Layer 4 vs. Layer 7 Load Balancing: What's the Difference and Which One Do I Need?

Posted on

Load balancing for web applications is essential to deliver a good application experience to staff, clients, and customers. This is true irrespective of whether the web applications are used internally within an organization or presented externally for clients and business partners.

When researching load balancers, you'll often come across the terms Layer 4 Load Balancer and Layer 7 Load Balancer in many articles. But what do these terms mean and when should you use Layer 4 vs. Layer 7? For instance, should you always aim to implement Layer 7 Load Balancing? In this article we'll briefly outline the terms and answer these questions at a high level.

What is Load Balancing?

Load balancing shares client access requests to applications across a pool of backend or cloud servers. Load balancing software uses various algorithms plus the network state to evenly balance requests across the server pool. Load balancers also monitor the health and status of servers in the pool to ensure that client requests don't go to servers that can't handle them. 

Load balancing algorithms operate using techniques that map to the conceptual layers of a network stack. The seven-layer OSI network stack is the most widely used for this purpose. Most load balancer functions can be mapped to activities at Layers 4 & 7 of the OSI stack.

Layer 4 vs. Layer 7 Load Balancing

Another widely used network stack is the TCP/IP model, which has four layers. We're not considering the TCP/IP model in this article because the OSI layers 4 and 7 are a better fit for the activities that load balancers provide. Plus, the wider IT community mostly uses the OSI stack.

What is Layer 4 Load Balancing?

Layer 4 of the OSI model network stack is also called the Transport Layer. As its name suggests, activities at Layer 4 are related to the transport of data across a network. Data transport between nodes on a network (nodes are anything that can send or receive data) occurs in fragments known as packets. 

These data packets contain information that specifies the network node's source IP address, the target IP they are sent to and the protocol and port on the recipient that should handle them when received. Protocols and ports are mainly TCP or UDP. 

Load balancing at Layer 4 does not have visibility into what the data packets contain beyond the header information's IP address and port information. For many uses this is fine, and Layer 4 load balancing is sufficient. 

What is Layer 4 Load Balancing Used for? 

Layer 4 load balancing gets used in situations where the contents of the data packets aren't needed when deciding where in the server pool to route the requests and network traffic. This lightness of touch under Layer 4 load balancing means that the packet routing happens quickly, which can be essential in some circumstances. Layer 4 load balancing gets used with UDP-based applications such as video streaming, voice calls and core internet applications such as DNS, SNMP and DHCP.

If you need fast load balancing of packets but don't need to do load balancing based on this type of data, then layer 4 load balancing will likely suffice.

What is Layer 7 Load Balancing?

If you do need to make load balancing decisions based on the type of data, then Layer 7 load balancing is for you. Layer 7 of the OSI model is also called the Application Layer. 

Load balancing algorithms operating within the Application Layer can inspect the contents of the data packets flowing on the network. By doing this, it builds on Transport Layer functionality by adding packet routing based on the network packets' content. Modern load balancers like LoadMaster can also open encrypted network packets using TLS functionality to inspect the data before encrypting them again for onward transport.

What is Layer 7 Load Balancing used for? 

By determining the type of data contained in the packets, a Layer 7 load balancer can make decisions on access request allocations. For example, requests to view a video can get routed and load balanced across a set of server nodes optimized to stream video. Other dedicated server types can also be recipients of requests based on packet data types. 

Layer 7 load balancing can also enhance application security. A web application firewall (WAF) is crucial to any modern cyber security protection strategy. WAFs operate at Layer 7 and can inspect network data packets to see their contents. This ability to inspect Layer 7 data packets means load balancers with WAF enabled become key parts of network security infrastructure. The packets can be opened and checked for malicious content or identified as suspicious and blocked from reaching backend servers before they can do damage. 

Layer 7 load balancers enable the use of a much richer set of algorithms when deciding how to route incoming access requests and the subsequent data flows between endpoint devices and servers. 

Layer 4 or Layer 7: Which do I need? 

You may not be surprised to hear that in most modern network and application delivery infrastructure deployments, the answer to this question is actually both! Indeed, you may also need some load balancing functionality at layers 2 & 3 of the OSI stack - but we'll discuss this later. 

However, if you do have to pick, there are some key aspects to keep in mind. For instance, if your load balancer doesn't need to know anything about the data in the packets and you want to move it to application servers as quickly as possible, then Layer 4 load balancing and the algorithms that operate at that level will suffice.

However, some use cases are more complex and require Layer 7. For instance, if incoming data packets need routing to application servers that are optimized to respond and handle specific data types, with the video streaming example earlier being typical, Layer 7 is a necessity. 

Other common use cases for Layer 7 load balancing include session persistence between an endpoint device and a backend shopping application server to ensure that the contents of a customer's shopping cart are consistent during and between connection sessions. This is also sometimes called cookie persistence or server affinity. Layer 7 load balancers can also do data caching, as they have access to data packet content which can help speed up some access requests.

How to enable a Layer 7 Load Balancer? 

LoadMaster differentiates between Layer 4 and Layer 7. If you enable cookie persistence, TLS acceleration or content switching options on a LoadMaster load balancer, the traffic automatically becomes Layer 7. The LoadMaster documentation outlines how to enable Layer 7 functionality in the L7 Configuration section of the LoadMaster Configuration Guide.

How Can Progress Help Me Achieve Layer 7 Load Balancing? 

The Progress Kemp website has many resources to help you evaluate LoadMaster and decide if the solution meets your organization's needs. The Kemp Difference page is a good starting point for anyone looking to find answers to a question like "How to choose a Layer 7 Load Balancer?" It has brief outlines of many of the features of LoadMaster, plus links to more detailed information on each.

In the header menu of that page, you will find links to other information to help you evaluate LoadMaster and other valuable assets, such as:

Feel free to reach out to your existing Progress contact to arrange a chat with an expert or use the Contact us page.

Posted on

Doug Barney

Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug has also served as Executive Editor of Network World, Editor in Chief of AmigaWorld and Editor in Chief of Network Computing.