Network Load balancer - connection limits + redundancy


Afternoon all ... if I am reading things correctly, a Network Load balancer has a 55k connection limit and as things stand right now I am hovering around a 52k active flow count connections.

So if I am correct in the above, I can't simply split that by changing a DNS endpoint, so I was wondering what is considered best practice? The current is a single DNS name with a CNAME to the NLB, so I can't just put a second NLB and have 2 values in Route 53 (that I know of) so what is a good solution to this?

Thanks much

Flowchart - current and needed

  • Can you share more information on your setup. Is this a single AZ NLB with a single IP target that is hovering around 52k active flows?

  • Thanks and sure! It's all in us-east-1 and there are 4AZ's that NLB is serving. I am not sure what you mean by a single IP target, but these are all MQTT connections that are made to a server farm of 15 or so machines using one DNS name .. There are a few listeners on the NLB but the main one is 99% of the traffic and as I said used for MQTT connections.

    I also updated the question to include a diagram of the current and what I need for the updated (how I would picture it) in the original question.

    When I look at the NLB / monitoring I see that Active Flow Count sitting at 51k or so.

    I do want to start to look at moving to a second Location like us-west-1, but right now all traffic from the outside hardware devices goto That points to that single NLB. So to combat that 55k, I would say for now, it would be great to start a 2nd NLB, mirror things, goto Route53 and say goes to CNAME NLB1, NLB2 and have that split the traffic but that is not possible. So this is where I am trying to figure out how I split that if I can't simply update the remote hardware to say some goto and others goto or something like that.

    As I said, once I get the concept and best practice, I am sure it will work as I start to roll out more listening devices to the us-west, etc. however this is something I clearly need to understand a bit more and have solved sooner than later.

asked a year ago2447 views
1 Answer
Accepted Answer

Where are you seeing the limit of ~ 55,000 connections?

I think you're reading this page in the documentation and I'd note that it is 55,000 connections per target (so ECS container in this case); and it applies when source IP address preservation is enabled (which is the default).

profile pictureAWS
answered a year ago
profile pictureAWS
reviewed a year ago
  • Ah yes, that was was I was looking at, so clearly the single NLB will continue to grow to accomodate!

    Thank you for clarifying that!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions