We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you're looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
  • Start a new search.
Country Contact Us Sign in to Oracle Cloud

Flexible Load Balancing FAQ

FAQ topics

General Questions—OCI Flexible Load Balancer

What is Oracle Cloud Infrastructure Load Balancing?

Oracle Cloud Infrastructure Load Balancing distributes incoming traffic across multiple Oracle Cloud Infrastructure compute instances. It enables you to increase the fault tolerance of your application and optimize the available bandwidth for your application traffic by providing preprovisioned load balancing capacity.

When should I use Oracle Load Balancing?

You should use Oracle Load Balancing when you require either a public or a private load balancer as an entry point to automatically distribute incoming traffic to multiple servers within your virtual cloud network (VCN).

When should I use the public load balancer and when should I use the private load balancer?

You can create a load balancer in the networking section of the Oracle Cloud Infrastructure management console.

How can I get started with Oracle Load Balancing?

You can create a load balancer in the networking section of the Oracle Cloud Infrastructure management console. Click "Load Balancers" and then "Create Load Balancer." Alternatively, you can use the CreateLoadBalancer API.

Technical—OCI Flexible Load Balancer

How does the load balancer distribute incoming application traffic across multiple bare metal compute instances?

The load balancer checks for incoming traffic on its IP address and distributes that traffic to a list of backend servers, based on the load balancing and health check policies that you have defined in a logical entity called a backend set. The backend set determines how the load balancer directs traffic to the collection of backend servers.

What load balancing policies can I define?

You can define the policies that tell the load balancer how to distribute incoming traffic to the backend servers. Currently, we support the following load balancing policies:

  • Round robin
  • Least connections
  • IP hash

For more information, see How Load Balancing Policies Work in the documentation.

Alternatively, you can determine the health of a load balancer instance in relation to its backend servers in a programmatic way via the load balancer health API.

What is the load balancer health API?

The load balancer health API is a programmatic mechanism for determining the health of a load balancer instance in relation to its backend servers.

When should I use the load balancer health API?

You should use the health API when you wish to build your own notification and monitoring system or integrate with a system you are currently using.

For which components of the load balancer can I retrieve health status via the health API?

When you programmatically poll the load balancer health API, you can obtain a 3-state health status (okay, warning, and critical) indicating the health of each backend server or, as an aggregate of all backend servers in a backend set, the entire backend set.

What incoming protocols does the load balancer support?

The load balancer listener which is a logical entity that checks for incoming traffic on the load balancers IP address. You configure a listener's protocol and port number, and the optional SSL settings.

Currently supported protocols include:

  • TCP
  • HTTP/1.0
  • HTTP/1.1
  • HTTP/2

For more information, see Managing Load Balancer Listeners in the documentation.

Can the load balancer handle TCP, HTTP and HTTPS traffic at the same time?

Yes, the load balancer can handle TCP, HTTP and HTTPS traffic at the same time. To do so, you must configure multiple listeners.

What TCP ports can I load balance?

You can load balance for any port between 1-65535.

Can I specify a range of TCP ports to load balance?

No. Currently, you need to specify the individual TCP port you want to load balance.

Does the load balancer support IPv6 traffic?

Yes. IPv6 is supported.

Does the load balancer support SSL termination?

Yes. You can optionally terminate SSL at the load balancer. To use SSL with your load balancer, you must add one or more certificate bundles to your system. The certificate bundle you upload includes the public certificate, the corresponding private key, and any associated certificate authority certificates. To terminate SSL at the load balancer, you must create a listener at a default port such as 443, and then associate an uploaded certificate bundle with the listener.

Does the load balancer support SSL tunneling?

Yes. You can optionally implement SSL tunneling for your TCP load balancer and tunnel incoming SSL connections to your application servers.

Which transport layer security protocol and ciphers does the load balancer support?

The load balancing service supports TLS 1.0, TLS 1.1 and TLS 1.2 protocols. You can choose from one of the Oracle-provided cipher suites or create your own custom cipher suite with specific ciphers. For more details please refer to:

  • ECDHE-RSA-AES256-GCM-SHA384
  • ECDHE-RSA-AES256-SHA384
  • ECDHE-RSA-AES128-GCM-SHA256
  • ECDHE-RSA-AES128-SHA256
  • DHE-RSA-AES256-GCM-SHA384
  • DHE-RSA-AES256-SHA256
  • DHE-RSA-AES128-GCM-SHA256
  • DHE-RSA-AES128-SHA256

Does the load balancer support session persistence (sticky sessions)?

Yes. You can enable for your HTTP load balancer server-side, cookie-driven session persistence

Does the load balancer support custom HTTP header manipulation?

Yes. You can you can add, alter, or remove HTTP headers with the listener rule sets feature. A rule set is a named set of rules associated with a load balancer and applied to one or more listeners on that load balancer. Rules are objects that represent actions applied to requests or responses at a load balancer listener. Examples of how rule sets can help you enhance site security include:

  • Adding the strict-transport-security header—with a proper value—to responses. This header helps guarantee that access to your site is HTTPS only.
  • Adding the x-xss-protection header with a proper value. This header helps you enforce the cross-site scripting (XSS) protection built into modern browsers.
  • Adding the x-content-type header with a proper value. This header helps you prevent attacks based on content type shifting.
  • Removing debug headers, such as server, sent by backend servers. This action helps you hide the implementation details of your backend.

Can I limit access to the load balancing service via an IAM policy?

Yes. You can limit access to the load balancing service via a policy written by an administrator.

Do the public and private load balancers support regional load balancing?

Yes. Both the public and private load balancers can be deployed as regional services using the VCN regional subnet option. Regional subnets in a VCN span the entire region which can include multiple ADs. A regional subnet enables you to create a regional private or public load balancer that supports AD failover in the event of an AD outage in an Oracle Cloud Infrastructure multi-AD region. Since a regional load balancer requires only one regional VCN subnet, it reduces the configuration and management overhead required by multiple AD-local subnets.

General Questions—OCI Flexible Network Load Balancer

What is Oracle Cloud Infrastructure (OCI) Flexible Network Load Balancer (Network Load Balancer)?

The Oracle Cloud Infrastructure (OCI) Flexible Network Load Balancing (OCI Network Load Balancer) provides automated traffic distribution from one entry point to multiple back-end servers in your virtual cloud network (VCN). It operates at the connection level and load-balances incoming client connections to healthy back-end servers based on Layer 3/Layer 4 (IP protocol) data.

When should I use OCI Network Load Balancer?

You should use OCI Network Load Balancer when you require a low-latency, high-throughput, layer-4 (TCP/UDP/ICMP) load balancing solution.

How can I get started with OCI Network Load Balancer?

You can create a network load balancer in the networking section of the Oracle Cloud Infrastructure management console. Click "Load Balancers" and then "Create Load Balancer” and Choose type “Network Load Balancer." Alternatively, you can use the CreateNetworkLoadBalancer API.

To learn more about network load balancers, see the flexible network load balancer overview section of the Oracle Cloud Infrastructure documentation.

Technical Questions—OCI Flexible Network Load Balancer

How does the network load balancer distribute incoming traffic across multiple compute instances?

The load balancer checks for incoming traffic on its IP address and distributes that traffic to a list of back-end servers, based on the load balancing and health check policies that you have defined in a logical entity called a back-end set. The back-end set determines how the network load balancer directs traffic to the collection of backend servers.

What load balancing policies can I define?

You can define the policies that tell the load balancer how to distribute incoming traffic to the back-end servers. Currently, we support the following load balancing policies:

  • 5-Tuple Hash
  • 3-Tuple Hash
  • 2-Tuple Hash

For more information, see How Load Balancing Policies Work in the documentation.

What incoming protocols does OCI Network Load Balancer support

The network load balancer listener, which is a logical entity that checks for incoming traffic on the load balancers IP address. You configure a listener's protocol and port number.

Currently supported protocols include:

  • TCP
  • UDP
  • ICMP

Can the load balancer handle TCP, UDP, and ICMP traffic at the same time?

Yes, the load balancer can handle TCP, UDP, and ICMP traffic at the same time. To do so, you must configure multiple listeners or configure wildcard listener (TCP/UDP/ICMP) with port 0 to match all protocols and port numbers.

What TCP ports can I load-balance?

You can load-balance for any port between 1-65535.

Can I specify a range of TCP ports to load balance?

No. Currently, you need to specify the individual TCP port you want to load-balance. You can alternatively specify port 0 to listen for all TCP ports.

Does the load balancer support IPv6 traffic?

No. The network load balancer currently only supports IPv4 traffic.

Does the network load balancer support SSL termination?

No. You can use the OCI flexible load balancer to terminate SSL at the load balancer.

Can I limit access to the network load balancing service via an IAM policy?

Yes. You can limit access to the network load balancing service via a policy written by an administrator.

Do the public and private network load balancers support regional load balancing?

Yes. Both the public and private load balancers can be deployed as regional services using the VCN regional subnet option. Regional subnets in a VCN span the entire region, which can include multiple ADs. A regional subnet enables you to create a regional private or public load balancer that supports AD failover in the event of an AD outage in an Oracle Cloud Infrastructure multi-AD region. Since a regional load balancer requires only one regional VCN subnet, it reduces the configuration and management overhead required by multiple AD-local subnets.