NLB operates at layer 4 (TCP) and scales to millions of requests per second. It's suited to high throughput, low latency applications. When an AZ is enabled for an NLB, a load balancer node (and associated network interface) is created within that AZ. A public IP address can optionally be assigned to each subnet.

As they operate at layer 4, NLBs preserve the source IP address.


  • Listeners capture incoming traffic.
  • Target Groups represent sets of backends to forward the traffic to for processing.
  • Health checks verify that a target within a Target Group is ready to serve traffic.


Target groups can point at:

  • EC2 instances, either manually or via Auto Scaling.
  • IP addresses, either on AWS or external.
  • ALB instances

Target selection

The target for each incoming request is selected using a flow hash algorithm based on:

  • Protocol
  • Source IP address
  • Source port
  • Destination IP address
  • Destination port
  • For TCP, TCP sequence number