TechQA.

aws NLB leads to time-out

715 views Asked by At

i have NLB which has target group to which 3 instance in different AZ are registered.

as i went through documentation NLB doesn't have security group. so i added 3 inbound rules to ec2 instance security group which allow private IP of NLB's network interface from all the three AZ to send tcp traffic to ec2 instance.

Note:- health checks to all 3 ec2 instances are healthy.

when i tried the same thing by allowing traffic my private IP there wasn't time-out issue.

amazon-web-services amazon-ec2 aws-nlb
Original Q&A
1

There are 1 answers

0
Marcin On BEST ANSWER

Based on the comments.

Since NLB does not have security groups (SGs), the target instances need to allow either private IP addresses of NLB nodes or IP addresses of clients. This depends whether client IP preservation is enabled or not.

By default:

When you specify targets by instance ID, the client IP of all incoming traffic is preserved and provided to your applications.

Subsequently, SGs of the instances should allow all client IP addresses. Alternatively, you can disable client IP preservation, in which case, the SGs can use private IP addresses of NLB nodes.

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-EC2

Related Questions in AWS-NLB

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions