Category: Gateway Load Balancer

As organizations increasingly adopt IPv6 to address public IPv4 exhaustion, private IPv4 scarcity—especially in large-scale networks—and the need to support IPv6-only clients, securing both IPv4 and IPv6 traffic becomes critical. We can apply consistent traffic inspection for inbound and outbound flows in Amazon Virtual Private Clouds (Amazon VPCs) to maintain security. In this post, we […]

In this post, we explore how Amazon Elastic Compute Cloud (Amazon EC2) data transfer costs apply to the communication between Network Load Balancer (NLB), clients, and targets in multiple scenarios, to help you optimize data transfer costs on Amazon Web Services (AWS). For Classic and Application load balancers, visit our post, Exploring Data Transfer Costs […]

Update: Sep 10, 2024 – Corrected a CloudWatch metric name. Amazon Web Service (AWS) Gateway Load Balancer (GWLB) is a managed AWS service that allows you to insert third-party firewall appliances into the data path. GWLB helps you deploy, scale, and manage third-party appliances, and it acts as a bump-in-the-wire device and passes traffic transparently […]

Connection tracking (conntrack) is a networking concept where a networking device, like a firewall, router, or NAT device, needs to track and maintain information about the state of IP traffic going through it. The AWS Nitro System that underlies AWS networking does connection tracking for some types of network traffic to implement the stateful nature […]

Traffic Mirroring is an Amazon Virtual Private Cloud (VPC) feature you can use to copy network traffic from an elastic network interface of an Amazon Elastic Compute Cloud (EC2) instance and send it to a target storage service for analysis. You can use it for content inspection, threat monitoring, network performance monitoring, and troubleshooting. Through […]

Today, on 30th August 2023, AWS launched a new enhancement to the Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing feature. With this enhancement, customers can now specify a Gateway Load Balancer Endpoint (GWLBE) as the next-hop in the virtual private gateway (VGW) route table. This allows customers to inspect their traffic coming into AWS […]

At re:Invent 2020, AWS introduced  Gateway Load Balancer (GWLB), an AWS service that helps you deploy, scale, and manage third-party virtual network appliances, such as firewalls, intrusion detection and prevention systems, and others. GWLB is a type of load balancer under the Elastic Load Balancing (ELB) family. Other load balancers within the ELB family include […]

In 2020, we launched Gateway Load Balancer (GWLB), allowing you to deploy in-line inspection and filtering of packets. Various customers are leveraging this service to implement firewalls, intrusion detection, and network monitoring appliances in a centralized location. The ability to use multiple GWLB endpoints installed in workload VPCs allows distributed access to these centralized inspection […]

Introduction: AWS Gateway Load Balancer (GWLB) is an Elastic Load Balancing (ELB) service that allows customers to insert third-party virtual appliances such as firewall, intrusion detection and prevention systems (IDS/IPS), network observability and others, transparently into the traffic path. Application Load Balancer (ALB) and Network Load Balancer (NLB) are reverse proxies and traffic is routed […]

When I meet with customers and discuss AWS Gateway Load Balancer (GWLB), I often get asked for suggestions regarding integrating it with their existing Linux appliances. GWLB utilizes GENEVE encapsulation with some important custom metadata, which doesn’t natively work with either Linux or Linux’s GENEVE module (which is designed only for Ethernet (Layer 2) packets, […]