Aviatrix Answers

How to load balance hybrid environments using AWS NLB and ALB with Aviatrix Cloud Gateway?

ALB and NLB - IP addresses As a Target

AWS now offers a rich set of Elastic Load Balancing solutions addressing many cloud based load balancing use cases and scenarios at various protocol, performance and traffic levels. Broadly speaking, ALB (Application Load Balancer) operates at Layer 7 and NLB (Network Load Balancer) operates at Layer 4.

While NLB brings many new capabilities, an interesting new feature allows NLB to specify an "IP address as a target" in addition to specifying instance ID as target. More details here: IP address to be specified as target.

Customers can now choose to have load balancer targets that are spread between AWS VPCs and on premise data centers enable applications that are load balanced across a hybrid cloud.

Note: NLB supports hybrid-clouds built using AWS Direct Connect; it does not allow hybrid load balancing over hybrid-clouds built using AWS IPSec Hardware VPNs that terminate on AWS VGW.

The figure above illustrates a hybrid cloud built using Aviatrix Cloud Gateways and the AWS NLB load balancing IP targets that are deployed across a hybrid cloud.

Load Balancing Across Hybrid Clouds

IP as a target NLB capability enables many practical use cases where the NLB can be used to load balance applications that need to be deployed across a hybrid cloud.

Use Case 1 - De-duplicating Security Infrastructure

An internet facing web application that is deployed in AWS has the need for many security services front ending it, such as a stateful firewall (FW), as well as a network (NLB) or application (ALB) load balancer.

If one of the tiers of the web application (for example, a database tier or an authentication tier like AD is deployed on-prem), typically this on-prem tier will need additional Firewall services to be setup on-prem.

Using NLB and Aviatrix Hybrid Networking, it is now possible to deploy the security and load balancing services only in one place (in AWS) saving enterprise having to purchase, deploy and manage these on-prem.

The figure below shows a multi-tier hybrid web application that is firewalled only in AWS VPC.

Use Case 2- Migrating Load Balanced Applications to the Cloud

SI's or Cloud Operations teams that are performing application migration to AWS generally must migrate all the load balancer targets in one shot. In many situations, this may be impractical or undesirable.

Using NLB and Aviatrix Hybrid Networking, it is now possible to migrate a load balanced application from on-prem to AWS, one target at a time. This gives SIs performing application migration to migrate applications more flexibility with less constrains.

The figure below shows a load balanced application where some of the targets are still on-prem.

Detailed description of setup and configuration of a hybrid load balanced application using AWS NLB and Aviatrix Cloud GW can be found here: