Networking - Versus
L4 vs L7 Load Balancer
TL;DR: L4 for TCP/UDP/IP traffic, at the connection level; L7 for HTTP/HTTPS traffic, at the request level, keep the connections open and balance requests across the connections.
L4 Load Balancer ("Network Load Balancers"):
- a combination of L3 and L4 (L3/L4 Load balancers).
- calculating the best server based on fewest connections and fastest server response times.
- The source and destination IP of each packet is changed by the load balancer using NAT (Network address translation). When a response is received from the server, the same translation is performed again at the load balancer.
- L4 load balancers are unaware of the data: we cannot make any decisions based on data in our request. The only thing we have is IPs (source and destination) and ports.
- Disadvantages
- No smart load balancing.
- Doesn’t work with streaming/keep-alive connections.
- No TLS termination.
L7 Load Balancer (Application Load Balancers):
- actually layer 5,6,7
- bases its routing decisions on various characteristics of the HTTP/HTTPS header, the content of the message, the URL type, and information in cookies.
- When a client makes a request, it creates a TCP connection with the load balancer. The Load Balancer then creates a new TCP connection with one of the upstream servers. Thus, there are 2 TCP connections as compared to 1 in a TCP/UDP passthrough L4 Load balancer.
- Since we are at layer7, we are aware of the data in our request. This allows us to perform a variety of operations like
- Authentication — 401 if some header is not present
- Smart Routing — Route /payments call to a particular upstream
- TLS termination
- woks with multiplexed/keep-alive protocols
- L7 load balancer creates a TCP connection with every upstream for a single client connection rather than choosing a single upstream.
- run and scale your services behind a single IP address. (HTTP or HTTPS)
Proxy Load Balancer vs Passthrough Load Balancer
Layer 4 load balancers can handle TCP, UDP, or other IP protocol traffic. There are proxy load balancers and passthrough load balancers
| Proxy | Passthrough | |
|---|---|---|
| Terminate at | load balancer | backend |
| LB to backend | a new request | original request |
| Response | through load balancer | directly to client |
More details:
- Proxy: Traffic is terminated at the load balancing layer and then forwarded to the closest available backend by using TCP. (Used for TCP with or without TLS offload)
- Passthrough: not proxies. Load-balanced packets are received by backend VMs with the packet's source and destination IP addresses, protocol, and, if the protocol is port-based, the source and destination ports unchanged. Load-balanced connections are terminated at the backends. Responses from the backend VMs go directly to the clients, not back through the load balancer. The industry term for this is direct server return (DSR). More protocols: TCP, UDP, ESP, GRE, ICMP, and ICMPv6
InfiniBand vs Ethernet
https://en.wikipedia.org/wiki/InfiniBand
- InfiniBand: used in high-performance computing that features very high throughput and very low latency.
- Ethernet: IEEE 802.3, a family of wired computer networking technologies.
- divide a stream of data into shorter pieces called frames.
- Ethernet provides services up to and including the data link layer. (L2)
- The 48-bit MAC address was adopted by other IEEE 802 networking standards, including IEEE 802.11 (Wi-Fi).
- one of the key technologies that make up the Internet.
- Wi-Fi: IEEE 802.11
In 2016, Ethernet replaced InfiniBand as the most popular system interconnect of TOP500 supercomputers.
SMF vs MMF
Optic cable categories:
- SMF: Single-Mode Fiber
- "single": uses laser light following a single path.
- for long distance: a smaller core size from 8.3 to 10 microns in diameter.
- higher cost.
- Color: yellow.
- MMF: Multi-Mode Fiber
- "multi": takes multiple paths, which may result in a differential mode delay, and the distance between connections must decrease.
- for short distance: much larger than SMF with diameter from 50 to 100 microns; shorter distance due to signal distortion.
- lower cost.
- Color: orange or agua.
LOM port vs Console port
- console / serial port:
- allow root access through a terminal or laptop interface without using the network.
- connect to serial ports (RS-232).
- LOM (e.g. iLO):
- used to monitor and manage the devices by using a dedicated management channel (connects to a management switch), isolated from the traffic in data plane. it requires and IP address configured on the device
- RJ-45 jack / CAT5 or 6 cable.
- iLO has a Virtual Serial Port.
- iLO is on a separate chip: "a remote server management processor embedded on the system boards"
Channel Bonding vs Load Balancing
Channel bonding is differentiated from load balancing in that load balancing divides traffic between network interfaces on per network socket (layer 4) basis, while channel bonding implies a division of traffic between physical interfaces at a lower level, either per packet (layer 3) or a data link (layer 2) basis.
What is the difference between VPC and VPN?
A VPC creates a private cloud within a public cloud, while a VPN secures connections to and from a network over the internet.