Options for load balancing
Depending on the type of traffic sent to your application, you have several options for load balancing. The following table summarizes your options:
| Option | Description | Traffic flow | Scope |
|---|---|---|---|
| HTTP, HTTPS, TCP, and SSL Load Balancing | Supports HTTP(S) traffic and advanced features, such as URL mapping
and SSL offloading. Supports TCP proxy or SSL proxy for non-HTTP traffic on specific ports. |
The TCP or SSL (TLS) session is terminated at Google Front Ends (GFEs), at Google's network edge, and traffic is proxied to the backends. | Global |
| Network Load Balancing | Allows TCP/UDP traffic using any port to pass through the load balancer. | Delivered using Google's Maglev technology to distribute the traffic to the backends. | Regional |
Because the Internal load balancer does not support user-facing traffic, it is out of scope for this article.
All measurements in this article were done using the Premium Network Service Tier because global load balancing is only available using this Service Tier.
Measuring latency
When accessing a website hosted in us-central1, a user in Germany used the
following methods to test latency:
- Ping: While this is a common way to measure server reachability, ICMP ping does not give a good indication of end-user latency. You can read an explanation in the Additional latency effects of HTTP(S) Load Balancing section.
- Time To First Byte (TTFB): A good way to measure time to first HTTP
response is to issue a
curlcommand repeatedly to the server to get a response from the web server.
When comparing results, be aware that latency on fiber links is constrained mainly by the distance and the speed of light in fiber, which is roughly 200,000 km/s (or 124,724 miles/s).
The distance between Frankfurt, Germany, and Council Bluffs, Iowa, which is the
location of the us-central1 region, is roughly 7,500 km. With perfectly
straight fiber between the locations, round-trip latency would be:
7,500 km * 2 / 200,000 km/s * 1000 ms/s = 75 milliseconds (ms)
In reality, fiber optic cable doesn't follow an ideal path between the user and the data center, and light on the fiber cable passes through active and passive equipment along its path. An observed latency of approximately 1.5 times the ideal, or 112.5 ms, would indicate a near-ideal configuration.
Comparing latency
This section compares load balancing in the following configurations:
- No load balancing
- Network Load Balancing
- HTTP Load Balancing or TCP Proxy
In this scenario, the application consists of a regional managed instance group
of HTTP web servers. Because the application relies on low-latency calls to a
central database, the web servers must be hosted in one location. The
application is deployed in the us-central1 region, and users are distributed
across the globe. The latency that the user in Germany observes in this scenario
illustrates what users worldwide might experience.
No load balancing
When a user makes an HTTP request, unless load balancing is configured, the traffic flows directly from the user’s network to the virtual machine (VM) hosted on Compute Engine. For Premium Tier, traffic then enters Google's network at an edge point of presence (POP) close to the user's location. For Standard Tier, the user traffic enters Google's network at a POP close to the destination region. For more information, see the Network Service Tiers documentation.
The following table shows the results when the user in Germany tested latency of a system with no load balancing:
| Method | Result | Minimum latency |
|---|---|---|
| Ping the VM IP address (Response is directly from web server) |
ping -c 5 compute-engine-vm PING compute-engine-vm (xxx.xxx.xxx.xxx) 56(84) bytes of data. 64 bytes from compute-engine-vm (xxx.xxx.xxx.xxx): icmp_seq=1 ttl=56 time=111 ms 64 bytes from compute-engine-vm (xxx.xxx.xxx.xxx): icmp_seq=2 ttl=56 time=110 ms [...] --- compute-engine-vm ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4004ms rtt min/avg/max/mdev = 110.818/110.944/111.265/0.451 ms |
110 ms |
| TTFB |
for ((i=0; i < 500; i++)); do curl -w /
"%{time_total}\n" -o /dev/null -s compute-engine-vm; done
0.230 0.230 0.231 0.231 0.230 [...] 0.232 0.231 0.231 |
230 ms |
The TTFB latency is very stable, as shown in the following graph of the first 500 requests:
When pinging the VM IP address, the response comes directly from web server. The response time from the web server is minimal compared to the network latency (TTFB). This difference is because a new TCP connection is opened for every HTTP request, and an initial three-way handshake is needed before the HTTP response is sent, as shown in the following diagram. Therefore, the latency the user in Germany observed is roughly double the ping latency.
Network Load Balancing
With a network load balancer, user requests still enter the Google network at the closest edge POP (in Premium Tier). In the region where the project's VMs are located, traffic flows first through a Maglev load balancer. It is then forwarded without changes to the target backend VM. The Maglev load balancer distributes traffic based on a stable hashing algorithm. The algorithm uses a combination of source and destination port, IP address, and protocol. The VMs listen to the load balancer IP and accept the traffic unaltered.
The following table shows the results when the user in Germany tested latency for the network-load-balancing option:
| Method | Result | Minimum latency |
|---|---|---|
| Ping the network load balancer |
ping -c 5 net-lb PING net-lb (xxx.xxx.xxx.xxx) 56(84) bytes of data. 64 bytes from net-lb (xxx.xxx.xxx.xxx): icmp_seq=1 ttl=44 time=110 ms 64 bytes from net-lb (xxx.xxx.xxx.xxx): icmp_seq=2 ttl=44 time=110 ms [...] 64 bytes from net-lb (xxx.xxx.xxx.xxx): icmp_seq=5 ttl=44 time=110 ms --- net-lb ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4007ms rtt min/avg/max/mdev = 110.658/110.705/110.756/0.299 ms |
110 ms |
| TTFB |
for ((i=0; i < 500; i++)); do curl -w /
"%{time_total}\n" -o /dev/null -s net-lb
0.231 0.232 0.230 0.230 0.232 [...] 0.232 0.231 |
230 ms |
Because load balancing takes place in-region and traffic is merely forwarded, there is no significant latency impact compared with the no-load-balancer option.
HTTP(S)/TCP/SSL Proxy Load Balancing
With HTTP Load Balancing, traffic is proxied through GFEs, which are typically located at the edge of Google's global network. The GFE terminates the TCP session and connects to a backend in the closest region that has capacity to serve the traffic.
The following table shows the results when the user in Germany tested latency for the HTTP-load-balancing option:
| Method | Result | Minimum latency |
|---|---|---|
| Ping the HTTP load balancer |
ping -c 5 http-lb PING http-lb (xxx.xxx.xxx.xxx) 56(84) bytes of data. 64 bytes from http-lb (xxx.xxx.xxx.xxx): icmp_seq=1 ttl=56 time=1.22 ms 64 bytes from http-lb (xxx.xxx.xxx.xxx): icmp_seq=2 ttl=56 time=1.20 ms 64 bytes from http-lb (xxx.xxx.xxx.xxx): icmp_seq=3 ttl=56 time=1.16 ms 64 bytes from http-lb (xxx.xxx.xxx.xxx): icmp_seq=4 ttl=56 time=1.17 ms 64 bytes from http-lb (xxx.xxx.xxx.xxx): icmp_seq=5 ttl=56 time=1.20 ms --- http-lb ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4005ms rtt min/avg/max/mdev = 1.163/1.195/1.229/0.039 ms |
1 ms |
| TTFB |
for ((i=0; i < 500; i++)); do curl -w /
"%{time_total}\n" -o /dev/null -s http-lb; done
0.309 0.230 0.229 0.233 0.230 [...] 0.123 0.124 0.126 |
123 ms |
The results for HTTP Load Balancing are significantly different. When pinging
the HTTP load balancer, the round-trip latency is just over 1 ms. However, this
result represents latency to the closest GFE, which is located in the same city
as the user in this case. This result has nothing to do with actual latency the
user experiences when trying to access the application hosted in the
us- central1 region. This shows that experiments using protocols (ICMP) that
differ from your application communication protocol (HTTP) can be misleading.
When measuring TTFB, the initial requests show roughly the same response latency. Over the course of the requests, additional requests achieve the lower minimum latency of 123 ms, as shown in the following graph:
However, two round trips between the client and VM would take more than 123 ms even with perfectly straight fiber. The reason for the lower latency is that traffic is proxied through GFEs, which keep persistent connections open to the backend VMs. Therefore, only the first request from a specific GFE to a specific backend needs a three-way handshake.
There are multiple GFEs in each location. You can see in the latency graph multiple, fluctuating spikes early on as traffic reaches each GFE-backend pair for the first time. This reflects differing request hashes. After all GFEs have been reached, subsequent requests show the lower latency.
These scenarios demonstrate the reduced latency that users can experience in a production environment. The following table summarizes the results:
| Option | Ping | TTFB |
|---|---|---|
| No load balancing | 110 ms to the web server | 230 ms |
| Network Load Balancing | 110 ms to the in-region network load balancer | 230 ms |
| HTTP Load Balancing | 1 ms to the closest GFE | 123 ms |
When a healthy application is serving users in a specific region regularly, all GFEs in that region should generally have a persistent connection open to all serving backends. Because of this, users in that region will notice significantly reduced latency on their first HTTP request if they are far from the application backend. If users are near the application backend, no latency improvement is observed because of their close proximity to the backend.
For subsequent requests, such as clicking a page link, no latency improvement is
observed because modern browsers already keep a persistent connection to the
service to be reused, as opposed to a curl command issued from the command line.
Additional latency effects of HTTP(S) Load Balancing
There are some additional observable effects with HTTP(S) Load Balancing that depend on traffic patterns.
HTTP(S) Load Balancing has less latency for complex assets than Network Load Balancing because fewer round trips are needed before a response completes. For example, when the user in Germany measured latency over the same connection by repeatedly downloading a 10 MB file, the average latency for Network Load Balancing was 1911 ms compared to 1341 ms with HTTP load balancing, saving approximately 5 round trips per request. This reduction is because persistent connections between GFEs and serving backends reduce the effects of TCP Slow Start.
HTTP(S) Load Balancing significantly reduces the additional latency for a TLS handshake (typically 1-2 extra roundtrips). This reduction is because HTTP(S) uses SSL offloading, and only the latency to the edge POP is relevant. For the user in Germany, the minimum observed latency is 201 ms using HTTP(S) load balancing versus 525 ms using HTTP(S) through the network load balancer.
The HTTP(S) load balancer also allows an automatic upgrade of the user-facing session to HTTP/2, which can reduce the number of packets needed, by using improvements in binary protocol, header compression, and connection multiplexing. This can reduce observed latency even more than that observed by switching to HTTP Load Balancing alone. HTTP/2 is used only in conjunction with current browsers using SSL/TLS. For our user in Germany, minimum latency decreased further from 201 ms to 145 ms when using HTTP/2 instead of plain HTTPS.
Optimizing HTTP(S) Load Balancing
You can optimize latency for your application by using the HTTP(S) load balancer as follows:
If some of the traffic you serve is cacheable, you can integrate with Google Cloud CDN. Cloud CDN reduces latency by serving assets directly at Google's network edge. Cloud CDN also makes use of the TCP and HTTP optimizations from HTTP/2 mentioned in the Additional latency effects of HTTP(S) Load Balancing section.
You can use any CDN partner with GCP. By using one of Google's CDN interconnect partners, you benefit from discounted egress costs.
If content is static, you can reduce the load on the web servers by serving content directly from Google Cloud Storage through the HTTP/S load balancer. This option combines seamlessly with the CDN options mentioned previously.
Deploying your web servers in multiple regions close to your users can reduce latency because HTTP(S), SSL Proxy, and TCP Proxy Load Balancing automatically direct users to the closest region. However, if your application is partly centralized, design it to minimize inter-regional round trips.
To reduce latency inside your applications, examine any remote procedure calls (RPCs) that communicate between VMs. This latency typically occurs when applications communicate between tiers or services. Tools such as Stackdriver Trace can help you minimize latency caused by application-serving requests.
Because TCP and SSL proxy are also based on GFE, the effect on latency is the same as observed with HTTP Load Balancing. Because HTTP(S) Load Balancing has more features than TCP/SSL proxy, we recommend always using HTTP(S) load balancing for HTTP(S) traffic.
Next steps
We recommend that you deploy your application close to the majority of your users and choose the best configuration for your use. For more information about the different load balancing options on GCP, see the following documents: