Hi, I am Agata.
In this article, I will examine how to use a load balancer with a fixed IP address in AWS. Normally, the Amazon Elastic Load Balancing, cannot be used with a fixed IP address. This is inconvenient if you want to restrict the connection destination by IP for security requirements. (In fact, we once had a problem when we were asked to use a fixed IP address for a medical system because the connection destination was restricted.)
This used to be difficult to deal with, but recent updates have made it easier. There are two ways to do this
Using a Network Load Balancer (NLB) is simple. Simply use NLB as the Load Balancer.
However, NLB does not have the same web-friendly features that ALB has, so you need to combine NLB and ALB when using it for the web.
In the past, this was not possible, making it difficult to handle, but now that ALB can be placed after NLB, it is very easy to set up.
Global Accelerator is a mechanism that directs client access to the nearest AWS edge, minimizing the portion of the access that goes over the Internet and using the high-speed AWS network to accelerate access.
The original purpose of this function is to speed up access, but since it has a fixed IP address for this function, it is used for this purpose. This is not to be used by itself either, but in combination with ALB.
Summarize the advantages and disadvantages other than the ability to fix IP addresses.
|NLB||Less expensive than Global Accelerator||none|
|Global Accelerator||Low latency and high speed as it enters the AWS network from the nearest edge|
Inter-region failover is possible
|Slightly more expensive than NLB|
In any case, there is not much difference in terms of achieving a fixed IP address.
Global Accelerator is more advantageous only when high-speed access or inter-region failover is required. However, fast access is only effective when the clients and servers are geographically and network-connected.
For example, if the servers are located only in the Tokyo region and access is mostly in Japan, this will not have much effect. We have actually tried this and found that in some cases, when both the server and the client are in Japan, it is faster not to use Global Accelerator.
From this point of view, it is better to determine whether to use NLB or Global Accelerator based on access characteristics.
In this article, we have examined the advantages and disadvantages of each, and in the next article we will look at the actual setup.