Packet Flow in the AWS Gateway Load Balancer—East to West

glynn · ‎06-10-2021

With the introduction of the Gateway Load Balancer (GWLB) in mid-November 2020, AWS provided its customers with any port, load-balancing router. Prior to that, Azure and GCP were the only public clouds that had such a construct. Customers use these to provide a security layer that is scalable, resilient, and adaptable.

In the AWS implementation, endpoints are an integral part of the solution but are not a new concept in AWS. They connect elastic network interfaces (ENIs) to targets (e.g. GWLB) via "worm holes" in the fabric and and have been used with network load balancers (NLBs) for some time. These worm holes in the fabric bypass the usual routing constructs and can perforce result in some difficulty when troubleshooting. In this blog post, we will trace the flow of a request originating from a client in one VPC (network 10.102.0.0/16) to a server in another VPC (network 10.101.0.0/16). The infrastructure was deployed using the following TerraForm template:

Please download and view the entire PDF for instructions: Packet Flow in the AWS Gateway Load Balancer - East-West.

AlexWalker · ‎08-18-2021

This is an excellent resource. Thanks for posting.

Unlock your full community experience!

Packet Flow in the AWS Gateway Load Balancer—East to West

Packet Flow in the AWS Gateway Load Balancer—East to West