AWS Network Load Balancers
Amazon’s ALB load balancing has been a huge improvement over ELBs but they have one glaring issue: they route traffic as HTTP/1.1 on the backend even if it comes in as HTTP/2.
For some of our applications this is just fine, for others it’s a huge issue – we need the backend to serve HTTP/2.
This is where Amazon’s new Network Load Balancers come in. A NLB can be provisioned against elastic ip addresses and preserves the incoming IP address from the remote user. It balances long running connections as a TCP balancer.
When I attempt to set this up as a front-end balancer for some ECS Docker apps I couldn’t get traffic going through. I eneded up asking help on the forums and got it working when “D. Svanlund” pointed out that the security groups on the internal nodes need to be configure to accept external traffic.
This make sense. If the IP Address is preserved then we need to allow access from the originating IP.