Load Balancers

Our redundant load balancers are fully-managed and enable you to distribute incoming layer-4 and layer-7 traffic to your servers automatically.

Connection Limits

Our Load Balancers support up to twenty thousand simultaneous connections.

IP Addresses

Our Loadbalancers support both IPv4 and IPv6 public addresses.

Forwarding Rules

Forwarding rules consist of a few things:

  • Load Balancer Port
    • The incoming port your load balancer accepts.
  • Mode
    • Either TCP or HTTP
      • TCP is layer-4
      • HTTP is Layer-7 and supports features like header forwarding and SSL.
  • Target Server Port
    • The backend server ports the request will be forwarded to.
  • Certificates (optional, with HTTP forwarding rules). See SSL Certificates below for more information.

SSL Certificates

When configuring HTTP forwarding rules, can generate a free SSL certificate for your domain. The DNS records needs to point to the IP address of your Load Balancer for this to successfully provision. Therefore, point the domain before provisioning the Load Balancer.

The IP address has to be generated before the DNS assignment can be made, and within the Cloud Panel we clear things up during the Load Balancer creation process. Via the API you will need an unassigned IP, which can be configured as the Load Balancer IP.

HTTPS Forwarding

If enabled, we require that a custom certificate is given, or a domain which we can generate a certificate for.

HTTP/2 support over HTTPS

HTTP/2 is enabled only over HTTPS. Thus, HTTP/2 is enabled on the frontend side when the loadbalancer service protocol is set to HTTPS. Similarly, for the backend side, HTTP/2 is enabled when the target server service protocol is set to HTTPS and the target server port is set to 443. Otherwise, the loadblancer will default to http/1.1 if the previously mentioned requirement is not met.

Balancing Algorithms

We currently support the Least Connections and Round Robin balancing algorithms.

Proxy protocol

The proxy protocol is a network protocol designed to maintain the original IP address of a client when its TCP connection is routed through a proxy. Without this protocol, proxies would not retain this information as they function as intermediaries for the client, transmitting messages to the server while substituting the client’s IP address with their own.

  • The two supported versions of proxy protocol:
    • v1 which sends header in text (human-readable) format
    • v2 which sends header in binary format and is more efficient
  • The proxy protocol is applicable only to TCP mode.
  • By enabling the proxy protocol, the backend servers can extract the original client’s IP address from the incoming requests and use it for appropriate troubleshooting, processing, security, access control, and logging.
  • The backend servers must be properly configured to receive the client information header when enabling the proxy protocol. To avoid this caveat, you can follow the setup of the proxy protocol for the loadbalancer provisioned in GSK cluster and used in front of the NGINX Ingress Controller.
  • Backend server log errors:
    • broken header: " " while reading PROXY protocol occurs when proxy protocol is enabled in the backend servers but not enabled in the loadbalancer.
    • \x00" 400 0 "-" "-" 0 0.000 [] [] - - - - 84404e861e5024f5b73c1e898b19c9e4 occurs when proxy protocol is enabled in the loadbalancer but not enabled in the backend servers.

Backend Servers

We support global loadbalancing, which allows you to load balance between servers within different projects. As well as servers on other platforms. This can be in the form of an IP Address or a hostname.

Kubernetes Ingress

Our Managed Kubernetes integrates fully with our Load Balancer. See Kubernetes Load Balancing for setup details.


Can I control a load balancer via the RESTful API?

Like all gridscale products, you can also control and configure our load balancer directly via our RESTful API. Automatically integrate new servers that you have just started.

Do you have a default firewall enabled?

No. By default, no firewall is enabled on your servers. You can secure your servers within the Firewall section or configure the OS-specific firewall directly on your server for further configuration.

How does a load balancer work?

Everything you need to know about the configuration and functions of our Load Balancer can be found within the Getting Started Tutorial.

Can I connect external target servers to your load balancers?

Yes! Using our load balancers you can connect external as well as gridscale servers. If you want to integrate a local or external server, you can do this directly within the Cloud Panel.