You can select the appropriate load balancer based on your application needs.
In the following tables, a checkmark indicates that a feature is supported. For more information about a feature, click the info link.
Type of load balancer
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Proxy | info | info | SSL Proxy info TCP proxy info |
||
| Pass-through | info | info |
Protocols from the load balancer to the backends
For links to reference information, see Backend services.
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|
|---|---|---|---|---|---|---|
|
One of: HTTP (HTTP/1.1) HTTPS (HTTP/1.1) HTTP/2 (requires TLS), including gRPC |
||||||
|
One of: TCP or UDP |
||||||
| One of: SSL (TLS) or TCP |
||||||
| WebSockets | info | info |
Protocols from the clients to the load balancer
For links to reference information, see Forwarding rules.
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|
|---|---|---|---|---|---|---|
|
One of: HTTP/1.1, HTTP/2, or HTTPS |
(includes QUIC) |
|||||
|
One of: TCP or UDP |
||||||
| SSL or TCP | ||||||
| WebSockets | info | info |
Backends
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Backends must be in one region | (Standard Tier) |
(Standard Tier) |
|||
| Backends can be in multiple regions | (Premium Tier) |
(Premium Tier) |
|||
| Load balancer can have multiple backend services and a URL map | |||||
| Virtual machine backends on Compute Engine | |||||
| Zonal NEGs | Using GCE_VM_IP_PORT type endpoints with GKE:
|
Using GCE_VM_IP_PORT type endpoints with GKE:
|
Using GCE_VM_IP type endpoints with GKE:
|
Use standalone zonal NEGs | |
| Self-managed Kubernetes and GKE | |||||
| External endpoints in internet NEGs as custom origins for Cloud CDN | info (Premium Tier) |
||||
| Cloud Storage in backend buckets | info | ||||
Serverless backends:
|
info |
Health checks
For links to reference information, see Health checks.
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| HTTP health checks | 1 | ||||
| HTTPS health checks | 1 | ||||
| HTTP/2 health checks | 1 | ||||
| SSL health checks | 1 | ||||
| TCP health checks | 1 | ||||
Configurable health checks:
|
|||||
| Configurable request path (HTTP, HTTPS, HTTP/2) | 1 | ||||
| Configurable request string or path (TCP or SSL) | 1 | ||||
| Configurable expected response string | 1 |
1 This table documents health checks supported by backend service-based network load balancers. Target pool-based network load balancers only support legacy HTTP health checks.
IP addresses
For links to reference information, see Addresses.
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Internal IP address, accessible in your Virtual Private Cloud (VPC) network | |||||
| External IP address (global anycast) | (Premium Tier) |
(Premium Tier) |
|||
| External IP address (regional) | (Standard Tier) |
(Standard Tier) |
|||
| External IP address from Bring your own IP (BYOIP) | |||||
| Multiple forwarding rules with the same IP address, each having a unique protocol and port combination | |||||
| Internet accessible (including by clients that are in Google Cloud and have internet access) |
|||||
| Privately accessible |
|
|
|||
| Client source IP address preservation | X-Forwarded-For header | X-Forwarded-For header | In TCP Proxy header | ||
| IPv6 termination |
Network topologies
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Relationships between VPC networks and load balancer backends | |||||
| Backends must be in the same VPC network | |||||
| Backends can be located in multiple VPC networks in
the same project (the networks do not have to be connected) |
|||||
| Backends can use a Shared VPC network | |||||
| Client access to load balancers | |||||
| Google Cloud or on-premises clients must access the load balancer privately by being either in the same VPC network, in a peered VPC network, or in another network connected using Cloud VPN tunnels or Cloud Interconnect attachments (VLANs) | |||||
| Google Cloud client VMs require external IP addresses or a
NAT solution like Cloud NAT to access the load balancer |
|||||
| On-premises client VMs require internet access to access the load balancer | |||||
| Google Cloud client VMs can be located in any region | If global access is enabled |
||||
| Google Cloud client VMs can be located in any project (subject to other requirements in this table) |
|||||
Failover
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Automatic failover to healthy backends within same region | |||||
| Automatic failover to healthy backends in other regions | (Premium Tier) |
(Premium Tier) |
|||
| Behavior when all backends are unhealthy | Returns HTTP 503 | Returns HTTP 502 | Configurable behavior | Traffic distributed among all backends | Traffic dropped |
| Configurable standby backends | (with failover backends) |
(with failover backends1) |
|||
| Connection draining on failover and failback | info (configurable) |
(configurable2) |
This table documents failover as supported by backend service-based network load balancers.
1 Target pool-based network load balancers use backup pools to support failover.
2 Target pool-based network load balancers do not support configuration of connection draining on failover/failback.
Logging and monitoring
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Byte count metrics | info | info | info | info | info |
| Packet count metrics | info | info | info | ||
| Round trip time or latency metrics | info | info | info | info | info |
| Connection count metrics | info | ||||
| HTTP request count metrics | info | info | |||
| HTTP request and response attribute logs | info | info |
Session affinity
For detailed information, see Session affinity.
For links to reference information, see Backend services.
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Client IP address (2-tuple hash of packet's source and destination IP addresses) |
|||||
| Headers | |||||
| HTTP cookie | |||||
| Generated cookie | |||||
| Client IP address, protocol (3-tuple hash of packet’s source IP address, packet’s destination IP address, and protocol) |
|||||
| Client IP address, port, protocol | (TCP only) |
(TCP only) |
|||
| None (5-tuple hash) |
Load balancing methods
For detailed information, see the Backend services overview.
For links to reference information, see Backend services.
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Balancing mode: connection | |||||
| Balancing mode: rate (requests per second) | |||||
| Balancing mode: backend utilization (instance group backends only) |
|||||
| Configurable maximum capacity per backend instance group or NEG | |||||
| Circuit breaking | |||||
| Percent of traffic/weight-based | |||||
|
Prefers region closest to client on the internet When the closest region is at capacity or isn't healthy, prefers next closest region |
(Premium Tier) | (Premium Tier) |
|||
| Within zone/region load balancing policy | Load balancing locality policy |
Round robin in a zone |
Round robin among all backends in the active pool when failover is configured, or among all backends in the region |
Round robin among all backends in the active pool when failover is configured, or among all backends in the region 1 |
Round robin in a zone |
1 This table documents load balancing methods supported by backend service-based network load balancers. Target pool-based network load balancers round robin among all instances in the target pool or backup pool.
Routing and traffic management
For internal HTTP(S) load balancers, see the following links:
- Traffic management overview for internal HTTP(S) load balancers
- Setting up traffic management for internal HTTP(S) load balancers
For external HTTP(S) load balancers, see the following links:
- Traffic management overview for external HTTP(S) load balancers
- Setting up traffic management for external HTTP(S) load balancers
For traffic management features available with Traffic Director, see Traffic Director features: Routing and traffic management.
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| HTTP/Layer 7 request routing |
Suffix, prefix, and match on: |
Suffix, prefix, and match on: |
|||
| Fault injection | info | ||||
| Configurable timeouts | info | info | info | ||
| Retries | info | info | |||
| Redirects | info | info | |||
| URI rewrites | info | info | |||
| Request/response header transformations | info | ||||
| Traffic splitting | info | ||||
| Traffic mirroring | info | ||||
| Outlier detection | info | ||||
| Retry failed requests | info |
Autoscaling and autohealing
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Managed instance group autoscaling based on load balancer serving capacity | |||||
| Autohealing (native to managed instance groups and GKE) | |||||
| Connection draining | 1 |
1 This table documents autoscaling and autohealing features supported by backend service-based network load balancers. Target pool-based network load balancers do not support connection draining.
Security
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Managed certificates | info | info
(SSL proxy only) |
|||
| CORS | info | ||||
| Identity-Aware Proxy (IAP) | info | info | |||
| Google Cloud Armor | info | ||||
| SSL offload | (SSL proxy only) |
||||
| SSL policies (TLS version and cipher suites) |
info | info (SSL proxy only) |
Special features
| Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|---|---|---|---|---|---|
| Cloud CDN | info (Premium Tier) |
||||
| External endpoints in internet NEGs as custom origins for Cloud CDN | info (Premium Tier) |
||||
| Internal DNS names | info | info | |||
| Load balancer as next hop | info | ||||
| Specify network interface of a backend VM (Multi-NIC load balancing) |
info | ||||
| Custom request and response headers | info
Geo-location information, Smoothed RTT, Client latency |
||||
| Automatic Service Directory registration (Preview) | info | info |
What's next
- To get an overview of the different load balancing solutions that are available in Google Cloud, see Load balancing overview.
- To help you determine which Google Cloud load balancer best meets your needs, see Choosing a load balancer.