Load Balancers

Question 1

What is an Elastic Load Balancer?

Answer 1

An aws managed load balancer. There are four types: classic, application, network, and gateway.

Question 2

What are four types of Elastic Load Balancer?

Answer 2

1) Application load balancer
2) Network load balancer
3) Classic load balancer
4) Gateway load balancer

Question 3

What is a Classic Load Balancer?

Answer 3

1) Operates at layer 4 and 7
2) Supports protocols: HTTP/HTTPS, TCP, and SSL/TLS.
3) No target groups. EC2 instances register directly with the load balancer.
4) Heath checks are: HTTP, HTTPS, or TCP.

Question 4

What is an Application Load Balancer?

Answer 4

1) Operates at layer 7
2) Supports protocols: HTTP/HTTPS, WebSocket, HTTP/2, and gRPC
3) Load balances to multiple targets
4) Load balances to multiple application/ports on the same server
5) Support for custom HTTP responses
6) Supports redirects (HTTP to HTTPS traffic)

Question 5

What is a Network Load Balancer?

Answer 5

1) Operates at layer 4
2) Supports TCP, UDP, and TLS
3) Handles 1 million requests per a second
4) Has one static IP per AZ
5) Static IP attaches to an ENI

Question 6

What is a Gateway Load Balancer?

Question 7

What is the health check HTTP code that is sent from the server(s) to the load balancer to verify health of thservers?

Answer 7

200 (OK)

Question 8

An administrator is considering the different types of an AWS managed load balancer to setup load balancing for three web servers. For now, that type of traffic that would be load balanced are TCP/SSL connections. But there are future plans to include a chat function embedded in the UI. What is the best type of load balancer that meet these requirements?

Answer 8

Application load balancer because it can use the websocket protocol.

Question 9

Which load balancer supports the websocket protocol?

Answer 9

Application load balancer

Question 10

True or false: elastic load balancers only load balance traffic that is public facing.

Answer 10

False. Load balancing can be setup for either public or private access.

Question 11

In order to enhance security with load balanced traffic, it is recommended to use two security groups: load balancer security group and EC2 instance security group. Is this the case?

Answer 11

Yes

Question 12

Where is the EC2 instance security group expecting traffic if a user is accessing a web application? The load balancer does have a security group attached.

Answer 12

Source traffic is expected from the load balancer and not the end user.

Question 13

What layer(s) does the classic load balancer operate at?

Answer 13

Layers 4 - 7

Question 14

What is a listener?

Answer 14

It checks for connection requests from clients, using the protocol and port that you configure, and forwards requests to one or more registered instances using the protocol and port number.

Question 15

What are health checks?

Answer 15

They used to monitor the health of the registered instances so that the load balancer only sends requests to the healthy instances.

Question 16

You have 12 instances with ten running on AZ 1a and two instances in AZ 2b. The load balancer will distribute the traffic evenly between the two AZs. The EC2 instances in AZ 2b are slow to respond to client requests. What is the best solution to have traffic load balanced evenly between the two AZs?

Answer 16

Evenly divide the number of EC2 instances between the AZs with six on each AZ.

Question 17

What will you need enable to distribute traffic evenly across all registered instances in all enabled Availability Zones?

Answer 17

cross-zone load balancing

Question 18

For an application load balancer, what is the default routing algorithm?

Answer 18

Round robin

Question 19

What load balancer has been deprecated since Aug 2022?

Answer 19

Classic load balancer with EC2 classic instances. Also known as version 1 elastic load balancer.

Question 20

What is SNI?

Answer 20

Server Name Indicator
An extension to the Transport Layer Security (TLS) by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process.

Question 21

When configuring a load balancer, what is the recommended minimum subnet size?

Answer 21

/27

Question 22

What is cross-zone load balancing?

Answer 22

Each load balancer node distributes traffic across the registered targets (EC2 instance) in all enabled Availability Zones.

Question 23

If a load balancer is enabled between two AZs, how much traffic is load balanced between each AZ?

Answer 23

50% each

Question 24

Why is it recommended to enable cross-zone load balancing if a load balancer sits between two AZ?

Answer 24

Since 50% of traffic is load balanced between the AZs, this would mean that an AZ with a smaller number of EC2 instances than the other AZ will still receive 50% of the traffic. This may degrade the EC2 instance if it has a high volume of traffic to process. Overall, this may cause intermittent slowness for some clients.

Question 25

What is connection draining?

Answer 25

When instances are unhealthy or deregistered (taken out of the pool).

Question 26

What is x-forwarded for?

Answer 26

They are HTTP headers that preserve the information from the client. Three things that are preserved:
1) client ip
2) client protocol (http or https)
3) client port (80 or 443)

Question 27

What is proxy protocol?

Answer 27

It is a way to preserve the client’s ip using layer 4 TCP headers. This feature is used only on classic load balancer v1 and network load balancer v2.

Question 28

What is a routing algorithm?

Answer 28

This is a load balancing method that includes round robin, least outstanding requests, or flow hashing.

Question 29

What is connection idle timeout?

Answer 29

A timeout period for connectivity from client to the load balancer and/or connectivity between the load balancer to the EC2 instance.
This is used for CLB, ALB, and NLB.

Question 30

What is sticky sessions?

Answer 30

Using a cookie to send a client’s traffic to the same server as the original request.

Question 31

What is another term for sticky sessions?

Answer 31

Session affinity

Question 32

What is a target group?

Answer 32

This is a pool of EC2 instances behind the load balancer.

Question 33

What is the only type of load balancer that uses connection draining?

Answer 33

Classic load balancer

Question 34

What is deregistration delay?

Answer 34

Feature that stops sending traffic to instances that deregistering targets. It also allows existing connections to complete.

Question 35

What types of load balancers support deregistration delay?

Answer 35

1) Application load balancer
2) Network load balancer
3) Gateway load balancer

Question 36

True or false: deregistration delay is not a default setting.

Answer 36

False, it is turned on by default.

Question 37

Where is the deregistering delay configured?

Answer 37

On the target group

Question 38

What are two types of features that allows targets to gracefully close connections without taking anymore connections?

Answer 38

1) Connection draining
2) Deregistering delay

Question 39

What is the timeout value for both connection draining and deregistering delay?

Answer 39

300 seconds

Question 40

Where is connection draining configured?

Answer 40

On the load balancer itself (classic only)

Question 41

What are the 2 types of load balancers that support x-forwarded-for http headers?

Answer 41

1) Classic load balancer v2
2) Application load balancer

Question 42

True or false: network load balancers also support x-forwarded-for.

Answer 42

False, x-forwarded-for only works a layer 7.

Question 43

What are the two types of load balancers that support the proxy protocol?

Answer 43

1) Classical load balancer v1
2) Network load balancer v2

Question 44

What layer does proxy protocol work on?

Answer 44

Layer 4
There’s an additional tcp layer 4 header added that works with http/https and other upper level protocols.

Question 45

True or false: proxy protocol can support passthrough (packets left untouched by the load balancer).

Answer 45

True

Question 46

If the proxy protocol is unable to use layer 7 information to preserver the client’s ip, where is this information added?

Answer 46

The client’s ip is added into the additional TCP.

Question 47

Is the proxy protocol enabled by default if the target is configured with an IP?

Answer 47

No, it has to be enabled.

Question 48

What is the default connection idle timeout for both the CLB and ALB?

Answer 48

60 seconds

Question 49

What is the default connection idle timeout for the NLB?

Answer 49

TCP 350 seconds
UDP 120 seconds

Question 50

What is zonal shift?

Answer 50

It shifts a load balancer resource away from an impaired Availability Zone with a single action. This is a Route 53 feature.

Question 51

What is gRPC?

Answer 51

A remote procedure call protocol that integrates with a microservice (APIs) running over HTTP/2.

Question 52

What types of load balancer can only use gRPC?

Answer 52

1) ALB
2) NLB

Question 53

How can an ALB load balance traffic to an on-prem or vpc peered network?

Answer 53

1) Create network reachablity to the on-prem network or vpc peer.
2) Create a target group that points to the on-prem network or vpc peer.

Question 54

What is used to get to an internet facing load balancer?

Answer 54

DNS

Question 55

What is the DNS string for a public facing load balancer?

Answer 55

name-someName.region.elb.amazonaws.com
ipv6.name-someName.region.elb.amazonaws.com
dualstack.name-someName.region.elb.amazonaws.com

Question 56

What is the DNS string for a private load balancer?

Answer 56

internal-someName.region.elb.amazonsws.com

Question 57

What is the maximum number of IP addresses across all subnets that will be used for one ALB?

Answer 57

100

Question 58

For an ALB, what can be encompassed in a target group?

Answer 58

1) EC2 instances
2) ECS tasks
3) Lambda functions
4) Private IP addresses used to connect to peered vpc, on prem networks using direct connect or vpn

Question 59

True or false: ALB supports weighted target groups.

Answer 59

True

Question 60

What are the different targets that ALB can route to?

Answer 60

1) URL path
2) Hostname
3) Query string
4) HTTP header
5) Source IP

Question 61

True or false: microservices or container-based services are a great fit for ALBs.

Answer 61

True

Question 62

What are two features of ALB?

Answer 62

1) Use of SNI (server name indicator) to use multiple TLS certificates
2) Authenticate users before routing to targets

Question 63

An ALB has to route a query and a hostname to two different targets. How can this be achieved?

Answer 63

Apply rules to route the different traffic to different targets.

Question 64

For ALB, what is the last rule to be processed?

Answer 64

The default rule

Question 65

Which load balancer is used when high performance is needed to process traffic?

Answer 65

Network load balancer