Search code examples
amazon-web-servicesnetworkingamazon-ec2amazon-elbvpc

Is ELB used for outbound traffic?

ELB(Elastic load balancer) can be used to make some compute instances(EC2) sitting in public subnet, public facing(to Internet), by assigning a public IP to ELB, where clients can talk to ELB.

Case 1

EC2 instances(having only private IP) in public subnet, receive http requests via ELB.

In case 1, How does EC2 instance respond back to client? Is it via ELB?

Case 2

EC2 instances(having both private IP & public) in public subnet receive http requests via ELB.

here, it says: "When you receive incoming traffic through the load balancer, the responses will go out the same way."

In case 2, How does EC2 instance respond back to clients? Does EC2 instance sent directly from the public IP address of your instance out to the Internet?

Solution

  • CASE 1

    How does EC2 instance respond back to client? Is it via ELB?

    Yes. A request coming thru the ELB will be forwarded to the EC2, and the EC2 response will go back thru the ELB and forwarded to the client. So yes, the ELB is playing its role in both directions.

    CASE 2

    In case 2, how does EC2 instance respond back to clients? Does EC2 instance sent directly from the public IP address of your instance out to the Internet?

    If the request comes via the ELB, then the instance will send its response to the ELB, which will then forward to the client. In other words, requests coming thru the ELB always get their response thru the ELB:

    CLIENT <-> ELB <-> EC2

    In the referenced post (link), the person wrote:

    When you receive incoming traffic through the load balancer, the responses will go out the same way. However, traffic that is originating from your instance will not pass through the load balancer. Instead, it is sent directly from the public IP address of your instance out to the Internet. The ELB is not involved in that scenario.

    It's talking about traffic that is originated (initiated) by your EC2. Example: apt-get update will fetch a bunch of HTTP servers. This traffic won't pass the ELB. If you haven't changed the default VPC and route tables, the traffic will traverse the Internet Gateway (IGW) and go to the internet.