Layer 4 Load Balancing

<< Back to Technical Glossary

Layer 4 Load Balancing Definition

A load balancer distributes application traffic or network traffic across multiple servers, acting as a reverse proxy. Load balancers can increase the reliability and capacity—or possible number of concurrent users—of applications. Load balancers perform application-specific tasks and decrease the burden on servers associated with maintaining and managing network and application sessions to improve overall application performance.

There are two broad categories of load balancers: layer 4 and layer 7. These types of load balancers operate and make decisions based on different factors.

Layer 4 load balancing makes its routing decisions based on information defined at Layer 4, the networking transport layer. Layer 4 represents the fourth layer of the Open Systems Interconnection [OSI] Reference Model, which defines seven networking layers total, found here.

Layer 4 is the transport level, which includes the user datagram protocol (UDP) and transmission control protocol (TCP). For internet traffic, a Layer 4 load balancer does not consider packet contents as it makes its load-balancing decisions, and instead distributes client requests across a group of servers based on the destination and source IP addresses and ports the packet header records.

This image depicts a layer 4 load balancer with the application clients (end users) are connected to the servers through load balancers.

Layer 4 Load Balancing FAQs

What is Layer 4 Load Balancing?

Layer 4 load balancing most often describes deployments where the IP address of the load balancer is advertised to clients for a service or website, for example via DNS. In this layer 4 load balancer example, client requests record the address of the load balancer as the destination IP address.

How Does Layer 4 Load Balancing Work?

Layer 4 load balancing makes its routing decisions based on information defined at the networking transport layer, L-4. The layer 4 load balancer also performs Network Address Translation (NAT) on the request packet as it receives a request and makes the load balancing decision. In the NAT process, the layer 4 load balancer chooses a content server on the internal network and changes the destination IP address from its own to that of the selected server.

Similarly, the load balancer changes the source address recorded in the packet header from the server’s IP address to its own before forwarding server responses to clients. At times, the layer 4 load balancer may also change the source and destination TCP port numbers recorded in the packets in a similar fashion.

Layer 4 load balancers do not inspect packet content, instead extracting address information from the first few packets in the TCP stream and using it to make routing decisions. Because layer 4 load balancers are often vendor-supplied, dedicated hardware devices, specialized chips may perform NAT operations rather than proprietary load-balancing software.

Layer 4 load balancing was a more popular approach to handling traffic when interaction between application servers and clients was less complex. Initially, Layer 7 and other more sophisticated load balancing methods demanded significantly more computation than Layer 4 load balancing, but the advantages of layer 4 load balancing in terms of performance have been greatly reduced in most situations thanks to modern memory and CPU which are low cost and fast.

However, to meet a broader variety of application needs, an ADC should offer load balancing capabilities across both layer 4 and layer 7, even though layer 7 load balancers allow more intelligent routing decisions and offer more extensive functionality. In other words, layer 4 load balancing capacity remains important, even for users with sophisticated architectures.

Layer 4 Load Balancing for Kubernetes

Many of the same principles of a Layer 4 load balancer apply for microservices architectures as well. Layer 4 load balancing Kubernetes solutions are needed as are layer 7 load balancing solutions. Layer 7 load balancing is frequently referred to as ingress load balancing.

Layer 4 vs Layer 7 Load Balancing

Applications need both layer 4 and layer 7 load balancing. The distinctions between the various layers in the Open Systems Interconnection (OSI) Reference Model for networking define the difference between layer 4 and layer 7 load balancing.

A layer 4 load balancer manages transaction traffic at the transport layer using the UDP and TCP protocols, basic information such as response times and server connections, and a simple load balancing algorithm. Layer 4 load balancing manages traffic based on network information such as protocols and application ports without requiring visibility into actual content of messages.

This approach is effective for simple load balancing at the packet level. Messages can be forwarded efficiently, quickly, and securely because they are neither decrypted nor inspected. However, it’s not possible to route traffic based on localization rules, media type, or other more complex criteria; layer 4 load balancing cannot make content-based decisions, so it relies upon simple algorithms such as round-robin routing.

A Layer 7 load balancer works at the highest OSI model layer: the application layer. It therefore makes its routing decisions based on more detailed information such as message content, cookie data, HTTP/HTTPS header characteristics, type of data (video, text, graphics, etc.), and URL type. DNS, FTP, HTTP, and SMTP protocols are all at the application traffic level. In other words, the difference between layer 4 and 7 load balancing is the source and type of information the load balancer can use to make decisions.

Layer 7 load balancers terminate and distribute network traffic; decrypt and inspect messages as needed; make routing decisions that are content-based; select an appropriate upstream server based on the right criteria and initiate new TCP connections to it; and write those requests to the server—rather than merely forwarding unread traffic.

Layer 7 processing incurs a performance penalty for encryption, but SSL offload functionality can largely reduce this problem. Layer 7 load balancing allows application-aware networking, enabling smarter content optimizations and load balancing decisions.

A layer 7 load balancer can provide “sticky sessions” or server persistence by identifying unique client sessions viewing or actively injecting cookies. This enhances efficiency by sending all client requests to the same server. It can also use content caching, more easily retrieving frequently accessed items held in memory, thanks to visibility at the packet level. A layer 7 load balancer can also manage protocols that reduce overhead and optimize traffic by multiplexing many requests onto a single connection—an important load balancing feature for modern organizations.

All of these features can make layer 7 load balancing more costly in terms of required computing power and time than layer 4 load balancing. However, in many cases layer 7 load balancing achieves greater overall efficiency, reducing duplications of data in requests, for example.

Modern general-purpose load balancers that serve as full reverse proxies often operate at Layer 7. However, compared to the routing-based methods which are not acting as full proxies, the load balancer is acting as a full proxy it doesn’t have the same high layer 4 load balancer throughput.

Some load balancers can be configured based on the nature of the service, and can provide layer 4 or layer 7 load balancing. An L4-7 load balancer solves this problem by using a set of network services across the entire networking stack that provides services such as data storage and communications, ISO layers 4 through 7 to base traffic management decisions. This means it offers the benefits of both layer 4 and layer 7 load balancers.

There are appropriate use cases for layer 4 or layer 7 load balancing, despite the enhanced intelligence of routing decisions and functionality layer 7 load balancers offer. To meet an enterprise level demand for compliance, content localization, and efficiency and meet a variety of application needs while providing the best possible experience for any device, user, and location, application delivery controllers (ADCs) will ideally provide load balancing and manage traffic across layers.

Does VMware NSX Advanced Load Balancer Offer Layer 4 Load Balancing?

Yes. The VMware NSX Advanced Load Balancer’s multi-cloud Software Load Balancer delivers applications at scale across all levels of the networking stack (L4-7) and any infrastructure. VMware NSX Advanced Load Balancer’s software load balancer offers modern enterprises performance, speed, and reliability, forming the backbone of the Platform. Learn more about VMware NSX Advanced Load Balancer’s layer 4 load balancing solution and how elastic load balancing can handle sudden changes in traffic and other challenges here.

For more on the actual implementation of load balancers, check out our Application Delivery How-To Videos.