Configure a Network Load Balancer

Select the NLB element to open its properties in the Inspector pane on the right. The name of the NLB and the number of balanced Network Interface Cards (NIC)are displayed at the top of the pane.

Configuration options are grouped under the following three tabs:


NLB Listener accepts connections from clients through an exposed IP address (Primary IPv4) and configured listener port. The Listener interface can also monitor additional IPs (Add IP). Listener IPs can be private (for local networks) or public (exposed to the Internet). Public IPs must be reserved before they can be used. For more information, see Listener.

Provide the following information in the Settings:

  • Name: You can use the default or enter a new name for the NLB.

  • By clicking on Load Balancer you can show or hide the Primary IPv4 and Add IP settings.

  • Primary IPv4: Assign the first (primary) Listener IP address. For Automatic, no entry is required; a private primary Listener IP address will be assigned automatically on provisioning.

  • For private IP, enter a private IP address directly. For public IP, Public IP is required for an NLB that is connected to the Internet.

Public IPs must be reserved first. You can reserve public IPs using the Management > IP Management.

  • Add IP: Assign one or more additional Listener IPs; additional IPs are optional. For private IP, choose Add private IP and enter the address directly.

  • Reserve public IP: Available only when no reserved public IPs exist. Select Add IP > Reserve public IP, enter a name for the IP block, the number of IPs to be reserved, and select Reserve IPs.

  • Public IP: Public IPs must already have been reserved. Select Add IP and choose a reserved IP block name from the drop-down list, then select a reserved IP address.

  • Multiple IPs: Use Add IP again to add as many IPs as needed. All added private and public IPs are listed below the IP settings.

Configuration changes are saved only once the VDC is provisioned.

Forwarding rules

Forwarding rules define how your traffic is distributed to the targets. More than one forwarding rule can be created for the same load balancer.

In Forwarding rules tab, you can create a Forwarding rule, add its Target or adjust the Health-Check settings.

Create a rule

  1. Select + Add forwarding rules to create a rule. Provide the following information:

    • Name: Enter the name of the rule.

    • Algorithm: Select an algorithm from the drop-down list. The algorithm involves defining the conditions that determine how incoming traffic is distributed among the targets in the target group.

      • Round Robin: Allows equal distribution of requests among the servers with time. It distributes incoming network traffic or requests across servers in a circular, sequential order based on their weights.

      • Least connections: Allows the distribution of incoming network traffic or requests among a group of servers based on the current number of active connections. The server with the fewest active connections receives the next request.

      • Random: Allows the distribution of incoming requests randomly among the available servers.

      • Source IP: Allows IP address of incoming network requests to determine how to distribute the traffic among the available servers.

    • Protocol: This field is preset and defines how data is transmitted between devices. The default value is set to TCP.

    • Listener IP: Select an IP address from the drop-down list. It is the address that you use to reach the load balancer.

    • Listener Port: Select a port from the drop-down list. It is the port on which the load balancer will receive the incoming requests.

  2. Select Create to create the forwarding rule.

Result: A forwarding rule is successfully created. Select the name of the forwarding rule to expand or collapse its settings. You can use the Add forwarding rule option again to create as many rules as needed. All of the forwarding rules are listed on the right side under the Forwarding rules tab.

Create a target

  1. Select Add target to add targets for your forwarding rule and provide the following information:

    • Target IP: Select a Target IP value from the drop-down list. A Target IP is assigned so that the addresses of all hosts on a given network share a common prefix.

    • Target port: Select a value from the drop-down list. This is the specific port on which a service or application is running on a server.

    • Weight: Enter a target weight from 1 to 256. This value refers to the relative capacity or priority assigned to each target within the group. A target with a higher weight gets a larger share of traffic. The default weight value is set to 1.

    • Proxy Protocol: Select a value from the drop-down list to enable it. You can preserve and send the connection information to your backend instances, such as Apache, NGINX, or an ingress controller inside Kubernetes. Ensure your backend instances are up and running and have proxy protocol enabled. The following options are available for the Proxy Protocol:

      • none: for disabling the proxy protocol

      • v1: for plain text format

      • v2: for binary format

      • v2ssl: for encrypted binary format

  2. Select Add Target to create the new target.

Result: A target is successfully created for your forwarding rule.

Add Health-Check

  1. Select the Settings option next to the Health Check field to configure the Health Check Settings for this forwarding rule. A Health Check Settings window will open up. Provide the following information:

    • Client timeout: Enter the duration in which the NLB will not break the TCP connection established with the client. The default value is set to 50000 milliseconds(ms). This inactivity timeout is applied when the client is expected to acknowledge or send the data.

    • Connection timeout: Enter the maximum amount of time the load balancer is willing to wait for a response from the server before considering the server unhealthy. The default value is set to 5000 milliseconds(ms).

    • Target timeout: Enter the maximum amount of time the load balancer is willing to wait for a response from the server when performing a health check on that server. The default value is set to 50000 milliseconds(ms).

    • Retries: Enter the number of attempts the load balancer will make to establish a successful connection or receive a valid response from the server before marking it as unhealthy. The default value is set to 3.

Result: The Health-Check Settings are successfully configured for your forwarding rule.

Private IPs

NLB backend exposes a private IP to targets as the source of client traffic. The backend IP address is configurable and defaults to x.x.x.225. Backend IPs are listed in the NLB Inspector under the Private IPs tab.

Add and delete IPs

  1. It is best to use the default IP address in most cases. To change an already-provisioned IP, delete the existing IP address first and then add a new one.

  2. Select the arrow and then select Remove IP to delete the IP address.

  3. Enter an IP address in CIDR notation (e.g., and click Add IP. The new IP must be private and match the subnet mask of the Target network.

  4. Use Add IP again to add as many private IPs as needed. All added IPs are listed under the Private IPs.

Last updated