Traffic Mirror Session Support on Application Load Balancer

1

I have created traffic mirror session on application load balancer (two ELB) interfaces for the packet capture.

The traffic mirror session got deleted automatically when ELB instance scale down by AWS based on the traffic load. This leads to loss of mirrored traffic data and manually configuring the "Traffic Mirror Session" for new ELB interface of App load balancer.

I have tried capturing the events of App LB new instance in Amzaon Eventbridge & see workflow automation but could not see any events specific to App Load Balancer.

Please suggest

  • whether App load balancer can be configured static
  • How to resolve this issue either through automated workflow or configuration
  • How to receive App ELB instance events to Amzon Eventbridge
  • As an aside: Why are you trying to capture traffic to the load balancer? Knowing that might help suggest alternative solutions.

  • App LB is gateway for the application traffic from internet, hence capturing all the application traffic from/to internet for the deep packet analysis.

1 Answer
0

To your below point ALB can not be configured as Static as it will scale up or down dynamically based on demand.

whether App load balancer can be configured static

It would be better if you configure the traffic mirroring session for the Source (if it is a private ALB) and Target instances. Also, take a note of Traffic mirroring limitations, I am not sure that you may be hitting any of these but something to keep in mind.

Lastly, if you are doing this for troubleshooting purposes it would be best to open a support ticket and check the possibilities.

profile pictureAWS
EXPERT
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions