AWS ELB Advanced Configuration Options: A Specialty Study Guide

This guide focuses on the critical configuration settings for AWS Elastic Load Balancing (ELB) required for the Advanced Networking Specialty (ANS-C01), specifically covering traffic distribution, client visibility, and session management.

Learning Objectives

After studying this guide, you should be able to:

Explain the impact of Cross-Zone Load Balancing on fleet utilization.
Differentiate between X-Forwarded-For and Proxy Protocol for client IP preservation.
Configure Session Affinity (Sticky Sessions) for stateful applications.
Select appropriate Routing Algorithms based on workload characteristics.

Key Terms & Glossary

Cross-Zone Load Balancing: A feature that allows a load balancer node to distribute traffic evenly across all registered instances in all enabled Availability Zones (AZs).
Sticky Sessions (Session Affinity): A mechanism that binds a user's session to a specific target, ensuring all requests from that user during the session are sent to the same target.
X-Forwarded-For (XFF): An HTTP header field used to identify the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer.
Proxy Protocol: A Layer 4 mechanism to transport connection information (such as source IP and port) from the source to the destination, used when the underlying protocol is not HTTP.

The "Big Idea"

Load balancing is not just about spreading traffic; it is about optimizing resource utilization while maintaining application context. Without proper configuration, you risk "hot spots" (uneven server load), loss of client identity (security/logging issues), and broken sessions for stateful applications. Advanced configuration bridges the gap between raw network throughput and application-level requirements.

Formula / Concept Box

Feature	Layer	Primary Use Case
X-Forwarded-For	Layer 7 (HTTP)	Preserving Client IP for ALBs.
Proxy Protocol	Layer 4 (TCP)	Preserving Client IP for NLBs or non-HTTP traffic.
Sticky Sessions	Layer 7	Keeping user state on a specific backend server.
Cross-Zone LB	All	Ensuring equal distribution when AZs have unequal instance counts.

Hierarchical Outline

I. Traffic Distribution Optimization
- Cross-Zone Load Balancing
  - Enabled: Traffic is distributed 1/N across all instances in all AZs.
  - Disabled: Traffic is distributed 50/50 to each AZ, then split among instances within that AZ.
- Routing Algorithms
  - Round Robin: Default; rotates through targets (best for short-lived requests).
  - Least Outstanding Requests: Routes to the target with the fewest active requests (best for varied processing times).
II. Client Identity Preservation
- X-Forwarded-For (L7)
  - Used by ALB to append client IP to the HTTP header.
  - Requires backend application to be "XFF-aware."
- Proxy Protocol (L4)
  - Used by NLB to prepend a header to the TCP data.
  - Versions: v1 (Human readable), v2 (Binary).
III. Session Management
- Session Affinity (Sticky Sessions)
  - Duration-based cookies: Managed by the LB.
  - Application-based cookies: Managed by the backend application.

Visual Anchors

Traffic Flow: Cross-Zone LB vs. Zonal LB

Loading Diagram...

Packet Encapsulation: Proxy Protocol

\begin{tikzpicture}[node distance=2cm, every node/.style={rectangle, draw, minimum width=3cm, minimum height=1cm, align=center}] \node (client) {Client \ IP: 1.2.3.4}; \node (lb) [right of=client, xshift=2cm] {NLB \ (Proxy Protocol On)}; \node (target) [right of=lb, xshift=3cm] {Target Server \ (Reads Header)};

code

\draw[->, thick] (client) -- node[above] {Standard TCP} (lb);
\draw[->, thick] (lb) -- node[above] {TCP + [Proxy V2 Header]} (target);
\draw[dashed] (target.south) -- ++(0,-1) node[below] {Sees Source IP: 1.2.3.4};

\end{tikzpicture}

Definition-Example Pairs

Sticky Session: An e-commerce site stores a user's shopping cart in the server's local RAM rather than a database.
- Example: Without stickiness, the user adds an item in AZ-A, but their next click goes to AZ-B where the cart appears empty.
Proxy Protocol: A mail server receiving SMTP traffic via an NLB.
- Example: The mail server needs the client's IP to check against a spam blacklist. Since SMTP is not HTTP, XFF won't work; Proxy Protocol must be used.

Worked Examples

Scenario: Imbalanced AZ Distribution

Problem: You have an ALB with Cross-Zone Load Balancing DISABLED.

AZ-A has 2 instances.
AZ-B has 8 instances.
Total Incoming Traffic: 100 requests per second.

Step-by-Step Breakdown:

Since Cross-Zone is disabled, the LB distributes 50% to AZ-A and 50% to AZ-B.
AZ-A Calculation: 50 requests / 2 instances = 25 requests/instance.
AZ-B Calculation: 50 requests / 8 instances = 6.25 requests/instance.
Result: Instances in AZ-A are under 4x more stress than AZ-B.

Solution: Enabling Cross-Zone LB would result in 100 / 10 = 10 requests/instance across the board.

Checkpoint Questions

Which ELB type supports the X-Forwarded-For header? (Answer: ALB)
If an application requires very long-lived TCP connections, which routing algorithm is generally preferred? (Answer: Least Outstanding Requests)
True/False: Cross-Zone load balancing is enabled by default on ALBs. (Answer: True)
What is the main disadvantage of using Sticky Sessions? (Answer: It can lead to uneven load distribution if a few users are very active.)

Muddy Points & Cross-Refs

XFF vs. Proxy Protocol: Learners often confuse these. Remember: XFF is for Web (HTTP); Proxy Protocol is for everything else (TCP/SSL).
Routing Algorithms: People assume "Round Robin" is always best. However, if some requests take 10ms and others take 10 seconds, Round Robin will cause a backlog. Use Least Outstanding Requests for variable workloads.

Comparison Tables

Feature Support Matrix

Feature	ALB (L7)	NLB (L4)	GLB (L3)
Cross-Zone LB	Always On (Default)	Off (Default)	Supported
Sticky Sessions	Supported (Cookies)	Supported (Source IP)	Supported (5-tuple)
Client IP Visibility	X-Forwarded-For	Proxy Protocol	GENEVE Options
Routing Algorithms	Round Robin / LOR	Hash-based	Hash-based