Inferensys

Glossary

Application Load Balancer (ALB)

An Application Load Balancer (ALB) is a type of load balancer that operates at the application layer (Layer 7) of the OSI model, making intelligent routing decisions based on the content of HTTP/HTTPS messages.
ML engineer managing model training cluster on laptop, GPU utilization visible, technical deep learning setup.
LOAD BALANCING ALGORITHMS

What is Application Load Balancer (ALB)?

A definition of the Layer 7 load balancer that routes traffic based on application content.

An Application Load Balancer (ALB) is a Layer 7 (application layer) load balancer that makes intelligent routing decisions by inspecting the content of incoming messages, such as HTTP headers, URLs, SSL session IDs, or cookies. Unlike lower-layer balancers, an ALB can direct traffic to different backend targets—like specific microservices or server groups—based on the request's path (/api/ vs /images/) or hostname, enabling sophisticated, content-aware traffic management essential for modern microservices architectures and containerized applications.

Operating within the OSI model's highest layer, an ALB provides critical features including SSL/TLS termination, HTTP/2 and WebSocket support, and advanced health checks. It integrates with service discovery and auto-scaling groups to dynamically adjust to fleet changes. In heterogeneous fleet orchestration, this concept translates to middleware that routes high-level tasks—like 'fetch item'—to the most appropriate agent type based on the request's semantic content and the agent's declared capabilities, not just its network location.

LAYER 7 LOAD BALANCING

Key Features of an Application Load Balancer

An Application Load Balancer (ALB) operates at the application layer (Layer 7) of the OSI model, enabling intelligent routing decisions based on the content of HTTP/HTTPS messages. This provides granular control over traffic distribution compared to lower-layer balancers.

01

Content-Based Routing

An ALB can inspect and route traffic based on the content of the HTTP request. This enables sophisticated routing rules that go beyond simple IP and port.

  • Host-based routing: Direct traffic based on the Host header (e.g., api.example.com vs. www.example.com).
  • Path-based routing: Route requests to different backend services based on the URL path (e.g., /images/* to a storage service, /api/* to an application server).
  • Header-based routing: Make decisions using custom HTTP headers, such as X-API-Version or User-Agent.
  • Query string parameter routing: Route based on key-value pairs in the URL query string.

This allows a single load balancer to front a microservices architecture, directing requests to the appropriate service based on the request context.

02

Advanced Session Persistence

Also known as sticky sessions, this feature ensures requests from a specific user are consistently sent to the same backend target. ALBs offer more flexible persistence mechanisms than lower-level balancers.

  • Application-controlled cookies: The ALB generates and manages its own cookie to track the session.
  • Duration-based cookies: The cookie expires after a specified time.
  • Application cookies: The ALB uses an existing cookie set by the backend application, providing application-defined stickiness.

This is critical for stateful applications where user session data is stored locally on a server, such as shopping carts or multi-step forms.

03

SSL/TLS Termination & Management

An ALB can handle the computationally expensive process of decrypting incoming HTTPS traffic and optionally re-encrypting it to the backend. This centralizes certificate management and offloads work from application servers.

  • Centralized SSL Certificates: Manage and renew TLS/SSL certificates at the load balancer level.
  • Support for SNI: Allows hosting multiple secure applications (with different domain names) on a single load balancer using Server Name Indication.
  • Security Policy Enforcement: Define supported TLS versions and cipher suites centrally.
  • Client Certificate Authentication: The ALB can validate client certificates before forwarding requests.

This simplifies compliance, reduces backend server load, and provides a single point for cryptographic policy enforcement.

04

Integrated Health Checks

ALBs continuously monitor the health of registered backend targets (e.g., servers, containers) using configurable probes. Unhealthy targets are automatically taken out of rotation.

  • Protocol Flexibility: Health checks can use HTTP, HTTPS, TCP, or gRPC protocols.
  • Granular Configuration: Define the check interval, timeout, healthy/unhealthy threshold counts, and the specific path/port to probe.
  • Application-Aware: An HTTP health check can verify a specific endpoint (e.g., /health) returns a 2xx or 3xx status code, ensuring the application logic is functioning.

This feature is fundamental for high availability, ensuring traffic is only directed to targets capable of handling requests.

05

WebSocket & HTTP/2 Support

Modern ALBs natively support advanced application protocols essential for real-time, interactive applications.

  • WebSocket Protocol: Enables full-duplex, persistent communication channels between a client and server (e.g., for chat apps, live dashboards). The ALB efficiently proxies WebSocket connections without terminating them.
  • HTTP/2: Supports multiplexing multiple requests over a single TCP connection, reducing latency and improving page load times. ALBs can accept HTTP/2 from clients and communicate with backends using HTTP/1.1 or HTTP/2.
  • gRPC Support: Some ALBs can route gRPC traffic, which uses HTTP/2 as its transport, enabling efficient microservice communication.

This native support allows developers to build modern applications without complex workarounds for protocol handling.

06

Deployment & Traffic Management

ALBs provide features that facilitate safe, controlled application updates and sophisticated traffic shaping.

  • Weighted Routing: Distribute traffic across multiple backend target groups based on assigned weights (e.g., 90% to current version, 10% to new version), enabling canary deployments.
  • Redirects & Fixed Responses: The ALB can return HTTP redirects (e.g., from HTTP to HTTPS) or static HTTP responses (like a maintenance page) without hitting a backend.
  • Request Tracing: Insert unique identifiers (like X-Amzn-Trace-Id) into requests for end-to-end tracing across distributed services.
  • Integration with Auto Scaling: Seamlessly works with cloud auto-scaling groups to register and deregister instances dynamically based on load.

These capabilities make the ALB a critical component for implementing continuous deployment strategies and managing application lifecycle.

LOAD BALANCING ALGORITHMS

How an Application Load Balancer Works

An Application Load Balancer (ALB) is a critical component in modern distributed systems, intelligently routing client requests to backend services based on application-layer content.

An Application Load Balancer (ALB) is a Layer 7 load balancer that distributes incoming client requests across multiple backend targets—such as virtual machines or containers—based on the content of the application message. Unlike lower-layer balancers, an ALB examines HTTP/HTTPS headers, URLs, cookies, and request methods to make intelligent routing decisions. This enables advanced features like host-based and path-based routing, allowing a single ALB to direct traffic to multiple different applications or microservices. It operates as a reverse proxy, terminating client connections and establishing new ones to the backend, which provides security and abstraction.

Core to its operation are listeners, which check for connection requests on a configured port and protocol, and rules, which define how to route requests to target groups. The ALB performs regular health checks on registered targets and only routes traffic to healthy instances. It also manages SSL/TLS termination, offloading decryption work from backend servers. By understanding application semantics, an ALB provides session persistence for stateful applications and supports complex deployment strategies like blue-green and canary deployments, making it essential for scalable, resilient web architectures.

LOAD BALANCER TYPES

ALB vs. Network Load Balancer (NLB): A Comparison

A technical comparison of AWS Application Load Balancer (ALB) and Network Load Balancer (NLB), highlighting their architectural layers, core features, and optimal use cases for systems design.

Feature / MetricApplication Load Balancer (ALB)Network Load Balancer (NLB)

OSI Model Layer

Layer 7 (Application)

Layer 4 (Transport)

Primary Protocol Support

HTTP, HTTPS, HTTP/2, WebSocket, gRPC

TCP, UDP, TLS

Routing Decision Basis

HTTP headers, URLs, hostnames, cookies, query strings

Source/destination IP addresses, TCP/UDP ports

SSL/TLS Termination

Preserves Source IP Address

Static IP / Elastic IP Support

Connection Draining / Deregistration Delay

Target Types

Instance, IP, Lambda, Application Load Balancer

Instance, IP, Application Load Balancer

Health Checks

HTTP/HTTPS status codes

TCP, HTTP, HTTPS (configurable)

Request-Level Load Balancing

Web Application Firewall (WAF) Integration

Zonal Failover

Cross-Zone Load Balancing

Typical Latency (p99)

< 100 ms

< 50 ms

Optimal Use Case

Microservices, container-based apps, API routing, web apps

Extreme performance, UDP, static IPs, gaming, financial trading

APPLICATION LOAD BALANCER

Frequently Asked Questions

An application load balancer (ALB) is a critical component of modern distributed systems, operating at the application layer to intelligently route traffic. These questions address its core functions, architecture, and role in heterogeneous fleet orchestration.

An Application Load Balancer (ALB) is a load balancer that operates at Layer 7 (application layer) of the OSI model, making routing decisions based on the content of the message, such as HTTP headers, URLs, SSL session IDs, or cookies.

It works by terminating the client's TCP connection, inspecting the full HTTP/HTTPS request, and then applying user-defined rules to determine which backend target—such as a server, container, or microservice—should receive the request. Key mechanisms include:

  • Listener Rules: IF-THEN logic (e.g., IF path = '/api/*' THEN forward to backend-service-A) that evaluate request attributes.
  • Target Groups: Logical groupings of backend endpoints (e.g., EC2 instances, IP addresses, Lambda functions).
  • Health Checks: Periodic HTTP/HTTPS requests to targets to verify their operational status before routing traffic.

This content-aware routing enables advanced traffic management, such as splitting traffic between different service versions for canary deployments or routing API calls to specific backend clusters.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.