Voiced by Amazon Polly |
AWS Load Balancer family has a member called Gateway Load Balancer. The following section will look at the functionalities, benefits, limitations, use cases of Gateway Load Balancer, and much more.
Customized Cloud Solutions to Drive your Business Success
- Cloud Migration
- Devops
- AIML & IoT
1. Highlights
- AWS Gateway Load Balancer is a managed service from AWS
- It enables clients to create and maintain multiple inline virtual network appliances scalably.
- It operates at the third layer of the OSI model, the network layer.
- It listens for all IP packets on all ports and sends traffic to the listener rule’s defined target group.
- It has a unique component called Gateway Load Balancer Endpoint (GWLBE). It is a data plane component of GWLB and provides a way for customers to flexibly place interface VPC endpoints in both centralized and distributed deployments.
- A GWLBE is like AWS PrivateLink, which allows you to place your service across many accounts and VPCs without losing centralized control and administration.
- GWLBE is a VPC endpoint that allows virtual appliances in the service provider VPC to communicate with application servers in the service consumer VPC.
2. Before and After Gateway Load Balancer
Let us consider a scenario where users are used to accessing your applications. We know that users can access your applications directly utilizing a load balancer, such as the Application load balancer. The traffic goes directly from the users to the ALB and ALB to the application (fig.1). But what if you wanted all that network traffic to be inspected first before being sent to your application. You must deploy many third-party virtual appliances, for example, EC2 instances that you want all traffic to go through before the traffic reaches your application. As a result, it used to be quite challenging to do so. But now, with a gateway load balancer (fig.2).
Fig 1: Application Load Balancer
The gateway load balancer can be used to implement intrusion detection and prevention systems and deep packet inspection. To get started, one must create a gateway load balancer; what is going to happen is that behind the scenes, route tables have to be updated in the VPC. As a result, the route tables have been altered, and now what happens is that users’ traffic first goes through a gateway load balancer. The gateway load balancer will then spread that traffic across a target group of your virtual appliances. So, all the traffic will reach these appliances, where the traffic will be analyzed. Then, based on decisions made by appliances, traffic will be dropped or forwarded to the VPC endpoint.
Fig 2: Gateway Load Balancer
3. Benefits
- The GENEVE protocol is used by the Gateway load balancer and its registered virtual appliance instances to exchange application traffic on port 6081.
- It provides horizontal scaling and fault tolerance to the appliances.
- It is transparent to network traffic as there is no change to source traffic.
- separate security and user admin domains shared across different VPCs, and AWS accounts
- provide the appliance-as-a-service facility (e.g., firewall-as-a-service)
4. Limitation
- Endpoints can be created between VPCs and services in the same region but not between VPCs and services in separate regions
- Endpoint support IPV4 traffic only
- Security groups are not supported
- The gateway load balancer endpoint supports a maximum bandwidth of 40 Gbps.
5. Use Cases
Use cases in security
- N-S inspection (VPC to/from Internet) using Internet Gateway
- N-S inspection (VPC to/from Internet) using Transit Gateway
- Inter-VPC traffic inspection using Transit Gateway
Other use cases
- Deploying third-party appliances became faster
- Scale virtual appliances while managing costs
- Improve virtual appliance availability
7. Pricing
The AWS Gateway Load Balancer is billed hourly in addition to the number of Gateway Load Balancer Capacity Units consumed, a metric determined by new and active connections or flows per second and the processed bytes.
Region: Asia Pacific (Mumbai)
$0.0133 per Gateway Load Balancer-hour (or partial hour)
$0.004 per GLCU (Gateway Load Balancer Capacity Units)-hour (or partial hour)
8. Conclusion
The AWS Gateway Load Balancer is massive, bringing to the cloud a capability that has never existed in traditional/legacy data center networks. However, as we have seen, Gateway Load Balancer is not the only load balancer; there are many other load balancers offered by AWS, such as Classic Load Balancer, Application Load Balancer, and Network Load Balancer.
Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.
- Cloud Training
- Customized Training
- Experiential Learning
About CloudThat
CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.
CloudThat is the first Indian Company to win the prestigious Microsoft Partner 2024 Award and is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 850k+ professionals in 600+ cloud certifications and completed 500+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, Microsoft Gold Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, AWS GenAI Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, Amazon ECS Service Delivery Partner, AWS Glue Service Delivery Partner, Amazon Redshift Service Delivery Partner, AWS Control Tower Service Delivery Partner, AWS WAF Service Delivery Partner, Amazon CloudFront Service Delivery Partner, Amazon OpenSearch Service Delivery Partner, AWS DMS Service Delivery Partner, AWS Systems Manager Service Delivery Partner, Amazon RDS Service Delivery Partner, AWS CloudFormation Service Delivery Partner, AWS Config, Amazon EMR and many more.

WRITTEN BY Aishwarya Joshi
Aishwarya works as a Research Associate (AWS Media services) with CloudThat. She is an enthusiastic individual and a good team player. A positive attitude is her way of dealing with everything. She enjoys learning new technologies and exploring various ways of problem-solving. As of late, she has become proficient in cloud services and enjoys writing technical blogs.
Hitesh Lodha
Mar 20, 2022
Briefly described.
Aishwarya Joshi
Mar 17, 2022
Thank you all!!
Saya B N
Mar 17, 2022
Nice work, I was looking for this Lb and I could found only 2-3 articles including yours.
Shubham
Mar 14, 2022
Great work
Prapti
Mar 12, 2022
good work 👍
Rahul Kumar Sharma
Mar 11, 2022
Content is really good and to the point.
Amruta kulkarni
Mar 11, 2022
Nice info
Rutuja
Mar 11, 2022
Much informative ,thanks for uploading!!
Nupoor kale
Mar 11, 2022
Knowledgeable 💯💯
atharva
Mar 11, 2022
Very useful information about AWS Gateway Load Balancer
Rakhee kulkarni
Mar 11, 2022
So well presented. Satisfied that I got to know something different today. Thankyou Aishwarya Joshi.