1

AWS recently introduced NLB (Network load balancer) where EIP (Elastic IP) can be linked to a AZ (availability zone). It is recommended to have NLB over multiple AZs hence have multiple EIP linked to each.

But what happens when one of the AZ goes down, does the linked EIP gets linked to other AZ till the original AZ comes back again? This is important if you are using single EIP (i.e. using one AZ for NLB) where such failure can cause traffic failures even though your servers running on multi-AZs are up and running.

vikramaditya234
  • 1,278
  • 2
  • 18
  • 37

2 Answers2

1

Answering my question for anyone struggling with similar question. This is what AWS support responded to my question

Availability zones (AZs) are distinct geographical locations that are engineered to be insulated from failures in other AZs. However, unfortunately when an AZ fails the service is disrupted on that AZ. There would be no IP shift to another AZ automatically[1].

Although AZ failures are rare and AWS takes great efforts to not have such failures, these type of failures can and do occur. For this reason we normally ask users to place resources(NLB) in multiple AZs. This way an application can be protected from failure at a single location. If one zone fails, the application in the other zone can continue to run[2].

[1]https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-regions-availability-zones [2]https://media.amazonwebservices.com/architecturecenter/AWS_ac_ra_ftha_04.pdf

vikramaditya234
  • 1,278
  • 2
  • 18
  • 37
0

The EIP stops working if there are no healthy instances in the AZ, and NLB removes its entry from the load balancer' DNS records. It is added back in when the AZ becomes healthy again.

If one or more target groups does not have a healthy target in an enabled Availability Zone, we remove the IP address for the corresponding subnet from DNS so that requests cannot be routed to targets in that Availability Zone.

https://docs.aws.amazon.com/elasticloadbalancing/latest/network/target-group-health-checks.html

For this reason, your callers should respect the DNS TTL.

Michael - sqlbot
  • 169,571
  • 25
  • 353
  • 427