mirror of
https://github.com/nickpoida/og-aws.git
synced 2025-03-09 15:40:06 +00:00
CLB traffic to instances in the same subnet
Traffic between CLBs and Instances in the same subnet do not behave the same was as Instance to Instance traffic in the same subnet.
This commit is contained in:
Kyle Busekist
parent
3f31d5c0f4
commit
a2e5cbb87b
1 changed files with 1 additions and 0 deletions
|
|
@ -858,6 +858,7 @@ CLB
|
|||
- Complex rules for directing traffic are not supported. For example, you can’t direct traffic based on a regular expression in the URL, like [HAProxy](http://www.haproxy.org/) offers.
|
||||
- **Apex DNS names:** Once upon a time, you couldn’t assign an CLB to an apex DNS record (i.e. example.com instead of foo.example.com) because it needed to be an A record instead of a CNAME. This is now possible with a Route 53 alias record directly pointing to the load balancer.
|
||||
- 🔸CLBs use [HTTP keep-alives](https://en.wikipedia.org/wiki/HTTP_persistent_connection) on the internal side. This can cause an unexpected side effect: Requests from different clients, each in their own TCP connection on the external side, can end up on the same TCP connection on the internal side. Never assume that multiple requests on the same TCP connection are from the same client!
|
||||
- Traffic between CLBs and back-end instances in the same subnet **will** have NACL rules evaluated (EC2 to EC2 traffic in the same subnet would not have NACL rules evaluated). If the default '0.0.0.0/0 ALLOW' rule is removed from the NACL applied to the subnet, a rule that allows traffic on both the health check port and any listener port must be added.
|
||||
|
||||
ALB
|
||||
---
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue