Questions tagged with Gateway Load Balancer

Hi, I understand from [this article](https://aws.amazon.com/blogs/networking-and-content-delivery/integrate-your-custom-logic-or-appliance-with-aws-gateway-load-balancer/) that GWLB supports overlapping CIDRs through the GENEVE protocol. However, does this also work with TGW? Thanks

I am creating a CDK app to deploy a NGFW behind a GWLB with all of the routing in place. When I launch the cdk app, the VPCEndpoints always fail to create if I register the EC2 Instance (NGFW) in same template. I've tried to add dependson conditions but nothing seems to happen. Simply including the instance targets causes the VPC endpoints to fail. This config does not impact the vpce creation ``` gwlbtarget: Type: AWS::ElasticLoadBalancingV2::TargetGroup Properties: HealthCheckPort: "443" HealthCheckProtocol: TCP Name: gwlb-targetgroup Port: 6081 Protocol: GENEVE VpcId: Ref: firewallvpc63A6EE9C Metadata: aws:cdk:path: GwlbExampleStack/gwlb-target ``` This causes vpce endpoint to fail with error: "VPC Endpoint vpce-xxxxx did not stabilize. Current state: failed" ``` gwlbtarget: Type: AWS::ElasticLoadBalancingV2::TargetGroup Properties: HealthCheckPort: "443" HealthCheckProtocol: TCP Name: gwlb-targetgroup Port: 6081 Protocol: GENEVE Targets: - Id: Ref: ngfw VpcId: Ref: firewallvpc63A6EE9C Metadata: aws:cdk:path: GwlbFirewallStack/gwlb-target

I have some questions about the "AWS Application Load Balancer" in regard to http2 persistent connections: Does the "AWS Application Load Balancer" itself maintain its own internal http2-connection-pool? (or nah?) If the load balancer does indeed maintain its own http2-connection-pool for persistent http2 connections I have these follow-up questions: 1. I can't find anything in the AWS docs explaining how the size(s) of the http2-connection-pools (maintained by ALB) are configured (if at all). Can it maintain for example 2 million http2 connections open at the same time (for the sake of ultra low latency). At what cost (are there scaling costs)? Any links that elaborate on these aspects? 2. Does the ALB, by default, maintain a fixed-size http2-connection-pool between itself and the browsers (clients) or are these connection-pools dynamically sized? If they are fixed-size how big are they by default? If they are dynamic what rules govern their expansion/contraction and what's the max amount of persistent http2-connections that they can hold? 30k? 40k? 5million? 3. Let's assume we have 20k http2-clients that run single-page-applications (SPAs) with sessions lasting up to 30mins. These clients need to enjoy ultra-low latency for their semi-frequent http2-requests through AWS ALB (say 1 request per 4secs which translates to about 5k requests/second landing on the ALB):Does it make sense to configure the ALB to have a hefty http2-connection-pool so as to ensure that all these 20k http2-connections from our clients will indeed be kept alive throughout the lifetime of the client-session?Reasoning: In this way no http2-connection will be closed and reopened (guarantees lower jitter because reestablishing a new http2-connection involves some extra latency - at least that's my intuition about this and I'd be happy to stand corrected if I miss something)

Hello AWS, I have a custom domain (registered via Route53) and created API Gateway resources for this custom domain yesterday. After deleting ALL (!!!) API Gateway resources and even doing an "aws-nuke" on my account, I still have API Gateway load balancers associated with my ACM certificate. The ARNs for the load balancer resources look like this: "arn:aws:elasticloadbalancing:eu-central-1:<some-aws-account-id>:loadbalancer/app/prod-fra-1-az1-1-31/<some-mores-stuff>" This is annoying as I cannot delete the certificate as long as these association hold. Can anybody help me with this? Best, David