What Load Balancers Do at Three Different Layers of the OSI Stack
Understand load balancing methods at each of the layers and what to keep in mind when deciding which type of load balancer to deploy for your infrastructure.
In the world of modern digital infrastructure, where websites and applications cater to millions of users simultaneously, load balancers are crucial for ensuring seamless operations and minimal downtime. At its core, load balancing is the strategic distribution of incoming network traffic across multiple servers or resources. This strategic allocation not only prevents any single server from becoming overwhelmed but also enhances application availability, responsiveness and the overall user experience.
Load balancing also plays a role in optimizing application performance, ensuring that user requests are efficiently handled and processed. By directing traffic to servers based on predefined algorithms or metrics, load balancers enable efficient resource utilization and reduce response times and latency. This, in turn, can enhance a user's experience with your application, which can ultimately drive business growth.
This article outlines the differences between Layer 3, Layer 4 and Layer 7 load balancers, outlining their functionalities and use cases. By the end of the article, you'll have a clear understanding of each layer's methods and the strategic considerations involved in selecting the type of load balancer to deploy for your infrastructure.
More on load balancing:
- How API Gateways Differ from Load Balancers and Which to Use
- How to Speed Up and Secure Your Apps Using DNS Load Balancing
- How Load Balancers Differ From Reverse Proxies, and When to Use Each
- How Load Balancing Algorithms Work, and How to Choose the Right One
Layer 3 Load Balancers
Layer 3 (L3) load balancing operates at the network layer of the Open Systems Interconnection (OSI) model. Unlike higher layers, which delve into the specifics of application protocols or transport connections, L3 load balancing focuses on directing traffic at an IP level.
L3 load balancing is particularly advantageous in scenarios where the primary concern is efficient routing of network traffic without the need for deep inspection or manipulation of packet payloads. While it may lack the granular control and application awareness of higher-layer load balancing methods, L3 load balancing offers a simple yet effective solution for scaling network infrastructure and optimizing resource utilization.
L3 Load Balancers Work Well with Other Switching and Routing Equipment
Because L3 load balancers work exclusively on the IP level, they work similarly to many routers, making them highly compatible with any underlying network infrastructure. Integrating load balancers into your network should be seamless in most network configurations.
Some L3 load balancers support standard routing protocols and can get routing information from other routers on the network using protocols like BGP and ECMP. You can use this information to choose between one of several pools of destination servers, for example, based on the information supplied by these routing protocols.
Advantages of Layer 3 Load Balancing
L3 load balancing has many advantages, especially in cases where you don't need to do packet inspection or route traffic based on a port or a protocol.
L3 load balancing is perfect for routing traffic because the load balancer merely hands off the connection to the next server in the pool based on easy-to-configure strategies like round-robin or least-time routing.
In addition, because L3 operates at the IP level, it can help alleviate the overall load on your network, depending on your setup. You can enable load balancing between different data centers—or even different geographical locations—based on metrics gathered from health checks. This, in turn, can enable geographic redundancy and empower your high availability strategy.
L3 load balancers also make horizontal scaling (adding more servers to a pool of servers) easier.
Layer 3 Load Balancing Implementation Challenges
If you have a complex network infrastructure, it might be a bit challenging to perfect your L3 load balancer strategy. Configurations like multicloud or hybrid cloud can significantly increase the complexity of configuring a load balancer to optimally balance the load between multiple cloud providers.
L3 load balancers are also very dependent on the underlying network infrastructure working optimally. If there are any limitations in the network infrastructure, like traffic congestion, unstable routes or even hardware failure, it can hamper the operation of the load balancer to effectively find the best target for the next connection.
There is also the risk of added latency, especially if your L3 load balancer modifies packet header data.
Common Use Cases for Layer 3 Load Balancing
L3 load balancing is commonly used in use cases across different industries and environments. Below are some of the more common use cases:
- Large websites, including social media sites or e-commerce platforms, typically make use of L3 load balancers to distribute incoming HTTP/HTTPS traffic to multiple web servers in a data center.
- Content delivery networks make use of L3 load balancing to distribute content like images, videos and other static files across edge servers that are spread across different geographical regions. This enables the CDNs to serve content to end users from the nearest available server.
An L3 load balancer can also offer high availability to your end users, as the health checks can be used to remove a server from a pool if it's too busy or if that server has suffered an outage of some kind. This can even be employed as part of a disaster recovery (DR) plan, where your load balancers can automatically redirect traffic to a DR site should something happen to the primary site.
Layer 4 Load Balancers
Layer 4 (L4) load balancers operate at the transport layer of the OSI model. They focus on the routing and forwarding of network traffic based on information such as IP addresses and port numbers. In contrast to L3 load balancers, which make routing decisions solely based on IP addresses, L4 load balancers have the additional capability to consider transport layer protocols, such as TCP and UDP, to determine where a specific flow of traffic must be directed. L4 load balancers are also aware of the port numbers used in the connection information and can make routing and traffic flow decisions based on those port numbers.
L4 Load Balancers Operate at the Transport Level
As previously stated, L4 load balancers function at the transport layer of the OSI model, which allows them to analyze and choose routing paths using transport layer protocols like TCP and UDP. This placement enables them to manage connections and sessions between clients and servers, making them ideal for applications that need session persistence or stateful communication.
L4 Load Balancers Direct Traffic Based on IP Address and Port Number
By considering both IP addresses and port numbers, Layer 4 load balancers can route traffic to specific services or applications running on different servers, ensuring that each request is directed to the appropriate destination. This means that an L4 load balancer can balance the load for many different types of traffic, including—but not limited to—database requests, email servers and API gateways.
L4 Load Balancers are Ideal for Simple Traffic Distribution
L4's versatility makes it work well in scenarios where you need to balance a network load across a variety of servers or backend resources. Unlike higher-layer load balancers that provide application-level features and content-based routing, L4 load balancers focus on basic traffic routing based on network and transport layer information. This simplicity makes them lightweight, efficient and well-suited for applications where complex application-aware routing is not required.
Advantages of Layer 4 Load Balancing
In addition to the benefits of L3 load balancers, L4 load balancers ensure that traffic is directed to the appropriate destination using both transport layer protocols and port numbers. This optimizes resource utilization and improves application performance.
In addition, L4 load balancers typically offer lower latency and higher speeds due to their ability to make routing decisions based on fewer data points when compared to an L7 load balancer. This means they don't need to inspect the content of the messages, leading to faster processing times.
L4 load balancers also offer session persistence by directing subsequent requests from the same source to the same backend server or resource. These load balancers are also the most compatible with many different types of backend servers.
Common Use Cases for Layer 4 Load Balancing
While L4 load balancers can do practically everything an L3 load balancer can do, there are certain use cases where an L4 load balancer makes more sense. For instance, stateful applications (like online banking or online collaboration tools) require a persistent, stateful connection between the client and the server to facilitate the full functionality of the application. An L4 load balancer can provide this by offering session affinity, ensuring that the same client speaks to the same server during a particular session.
If your application is using a microservices architecture, an L4 load balancer could work well to direct the different connection requests to the different microservices on your backend based on the IP, protocol and port information provided.
Most of the common use cases covered by L3 load balancers are also covered by L4 load balancers, including server pools and high-availability strategies. The biggest difference is that there is now extra port and protocol information that can be considered before deciding on where to direct traffic.
Layer 7 Load Balancers
Layer 7 (L7) load balancers, also known as application load balancers, operate at the highest layer of the OSI model, the application layer. Unlike L4 load balancers, which primarily focus on routing traffic based on IP addresses and port numbers, L7 load balancers can inspect and manipulate application-layer data, including HTTP headers, URLs and cookies.
This advanced functionality allows L7 load balancers to perform content-based routing, SSL termination, session persistence and application-aware load balancing. This enables organizations to achieve high availability, scalability and performance for their web-based applications and services.
The biggest downfall of L7 load balancers is that their ability to inspect every packet of data that passes through them comes at a computational cost. It can introduce latency to the connection, so you should only deploy an L7 load balancer if you require advanced packet inspection capabilities.
Advantages of Layer 7 Load Balancing
Because they work at the application layer, L7 load balancers have deep visibility into application-layer protocols and data, which allows them to make intelligent routing decisions based on application-specific criteria. These different criteria could include HTTP headers, query parameters, session cookies or the user agent. For more advanced routing decisions, some load balancers (like AWS's Application Load Balancer) even allow you to use Lambda functions as a target group to direct traffic to.
This ability to inspect traffic and derive different criteria allows L7 load balancers to make advanced routing decisions. For instance, you can direct a web request to different server pools based on the type of resource requested. Static content (like CSS files and images) can be better served from a server pool optimized for that functionality, while dynamic content (like streaming video or database requests) can be directed to another pool designated for that specific purpose—all from a single web request.
By being able to inspect the traffic, some L7 load balancers can even offer protection from common attacks like cross-site scripting (XSS) and SQL injection (SQLi).
Common Use Cases for Layer 7 Load Balancers
While you can use an L4 load balancer for your microservices architecture, depending on the complexity of your architecture, you might be better served using an L7 load balancer. Because you have access to more criteria, you can make more precise decisions for routing the traffic to your different microservices.
Some L7 load balancers can function as a web application firewall (WAF) as well. They can inspect incoming HTTP requests and responses, apply security policies and enforce access controls to protect web applications and APIs from malicious threats.
L7 load balancers can also offer SSL termination, which allows the load balancer to decrypt the traffic between the client and the intended server and then send the decrypted traffic to the target. This can reduce the load on your server pool, as decryption is a computationally heavy operation.
Conclusion
Choosing a load balancer or a combination of load balancers will come down to the architecture and complexity of your network and/or your applications.
Lower-level load balancers (like L3 and L4) do not need as much computational power as an L7 load balancer. You also need to consider the different costs that might be involved with each of the different load balancers.
The easiest solution might be to consider your traffic routing criteria:
- If you only need to direct traffic based on IP information, you only need an L3 load balancer.
- If you need slightly more advanced routing based on a combination of IP, port and protocol information, you need an L4 load balancer.
- If more advanced routing is required based on criteria that are only visible upon packet inspection, or if you need extra functionality like SSL termination, you need an L7 load balancer.
You might also have a scenario that requires the use of all three of the different load balancers. A large web application, which may serve millions of users globally, would be a good use case where you would need to employ all the layers. An L3 load balancer would direct a user's connection to the geographically closest data center. From there, the web server would make calls to fetch data from a database cluster located behind an L4 load balancer. An L7 load balancer would target different server groups based on the requested content on the web page, like static files and images being stored on multiple servers.
Customers of Equinix Metal—Equinix’s dedicated cloud service—who need their network designed a certain way can take advantage of our Load Balancer-as-a-Service feature, an Equinix-native L3/L4 load balancer that uses the company’s ultrafast global backbone to communicate with users’ backend servers. The LBaaS is only one of numerous powerful network-configuration features Equinix offers as a service to users who require full control of their network architecture.