Layer 4 vs Layer 7 Load Balancingby Grant Duke on Load Balancing • May 12, 2021
Within the Open Systems Interconnect (OSI) model there are two layers at which load balancing can function, Layer 4 and Layer 7. There are differences between load balancing in Layer 4 and Layer 7. Each method has advantages and disadvantages.
What is Layer 4 load balancing?
What is Layer 4?
The transport layer is responsible for data transmission using protocols. This layer receives data from the session layer, segments it, and sends it to the network layer.
The most commonly used internet transport protocol is Transmission Control Protocol (TCP). TCP, often referred to as TCP/IP, is used for more complex communications over connections. Another common internet protocol, User Datagram Protocol (UDP), is used for simple message transmissions. TCP and UDP protocols transmit almost all of the traffic on the internet and every major operating system supports these protocols.
Is a Layer 4 Load Balancer a Reverse Proxy?
Yes. When running a load balancer in Layer 4 (TCP) mode, you are encapsulating the TCP connection, and reverse proxying that to your backend servers. This means, that your backend systems (servers etc.) will see the source IP address of the Load Balancer.
Why Use A Layer 4 Load Balancer?
TCP mode has advantages and disadvantages. Firstly, running the Load Balancer in TCP will allow for a much higher level of throughput, as the overhead to process these connections is fairly low. So if we’re purely looking at maximum performance, Layer 4 (TCP) is perfect.
But there are some disadvantages of load balancing in Layer 4, such as limited statistics, and the inability to submit the source IP address to the backend servers as the connection is proxied.
What is Layer 7 load balancing?
What is Layer 7?
Layer 7 is where user data interaction takes place. The OSI model defines the application layer as being responsible for communicating with host-based and user-facing applications.
An example of this is a user's web browser requesting content from a web server and the server returning the content in the required format. This means that the application layer is responsible for data manipulation and communication protocols such as HTTP and SMTP.
Is a Layer 7 Load Balancer a Reverse Proxy?
Raw throughput in Layer 7 (HTTP) mode is lower than TCP, and this is because the request coming into the Load Balancer isn’t simply proxied to the backend. The load balancer is actually acting in part as a middle man.
The request for content/resources is made on behalf of the connection, by the load balancer to the backend servers. When the response is received, the content is served back to the inbound connection.
Why Use A Layer 7 Load Balancer?
The advantage of Layer 7 (HTTP) mode, is the ability to see more statistics such as the connection time between the load balancer to the server (network) and the response times of the application/service. This allows teams to be agile and detect problems before they bring down services.
When working with HTTP traffic, you can also submit the source IP address inside the X-Forwarded-For header, or even into a custom header. This allows your backend servers/services/application to identify the real source IP address of the end-users accessing the site.
Layer 7 (HTTP) mode also provides the ability to do SSL termination (also called SSL offloading) on the load balancer, which saves vital resources on the backend server as SSL termination is quite CPU taxing. By offloading this load to the load balancer, you can submit plain HTTP traffic to your backend servers. Which allows your backend servers to simply respond with the resources.
The load balancer will automatically ensure that traffic being served back to the client is encrypted.
Furthermore, with Layer 7 (HTTP) mode, you can also read host headers, and make intelligent routing decisions based on host headers or regex expressions. This allows multiple domains to run on one public IP address, and route traffic for each domain to their corresponding backend pool.
Does Snapt Provide Layer 7 Load Balancing?
Yes. Snapt Nova provides Layer 7 load balancing, WAF security, and content acceleration on-demand from a centralized controller to millions of nodes. Snapt Nova provides robust Layer 7 functionality including health checks, packet inspection, header manipulation, SSL termination, DoS protection, and more.