- Newest
- Most votes
- Most comments
Actually the Network Load Balancer supports IP-based Target group listening to UDP port . The blog can be outdated since 2019, so I suggest to refer to AWS documentation here: https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#target-type
I did a quick test in my account using netcat on ec2 instances. I could successfully send UDP packets using a remote machine to a public NLB and have the UDP packet routed to the instance in an IP Target group type.
- You can test hosting your listeners in your VPC first. Ensure the listeners are on both AZs where the NLB eni's are.
- You can also test enabling cross-AZ load balancing for your NLB since you are only concerned with UDP traffic.
- If you don't have cross-AZ Load balancing enabled, you can start testing UDP traffic to NLB eni where you have a host listening in the same AZ.
- Enable VPC flow logs to investigate how the traffic transfers and whether rejected at any point.
These considerations apply to your use-case:
- If you register a target by IP address and the IP address is in the same VPC as the load balancer, the load balancer verifies that it is from a subnet that it can reach.
- For UDP and TCP_UDP target groups, do not register instances by IP address if they reside outside of the load balancer VPC or if they use one of the following instance types: C1, CC1, CC2, CG1, CG2, CR1, G1, G2, HI1, HS1, M1, M2, M3, or T1. Targets that reside outside the load balancer VPC or use an unsupported instance type might be able to receive traffic from the load balancer but then be unable to respond.
- When using on premises resources, the IP addresses of these targets must still come from one of the following CIDR blocks:
- 10.0.0.0/8 (RFC 1918)
- 100.64.0.0/10 (RFC 6598)
- 172.16.0.0/12 (RFC 1918)
- 192.168.0.0/16 (RFC 1918)
If you find this helpful, please accept the answer.
According to this blog https://aws.amazon.com/blogs/aws/new-udp-load-balancing-for-network-load-balancer/ NLB does not support IP target types with UDP. Supported Targets – UDP on Network Load Balancers is supported for Instance target types (IP target types and PrivateLink are not currently supported).
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Great, thanks for pointing me this resource out. A bit sad that nothing (I might missed it) is actually explained on the NLB configuration page.
I will flag that blog for internal review. Please review the latest answer provided.