Classic ELB
Supported Protocols
HTTP, HTTPS (Secure HTTP), SSL (Secure TCP) and TCP protocols
TCP Ports
[EC2-VPC] 1-65535
[EC2-Classic] 25, 80, 443, 465, 587, 1024-65535
IPv6 support
Each Classic Load Balancer has an associated IPv4, IPv6, and dualstack (both IPv4 and IPv6) DNS name.
IPv6 is not supported in VPC. You can use an Application Load Balancer for native IPv6 support in VPC.
Cross-Zone Load Balancing
This option distributes traffic evenly across all your back-end instances in all Availability Zones.
This reduces to maintain equivalent no of instances in each enabled AZ (But it is recommended to maintain to same no of instances in each AZ for higher fault tolerance)
This option is enabled by default in AWS console
This option is disabled by default in AWS API/CLI
Can I privately access Elastic Load Balancing APIs from my Amazon Virtual Private Cloud (VPC) without using public IPs?
Yes, you can privately access Elastic Load Balancing APIs from your Amazon Virtual Private Cloud (VPC) by creating VPC Endpoints
Application ELB
Supported Protocols
HTTP, HTTPS (Secure HTTP)
TCP ports
1-65535
Can I convert my Classic Load Balancer to an Application Load Balancer (and vice versa)? - No
Can I migrate to Application Load Balancer from Classic Load Balancer? - Yes
Can I use an Application Load Balancer as a Layer-4 load balancer?
No. If you need Layer-4 features, you should use Network Load Balancer.
Is IPv6 supported with an Application Load Balancer? - Yes
Can I associate multiple certificates for the same domain to a secure listener?
Yes, you can associate multiple certificates for the same domain to a secure listener. For example, you can associate
(a) ECDSA and RSA certificates
(b) Certificates with different key sizes (e.g. 2K and 4K) for SSL/TLS certificates
(c) Single-Domain, Multi-Domain (SAN) and Wildcard certificates
Network ELB
Can I create a TCP (Layer 4) listener for my Network Load Balancer?
Yes. Network Load Balancers support only TCP (Layer 4) listeners.
Network Load Balancer Vs TCP listener on a Classic Load Balancer?
Network Load Balancer preserves the source IP of the client which in the Classic Load Balancer is not preserved.
Customers can use proxy protocol with Classic Load Balancer to get the source IP.
Network Load Balancer automatically provides a static IP per Availability Zone to the load balancer and also enables assigning an Elastic IP to the load balancer per Availability Zone. This is not supported with Classic Load Balancer.
Classic Load Balancer provides SSL termination that is not available with Network Load Balancer.
Supported Protocols
HTTP, HTTPS (Secure HTTP), SSL (Secure TCP) and TCP protocols
TCP Ports
[EC2-VPC] 1-65535
[EC2-Classic] 25, 80, 443, 465, 587, 1024-65535
IPv6 support
Each Classic Load Balancer has an associated IPv4, IPv6, and dualstack (both IPv4 and IPv6) DNS name.
IPv6 is not supported in VPC. You can use an Application Load Balancer for native IPv6 support in VPC.
Cross-Zone Load Balancing
This option distributes traffic evenly across all your back-end instances in all Availability Zones.
This reduces to maintain equivalent no of instances in each enabled AZ (But it is recommended to maintain to same no of instances in each AZ for higher fault tolerance)
This option is enabled by default in AWS console
This option is disabled by default in AWS API/CLI
Can I privately access Elastic Load Balancing APIs from my Amazon Virtual Private Cloud (VPC) without using public IPs?
Yes, you can privately access Elastic Load Balancing APIs from your Amazon Virtual Private Cloud (VPC) by creating VPC Endpoints
Application ELB
Supported Protocols
HTTP, HTTPS (Secure HTTP)
TCP ports
1-65535
Can I convert my Classic Load Balancer to an Application Load Balancer (and vice versa)? - No
Can I migrate to Application Load Balancer from Classic Load Balancer? - Yes
Can I use an Application Load Balancer as a Layer-4 load balancer?
No. If you need Layer-4 features, you should use Network Load Balancer.
Is IPv6 supported with an Application Load Balancer? - Yes
Can I associate multiple certificates for the same domain to a secure listener?
Yes, you can associate multiple certificates for the same domain to a secure listener. For example, you can associate
(a) ECDSA and RSA certificates
(b) Certificates with different key sizes (e.g. 2K and 4K) for SSL/TLS certificates
(c) Single-Domain, Multi-Domain (SAN) and Wildcard certificates
Network ELB
Can I create a TCP (Layer 4) listener for my Network Load Balancer?
Yes. Network Load Balancers support only TCP (Layer 4) listeners.
Network Load Balancer Vs TCP listener on a Classic Load Balancer?
Network Load Balancer preserves the source IP of the client which in the Classic Load Balancer is not preserved.
Customers can use proxy protocol with Classic Load Balancer to get the source IP.
Network Load Balancer automatically provides a static IP per Availability Zone to the load balancer and also enables assigning an Elastic IP to the load balancer per Availability Zone. This is not supported with Classic Load Balancer.
Classic Load Balancer provides SSL termination that is not available with Network Load Balancer.
No comments:
Post a Comment