Load Balancer Concepts

Describes concepts associated with load balancers and their resources.

The following concepts are essential to working with Load Balancer.

An application server responsible for generating content in reply to the incoming TCP or HTTP traffic. You typically identify application servers with a unique combination of overlay (private) IPv4 address and port, for example, and
See Backend Servers for Load Balancers for more information.
A logical entity defined by a list of backend servers, a load balancing policy, and a health check policy. SSL configuration is optional. The backend set determines how the load balancer directs traffic to the collection of backend servers.
See Backend Sets for Load Balancers for more information.
If you use HTTPS or SSL for your listener, you must associate an SSL server certificate (X.509) with your load balancer. A certificate enables the load balancer to terminate the connection and decrypt incoming requests before passing them to the backend servers.
See SSL Certificates for Load Balancers for more information.
health check

A health check is a test to confirm the availability of backend servers. A health check can be a request or a connection try. Based on a time interval you specify, the load balancer applies the health check policy to continuously monitor backend servers. If a server fails the health check, the load balancer takes the server temporarily out of rotation. If the server then passes the health check, the load balancer returns it to the rotation.

You configure your health check policy when you create a backend set. You can configure TCP-level or HTTP-level health checks for your backend servers.

  • TCP-level health checks make a TCP connection with the backend servers and validate the response based on the connection status.

  • HTTP-level health checks send requests to the backend servers at a specific URI and validate the response based on the status code or entity data (body) returned.

The service provides application-specific health check capabilities to help you increase availability and reduce your application maintenance window.

See Health Checks for Load Balancers for more information.
An indicator that reports the general health of your load balancers and their components.
See Health Checks for Load Balancers for more information.
A virtual server name applied to a listener to enhance request routing.
See Virtual Hostnames for Load Balancers for more information.
A logical entity that checks for incoming traffic on the load balancer's IP address. You configure a listener's protocol and port number, and the optional SSL settings. To handle TCP, HTTP, and HTTPS traffic, you must configure multiple listeners.
Supported protocols include:
  • HTTP

  • HTTP/2

  • TCP


See Listeners for Load Balancers for more information.
A load balancing policy tells the load balancer how to distribute incoming traffic to the backend servers. Common load balancer policies include:
  • Round robin

  • Least connections

  • IP hash

See Load Balancer Policies for more information.
A set of path route rules to route traffic to the correct backend set without using multiple listeners or load balancers.
See Request Routing for Load Balancers for more information.
REGIONS AND availability domains
The Load Balancer service manages application traffic across availability domains within a region . A region is a localized geographic area, and an availability domain is one or more data centers located within a region. A region is composed of several availability domains.
See Regions and Availability Domains for more information.
A method to direct all requests originating from a single logical client to a single backend web server.
See Load Balancer Session Persistence for more information.
A template that determines the load balancer's total pre-provisioned maximum capacity (bandwidth) for ingress plus egress traffic. Available shapes include 10 Mbps, 100 Mbps, 400 Mbps, and 8000 Mbps.
The 10 Mbps shape is Always Free eligible. For more information about Always Free resources, including other capabilities and limitations, see Oracle Cloud Infrastructure Free Tier.

Pre-provisioned maximum capacity applies to aggregated connections, not to a single client attempting to use the full bandwidth.

Secure Sockets Layer (SSL) is a security technology for establishing an encrypted link between a client and a server. You can apply the following SSL configurations to your load balancer:
The load balancer handles incoming SSL traffic and passes the unencrypted request to a backend server.
The load balancer terminates the SSL connection with an incoming traffic client, and then initiates an SSL connection to a backend server.
If you configure the load balancer's listener for TCP traffic, the load balancer tunnels incoming SSL connections to your application servers.
Load Balancer supports the TLS 1.2 protocol with a default setting of strong cipher strength. The default supported ciphers include:





  • DHE-RSA-AES256-SHA256


  • DHE-RSA-AES128-SHA256

See SSL Certificates for Load Balancers for more information.
A subdivision you define in a virtual cloud network (VCN), such as and A subnet can span a region or exist within in a single availability domain. A subnet consists of a contiguous range of IP addresses that do not overlap with other subnets in the VCN. For each subnet, you specify the routing and security rules that apply to it.
See VCNs and Subnets and Public IP Address Ranges for more information on subnets.

Apply tags to your resources to help organize them according to your business needs. Apply tags at the time you create a resource, or update the resource later with the wanted tags. For general information about applying tags, see Resource Tags.

A private network that you set up in the Oracle data centers, with firewall rules and specific types of communication gateways that you can choose to use. A VCN covers a single, contiguous IPv4 CIDR block of your choice in the allowed IP address ranges.
You need at least one virtual cloud network before you launch a load balancer.
For information about setting up virtual cloud networks, see Networking Overview.
Specifies whether your load balancer is public or private.
A public load balancer has a public IP address that clients can access from the internet.
A private load balancer has a private IP address from a VCN local subnet. Clients can access the private load balancer using methods and technology that can provide access to a private IP, such as:
  • Cross-VCN (through LPG peering)

  • From another region (through RPC)

  • From on-prem (through FC private peering)

For more information, see Load Balancer Management.
An object that reports on the current state of a Load Balancer request.
The Load Balancer service handles requests asynchronously. Each request returns a work request ID (OCID) as the response. You can view the work request item to see the status of the request.
For more information, see Work Requests for Load Balancer.