Network Load balancer - connection limits + redundancy
Afternoon all ... if I am reading things correctly, a Network Load balancer has a 55k connection limit and as things stand right now I am hovering around a 52k active flow count connections.
So if I am correct in the above, I can't simply split that by changing a DNS endpoint, so I was wondering what is considered best practice? The current is a single DNS name with a CNAME to the NLB, so I can't just put a second NLB and have 2 values in Route 53 (that I know of) so what is a good solution to this?
Thanks much
- Más nuevo
- Más votos
- Más comentarios
Where are you seeing the limit of ~ 55,000 connections?
I think you're reading this page in the documentation and I'd note that it is 55,000 connections per target (so ECS container in this case); and it applies when source IP address preservation is enabled (which is the default).
Ah yes, that was was I was looking at, so clearly the single NLB will continue to grow to accomodate!
Thank you for clarifying that!
Contenido relevante
OFICIAL DE AWSActualizada hace 2 años- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 7 meses
- OFICIAL DE AWSActualizada hace 2 años
Can you share more information on your setup. Is this a single AZ NLB with a single IP target that is hovering around 52k active flows?
Thanks and sure! It's all in us-east-1 and there are 4AZ's that NLB is serving. I am not sure what you mean by a single IP target, but these are all MQTT connections that are made to a server farm of 15 or so machines using one DNS name .. There are a few listeners on the NLB but the main one is 99% of the traffic and as I said used for MQTT connections.
I also updated the question to include a diagram of the current and what I need for the updated (how I would picture it) in the original question.
When I look at the NLB / monitoring I see that Active Flow Count sitting at 51k or so.
I do want to start to look at moving to a second Location like us-west-1, but right now all traffic from the outside hardware devices goto mqtt.example.com. That points to that single NLB. So to combat that 55k, I would say for now, it would be great to start a 2nd NLB, mirror things, goto Route53 and say mqtt.example.com goes to CNAME NLB1, NLB2 and have that split the traffic but that is not possible. So this is where I am trying to figure out how I split that if I can't simply update the remote hardware to say some goto mqtt.example.com and others goto mqtt2.example.com or something like that.
As I said, once I get the concept and best practice, I am sure it will work as I start to roll out more listening devices to the us-west, etc. however this is something I clearly need to understand a bit more and have solved sooner than later.