Load Balancing

  1. TCP Proxy Load Balancing support he following ports: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1024-65535

    In https://cloud.google.com/compute/docs/load-balancing/tcp-ssl/tcp-proxy

    TCP Proxy Load Balancing advantages:

    Intelligent routing — the load balancer can route requests to backend locations where there is capacity. In contrast, an L3/L4 load balancer must route to regional backends without paying attention to capacity. Use of smarter routing allows provisioning at N+1 or N+2 instead of x*N.
    Security patching — If vulnerabilities arise in the TCP stack, we will apply patches at the load balancer automatically in order to keep your instances safe.
    TCP Proxy Load Balancing supports the following ports: 25, 43, 110, 143, 195, 443, 465, 587, 700, 993, 995, 1883, 5222

    Now…

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ingress filter for HTTP(S) Load Balancing

    It would be great if we could filter what kind of traffic is allowed to the Load Balancer.
    Ie. To be able to allow/deny incoming requests by their Host and Path.
    I see too much of these "hacking attempts" in our request logs, requests that just connect with the IP address and try to access paths suchs as /phpmyadmin, /wp-admin, etc.
    It would be much more beneficial to be able to filter these kind of requests in the LB layer than in the application layer.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow RSA and ECC certs per frontend

    It would be great if the load balancer supported both RSA and ECC certs for the same frontend.

    In our experience supporting ECC improves both connection startup time for the client and CPU usage on the server.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. 2,236 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    118 comments  ·  Flag idea as inappropriate…  ·  Admin →

    We appreciate all of your feedback on how critical the HTTPHTTPS redirect feature is to your GCP apps. Our networking team has further increased the priority of this feature in our backlog based on your feedback and are aiming to deliver an Alpha in Q4, 2019.

  5. HTTP(S) Load Balancing: Add IP Geolocation to HTTP headers

    Please add the IP Geolocation headers to requests handled by the HTTP(S) load balancer. Similar/identical to the headers provided by App Engine (''X-AppEngine-country', etc).

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Improve your Load Balancer Interface. It is confusing. There is no clarity and separation of UI for Network and HTTP(S) Load Balancer

    Improve your Load Balancer Interface. It is confusing. There is no clarity and separation of UI for Network and HTTP(S) Load Balancer.
    Users always get confused when you are creating a Load Balancer.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Load balancer "URL Map" does not support A/B testing via %traffic with sticky path selection.

    I will have to install NGINX in front of the google load balancer, which is kinda redundant; however, it seems required as the current load balancer is unable to split traffic by either custom rules or by sticky path selection.

    Specifically I'm looking for is a way to introduce a "trial" swap of only page "X" (defined by UrlMap) that would direct 10% of the traffic to a different server/ip/container cluster while recording this choice as a cookie for consistency. This would allow us to do some basic live testing and a/b testing without impacting all consumers.

    48 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. PCI Compliant HTTPS load balancer option

    Can we please get a check-box or way to configure so that we don't need to keep dealing with exceptions and complaints from the scanners when following the https://cloud.google.com/solutions/pci-dss guide due to HTTPS load balancers supporting things like "Medium Strength Cipher Suites" and "TLS Version 1.0" or unremoveable HTTP Proxy headers. All of which are heavily discouraged by PCI DSS.

    Thanks!

    62 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. BUG Error console Load Balancing

    The deletion of some of the forwarding rules failed. Error: Code: '53BD0BF586D29.A1ED39D.E70FD608'.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. TCP Load balance with different frontend and backend ports

    Currently TCP load balancing requires the frontend and backend listeners to share the same port. It would be useful if the backend port could be different to the frontend.

    74 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. HTTPS Load Balancing: Support multiple certificates for a single target proxy.

    A single target proxy can be attached to a URL map containing multiple host rules, thereby allowing it to support multiple hostnames. However, a target HTTPS proxy currently only supports a single certificate. Therefore, supporting multiple hostnames using a single HTTPS global forwarding rule requires that each hostname be specified as a separate SAN within the certificate.

    This is not ideal for a number of reasons: for example, some certificate authorities charge more for a single SAN than for a single-hostname certificate. A certificate with multiple SANs is also larger than necessary, potentially leading to a slower TLS handshake.

    It…

    56 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. HTTP Load Balancer with client certificate verification

    Currently the load balancer supports only server side certificates. It will be big step to have client certificate verification.

    157 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  13. We need load balancer log....

    If the detail access log from load balancer can be read, will better!

    55 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
2 Next →
  • Don't see your idea?

Load Balancing

Categories

Feedback and Knowledge Base