And now, because we're tracking state, we can actually insert a dedicated secure platform that terminates (and also reinitiates) TLS/SSL, and *still* keep the Network Load Balancer transparent and easy to use. This is doubly insane magic.
-
-
8. You can run plaintext too. I wouldn't recommend it, but you can also use NLB TLS as a total TLS/SSL off-loader; you can run plain TCP to your targets and NLB will translate between TLS to/from your clients and TCP to/from you. We *still* preserve the source IP, even then.
Show this thread -
9. If you've been using our Classic Load Balancer as a L4 load balancer with support for TLS, you can now move to NLB!
Show this thread -
That's it from me! You can start using it right now, I've had a test NLB going for a few weeks myself. Super super delighted to get this out there. AMA and let me know if you have any suggestions or questions! EOF.
Show this thread
End of conversation
New conversation -
-
-
What's the point of using TLS between NLB and the backend then? To counter an attacker spying the traffic inside and between AWS datacenters? Isn't traffic between datacenters encrypted?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.