AWS Certified Advanced Networking Specialty Notes - Load Balancing


  • Both Classic Load Balancers and Application Load Balancers use connection multiplexing. This means that requests from multiple clients on multiple front-end connections can be routed to a given target through a single backend connection. Connection multiplexing improves latency and reduces the load on your applications. To prevent connection multiplexing, disable HTTP keep-alives by setting the Connection: close header in your HTTP responses.
  • You can set an idle timeout value for both Application Load Balancers and Classic Load Balancers. The default value is 60 seconds.
  • Application Load Balancers and Classic Load Balancers support pipelined HTTP on front-end connections. They do not support pipelined HTTP on backend connections.
  • Idle timeout for TCP flows is 350 seconds and cannot be modified. TCP Keepalives can be used to reset the timeout.
  • Idle timeout for UDP is 120 seconds. The load balancer maintains UDP flow state based on src/dst IPs and ports
  • Naming syntax:
  • One IP address per enabled Availability Zone.

Routing Algorithms

Application Load Balancers

  1. Evaluates the listener rules in priority order to determine which rule to apply.
  2. Selects a target from the target group for the rule action, using the round robin routing algorithm.
    Routing is performed independently for each target group, even when a target is registered with multiple target groups.

Network Load Balancers

  1. Selects a target from the target group for the default rule using a flow hash algorithm. It bases the algorithm on:
    • The protocol
    • The source IP address and source port
    • The destination IP address and destination port
    • The TCP sequence number
  2. Routes each individual TCP connection to a single target for the life of the connection. The TCP connections from a client have different source ports and sequence numbers, and can be routed to different targets.

Classic Load Balancers

The load balancer node that receives the request selects a registered instance using:

  • The round robin routing algorithm for TCP listeners
  • The least outstanding requests routing algorithm for HTTP and HTTPS listeners

Cross-Zone load balancing

Enables the load balancer to distribute traffic across the registered targets in all enabled AZs. Disabled, each node only directs traffic to targets in its own AZ.

Cross-Zone Load Balancing User Guide


LB Type Default
ALB Always enabled
NLB Disabled, can enable anytime after creation
CLB Depends - console is enabled

HTTP Headers

Application Load Balancers and Classic Load Balancers support X-Forwarded-For, X-Forwarded-Proto, and X-Forwarded-Port headers.

For front-end connections that use HTTP/2, the header names are in lowercase. Before the request is sent to the target using HTTP/1.1, the following header names are converted to mixed case: X-Forwarded-For, X-Forwarded-Proto, X-Forwarded-Port, Host, X-Amzn-Trace-Id, Upgrade, and Connection. All other header names are in lowercase.

Application Load Balancers and Classic Load Balancers honor the connection header from the incoming client request after proxying the response back to the client. HTTP Header Limits

The following size limits for Application Load Balancers are hard limits that cannot be changed.

HTTP/1.x Headers

Request line: 16 K

Single header: 16 K

Whole header: 64 K

HTTP/2 Headers

Request line: 8 K

Single header: 8 K

Whole header: 64 K