You can select the appropriate load balancer based on your application needs.
In the following tables, a checkmark indicates that a feature is supported. For more information about a feature, click the info link.
Type of load balancer
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Proxy | info | info | SSL Proxy info TCP proxy info |
||
Pass-through | info | info |
Protocols from the load balancer to the backends
For links to reference information, see Backend services.
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|
---|---|---|---|---|---|---|
One of: HTTP (HTTP/1.1) HTTPS (HTTP/1.1) HTTP/2 (requires TLS), including gRPC |
||||||
One of: TCP or UDP |
||||||
One of: SSL (TLS) or TCP |
||||||
WebSockets | info | info |
Protocols from the clients to the load balancer
For links to reference information, see Forwarding rules.
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
|
---|---|---|---|---|---|---|
One of: HTTP/1.1, HTTP/2, or HTTPS |
(includes QUIC) |
|||||
One of: TCP or UDP |
||||||
SSL or TCP | ||||||
WebSockets | info | info |
Backends
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Backends must be in one region | (Standard Tier) |
(Standard Tier) |
|||
Backends can be in multiple regions | (Premium Tier) |
(Premium Tier) |
|||
Load balancer can have multiple backend services and a URL map | |||||
Virtual machine backends on Compute Engine | |||||
Zonal NEGs | Using GCE_VM_IP_PORT type endpoints with GKE:
|
Using GCE_VM_IP_PORT type endpoints with GKE:
|
Using GCE_VM_IP type endpoints with GKE:
|
Use standalone zonal NEGs | |
Self-managed Kubernetes and GKE | |||||
External endpoints in internet NEGs as custom origins for Cloud CDN | info (Premium Tier) |
||||
Cloud Storage in backend buckets | info | ||||
Serverless backends:
|
info |
Health checks
For links to reference information, see Health checks.
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
HTTP health checks | 1 | ||||
HTTPS health checks | 1 | ||||
HTTP/2 health checks | 1 | ||||
SSL health checks | 1 | ||||
TCP health checks | 1 | ||||
Configurable health checks:
|
|||||
Configurable request path (HTTP, HTTPS, HTTP/2) | 1 | ||||
Configurable request string or path (TCP or SSL) | 1 | ||||
Configurable expected response string | 1 |
1 This table documents health checks supported by backend service-based network load balancers (currently in Preview). Target pool-based network load balancers only support legacy HTTP health checks.
IP addresses
For links to reference information, see Addresses.
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Internal IP address, accessible in your Virtual Private Cloud (VPC) network | |||||
Public IP address (global anycast) | (Premium Tier) |
(Premium Tier) |
|||
Public IP address (regional) | (Standard Tier) |
(Standard Tier) |
|||
Multiple forwarding rules with the same IP address, each having a unique protocol and port combination | |||||
Internet accessible (including by clients that are in Google Cloud and have internet access) |
|||||
Privately accessible |
|
|
|||
Client source IP address preservation | X-Forwarded-For header | X-Forwarded-For header | In TCP Proxy header | ||
IPv6 termination |
Network topologies
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Relationships between VPC networks and load balancer backends | |||||
Backends must be in the same VPC network | |||||
Backends can be located in multiple VPC networks in
the same project (the networks do not have to be connected) |
|||||
Backends can use a Shared VPC network | |||||
Client access to load balancers | |||||
Google Cloud or on-premises clients must access the load balancer privately by being either in the same VPC network, in a peered VPC network, or in another network connected using Cloud VPN tunnels or Cloud Interconnect attachments (VLANs) | |||||
Google Cloud client VMs require external IP addresses or a
NAT solution like Cloud NAT to access the load balancer |
|||||
On-premises client VMs require internet access to access the load balancer | |||||
Google Cloud client VMs can be located in any region | If global access is enabled |
||||
Google Cloud client VMs can be located in any project (subject to other requirements in this table) |
Failover
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Automatic failover to healthy backends within same region | |||||
Automatic failover to healthy backends in other regions | (Premium Tier) |
(Premium Tier) |
|||
Behavior when all backends are unhealthy | Returns HTTP 503 | Returns HTTP 502 | Configurable behavior | Traffic distributed among all backends | Traffic dropped |
Configurable standby backends | (with failover backends) |
(with failover backends1) |
|||
Connection draining on failover and failback | info (configurable) |
(configurable2) |
This table documents failover as supported by backend service-based network load balancers (currently in Preview).
1 Target pool-based network load balancers use backup pools to support failover.
2 Target pool-based network load balancers do not support configuration of connection draining on failover/failback.
Logging and monitoring
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Byte count metrics | info | info | info | info | info |
Packet count metrics | info | info | info | ||
Round trip time or latency metrics | info | info | info | info | info |
Connection count metrics | info | ||||
HTTP request count metrics | info | info | |||
HTTP request and response attribute logs | info | info |
Session affinity
For detailed information, see Session affinity.
For links to reference information, see Backend services.
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Client IP address (2-tuple hash of packet's source and destination IP addresses) |
(TCP only) |
(TCP only) |
|||
Headers | |||||
HTTP cookie | |||||
Generated cookie | |||||
Client IP address, protocol (3-tuple hash of packet’s source IP address, packet’s destination IP address, and protocol) |
(TCP only) |
(TCP only) |
|||
Client IP address, port, protocol | (TCP only) |
(TCP only) |
|||
None (5-tuple hash) |
Load balancing methods
For detailed information, see the Backend services overview.
For links to reference information, see Backend services.
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Balancing mode: connection | |||||
Balancing mode: rate (requests per second) | |||||
Balancing mode: backend utilization (instance group backends only) |
|||||
Configurable maximum capacity per backend instance group or NEG | |||||
Circuit breaking | |||||
Percent of traffic/weight-based | |||||
Prefers region closest to client on the internet When the closest region is at capacity or isn't healthy, prefers next closest region |
(Premium Tier) | (Premium Tier) |
|||
Within zone/region load balancing policy | Load balancing locality policy |
Round robin in a zone |
Round robin among all backends in the active pool when failover is configured, or among all backends in the region |
Round robin among all backends in the active pool when failover is configured, or among all backends in the region 1 |
Round robin in a zone |
1 This table documents load balancing methods supported by backend service-based network load balancers (currently in Preview). Target pool-based network load balancers round robin among all instances in the target pool or backup pool.
Routing and traffic management
For internal HTTP(S) load balancers, see the following links:
- Traffic management overview for internal HTTP(S) load balancers
- Setting up traffic management for internal HTTP(S) load balancers
For external HTTP(S) load balancers, see the following links:
- Traffic management overview for external HTTP(S) load balancers
- Setting up traffic management for external HTTP(S) load balancers
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
HTTP/Layer 7 request routing |
Suffix, prefix, and match on: |
Suffix, prefix, and match on: |
|||
Fault injection | info | ||||
Configurable timeouts | info | info | info | ||
Retries | info | info | |||
Redirects | info | info | |||
URI rewrites | info | info | |||
Request/response header transformations | info | ||||
Traffic splitting | info | ||||
Traffic mirroring | info | ||||
Outlier detection | info | ||||
Retry failed requests | info |
Autoscaling and autohealing
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Managed instance group autoscaling based on load balancer serving capacity | |||||
Autohealing (native to managed instance groups and GKE) | |||||
Connection draining | 1 |
1 This table documents autoscaling and autohealing features supported by backend service-based network load balancers (currently in Preview). Target pool-based network load balancers do not support connection draining.
Security
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Managed certificates | info | info
(SSL proxy only) |
|||
CORS | info | ||||
Identity-Aware Proxy (IAP) | info | info | |||
Google Cloud Armor | info | ||||
SSL offload | (SSL proxy only) |
||||
SSL policies (TLS version and cipher suites) |
info | info (SSL proxy only) |
Special features
Feature | Internal HTTP(S) | External HTTP(S) | Internal TCP/UDP | External TCP/UDP Network | External SSL Proxy and TCP Proxy |
---|---|---|---|---|---|
Cloud CDN | info (Premium Tier) |
||||
External endpoints in internet NEGs as custom origins for Cloud CDN | info (Premium Tier) |
||||
Internal DNS names | info | info | |||
Load balancer as next hop | info | ||||
Specify network interface of a backend VM (Multi-NIC load balancing) |
info | ||||
Custom request and response headers | info
Geo-location information, Smoothed RTT, Client latency |
||||
Automatic Service Directory registration (Preview) | info | info |
What's next
- To get an overview of the different load balancing solutions that are available in Google Cloud, see Load balancing overview.
- To help you determine which Google Cloud load balancer best meets your needs, see Choosing a load balancer.