Elfiq Link Balancer Basic Concepts

What is NAT load balancing?

NAT load balancing is used primarily when you have multiple links with different IP addressing schemes. For example, in the most common scenario, you have internet links from two or more internet providers (ISP A, ISP B ...) and each one is handled by a different router. The IP addresses on each link are provided by the ISP. If you want to use a link from ISP B, then you would normally need to have a source IP address in the range that ISP B gave you otherwise, the communication would not be possible with the ISP B router.

The Link LB, with it's primary link technology, will enable you to keep your firewall IP addresses unchanged and in the range of "ISP A" IP addresses. When a session is balanced to an alternate link, the Link LB will modify all the IP packets (especially the source IP) for that session in real-time as they pass through the unit to ensure they are compatible the ISP link chosen by the Link LB. The IP packets coming back from the internet and towards your firewall will also be modified in real-time as they pass through the unit and will appear to your firewall as if they were coming from your primary link router.

This means that the firewall and servers never know that they are being balanced. From their point of view, they always send the packets to the ISP A router, and receive packets from ISP A router, no matter which link is actually used.

What is TAG load balancing?

TAG load balancing is used primarily when you have multiple routers that are able to route all of your IP addresses. In the most common scenario, you have two or more private WAN links per site to interconnect two or more offices. The WAN routers are all able to route any internal IP addressing that you have so the Link LB doesn't need to change the IP addresses on the fly (in opposition to NAT load balancing).

The Link LB, with it's advanced algorithms, can balance the packets to the WAN link that is best suited to handle each specific session. Balancing is always done on a per session basis.

The Link LB can also mark the packets with QoS markers as they pass through the unit based on the type of traffic and the chosen WAN link. For example, you can choose that a specific type of traffic should be marked with "Expedited Forwarding" when sent over WAN link A but marked with "Assured Forwarding" (lower priority) if sent over WAN link B.

Some network protocols cannot be NATed easily because they are split over many different sessions with different port numbers and some of the protocols also negotiate session information inside the IP packets which makes it very hard to follow. These "intra-network" protocols are normally used on a WAN Link so Elfiq recommends that you use TAG load balancing.

TAG load balancing can also be used with Internet links in some specific implementations.

What is PREF load balancing?

To provide greater control over the management of traffic balancing, the Elfiq Link Load Balancer also allows the integration of network route policies that will affect traffic management as well as the balancing algorithms.

Such entries become useful when some of your links should be prioritized for accessing certain networks such as access to private networks which also allow access to the Internet. It can also be used to prefer specific links, when traffic is coming from, or going to, specific IP addresses on the internet. For example, for a specific destination on the internet the "round trip time" is 3 times better on ISP B link than on ISP A, you could then configure a route ip entry for this destination in the Link LB.

The route policies affect both the NAT and the TAG balancing. If the preferred route is currently unavailable the Link LB will behave as usual and balance the packets normally with algorithms.

The route policies also affect the IDNS module, if a client queries for a domain name handled by the Link LB and his source IP address fits in a preferred route ip entry, the Link LB will take this information in consideration for the DNS answer.