Layer 4 vs Layer 7 Load Balancing

by Grant Duke on Load Balancing • May 12, 2021

Within the Open Systems Interconnect (OSI) there are two layers at which load balancing can function, Layer 4 and Layer 7. There are differences between load balancing at Layer 4 or Layer 7 and there are advantages and disadvantages to each method.

What is Layer 4 load balancing?

When we refer to the OSI model, Layer 4 is our transport layer which is at the heart of the OSI model. Without the transport layer, we could be able to have interconnected systems, as we won’t be able to forward packets between networks.

This is the base of all communication between systems, whether they are server to server, server to client communication, or client to client communication.

When running a load balancer in Layer 4 (TCP) mode, you are encapsulating the TCP connection, and reverse proxying that to your backend servers. This means, that your backend systems (servers etc.) will see the source IP address of the Load Balancer. 

TCP mode has advantages and disadvantages. Firstly, running the Load Balancer in TCP will allow for a much higher level of throughput, as the overhead to process these connections is fairly low. So if we’re purely looking at maximum performance, Layer 4 (TCP) is perfect.  But there are some disadvantages of load balancing in Layer 4, such as limited statistics, and the inability to submit the source IP address to the backend servers as the connection is proxied.



 

What is Layer 7 load balancing?

In Layer 7 (HTTP) mode, the advantages and disadvantages are inversed.

Firstly, raw throughput in Layer 7 (HTTP) mode is lower than TCP, and this is because the request coming into the Load Balancer isn’t simply proxied to the backend. The load balancer is actually acting in part, as a middle man. 

The request for content/resources is made on behalf of the connection, by the load balancer to the backend servers. When the response is received, the content is served back to the inbound connection.

The advantage of Layer 7 (HTTP) mode, is the ability to see more statistics such as the connection time between the load balancer to the server (Network) and the response times of the application/service. This allows teams to be agile and detect problems before they bring down services.

When working with HTTP traffic, you can also submit the source IP address inside the X-Forwarded-For header, or even into a custom header. This your backend servers/services/application to identify the real source IP address of the end-users accessing the site.

Layer 7 (HTTP) mode also provides the ability to do SSL termination/SSL offloading on the load balancer, which saves vital resources on the backend server as SSL termination/SSL offloading is quite CPU taxing. By offloading this load to the load balancer, you can submit plain HTTP traffic to your backend servers. Which allows your backend servers to simply respond with the resources.

The Load Balancer will automatically ensure that traffic being served back to the client is encrypted.

Furthermore, with Layer 7 (HTTP) mode, you can also read host headers, and make intelligent routing decisions based on host headers or regex expressions. This allows multiple domains to run on 1 public IP address, and route traffic for each domain to their corresponding backend pool.