the Amazon EC2 service.
Q: Which protocols does the
Classic Load Balancer support?
The Classic Load Balancer supports load balancing of applications using HTTP, HTTPS (Secure HTTP), SSL (Secure TCP) and TCP protocols.
The Classic Load Balancer supports load balancing of applications using HTTP, HTTPS (Secure HTTP), SSL (Secure TCP) and TCP protocols.
Q: What TCP ports can I load
balance?
You can perform load balancing for the following TCP ports:
You can perform load balancing for the following TCP ports:
[EC2-VPC] 1-65535
[EC2-Classic] 25, 80, 443,
465, 587, 1024-65535
Q: Does the Classic Load
Balancer support IPv6 traffic?
Yes. Each Classic Load Balancer has an associated IPv4, IPv6, and dualstack (both IPv4 and IPv6) DNS name. IPv6 is not supported in VPC. You can use an Application Load Balancer for native IPv6 support in VPC.
Yes. Each Classic Load Balancer has an associated IPv4, IPv6, and dualstack (both IPv4 and IPv6) DNS name. IPv6 is not supported in VPC. You can use an Application Load Balancer for native IPv6 support in VPC.
Q: Can I configure my Amazon
EC2 instances to only accept traffic from Classic Load Balancers?
Yes.
Yes.
Q: Can I configure a security
group for the front-end of Classic Load Balancers?
If you are using Amazon Virtual Private Cloud, you can configure security groups for the front-end of your Classic Load Balancers.
If you are using Amazon Virtual Private Cloud, you can configure security groups for the front-end of your Classic Load Balancers.
Q: Can I use a single Classic
Load Balancer for handling HTTP and HTTPS requests?
Yes, you can map HTTP port 80 and HTTPS port 443 to a single Classic Load Balancer.
Yes, you can map HTTP port 80 and HTTPS port 443 to a single Classic Load Balancer.
Q: How many connections will
my load balanced Amazon EC2 instances need to accept from each Classic Load
Balancer?
Classic Load Balancers do not cap the number of connections that they can attempt to establish with your load balanced Amazon EC2 instances. You can expect this number to scale with the number of concurrent HTTP, HTTPS, or SSL requests or the number of concurrent TCP connections that the Classic load balancers receive.
Classic Load Balancers do not cap the number of connections that they can attempt to establish with your load balanced Amazon EC2 instances. You can expect this number to scale with the number of concurrent HTTP, HTTPS, or SSL requests or the number of concurrent TCP connections that the Classic load balancers receive.
Q: Can I load balance Amazon
EC2 instances launched using a Paid AMI?
You can load balance Amazon EC2 instances launched using a paid AMI from AWS Marketplace. However, Classic Load Balancers do not support instances launched using a paid AMI from Amazon DevPay site.
You can load balance Amazon EC2 instances launched using a paid AMI from AWS Marketplace. However, Classic Load Balancers do not support instances launched using a paid AMI from Amazon DevPay site.
Q: Can I use Classic Load
Balancers in Amazon Virtual Private Cloud?
Yes -- see the Elastic Load Balancing web page.
Yes -- see the Elastic Load Balancing web page.
Q: Can I get a history of
Classic Load Balancer API calls made on my account for security analysis and
operational troubleshooting purposes?
Yes. To receive a history of Classic Load Balancer API calls made on your account, simply turn on CloudTrail in the AWS Management Console.
Yes. To receive a history of Classic Load Balancer API calls made on your account, simply turn on CloudTrail in the AWS Management Console.
Q: Do Classic Load Balancers
support SSL termination?
Yes you can terminate SSL on Classic Load Balancers. You must install an SSL certificate on each load balancer. The load balancers use this certificate to terminate the connection and then decrypt requests from clients before sending them to the back-end instances.
Q: What are the steps to get a SSL certificate?
You can either use AWS Certificate Manager to provision a SSL/TLS certificate or you can obtain the certificate from other sources by creating the certificate request, getting the certificate request signed by a CA, and then uploading the certificate using the AWS Identity and Access Management (IAM) service.
Q: How do Classic Load Balancers integrate with AWS Certificate Manager (ACM)?
Classic Load Balancers are now integrated with AWS Certificate Management (ACM). Integration with ACM makes it very simple to bind a certificate to each load balancer thereby making the entire SSL offload process very easy. Typically purchasing, uploading, and renewing SSL/TLS certificates is a time-consuming manual and complex process. With ACM integrated with Classic Load Balancers, this whole process has been shortened to simply requesting a trusted SSL/TLS certificate and selecting the ACM certificate to provision it with each load balancer.
Yes you can terminate SSL on Classic Load Balancers. You must install an SSL certificate on each load balancer. The load balancers use this certificate to terminate the connection and then decrypt requests from clients before sending them to the back-end instances.
Q: What are the steps to get a SSL certificate?
You can either use AWS Certificate Manager to provision a SSL/TLS certificate or you can obtain the certificate from other sources by creating the certificate request, getting the certificate request signed by a CA, and then uploading the certificate using the AWS Identity and Access Management (IAM) service.
Q: How do Classic Load Balancers integrate with AWS Certificate Manager (ACM)?
Classic Load Balancers are now integrated with AWS Certificate Management (ACM). Integration with ACM makes it very simple to bind a certificate to each load balancer thereby making the entire SSL offload process very easy. Typically purchasing, uploading, and renewing SSL/TLS certificates is a time-consuming manual and complex process. With ACM integrated with Classic Load Balancers, this whole process has been shortened to simply requesting a trusted SSL/TLS certificate and selecting the ACM certificate to provision it with each load balancer.
No comments:
Post a Comment