Vultr Load Balancer supports Private Networking & Firewalls

June 24, 2021

Vultr Load Balancer supports Private Networking & Firewalls

By David Dymko, Technical Lead, Cloud Native Development

Vultr Load Balancers are a fully-managed solution to increase your application's reliability in seconds, without extra bandwidth charges. When you need to enable horizontal scaling with health monitoring and failover, deploy a Vultr Load Balancer through our customer portal or the Vultr API.

We've seen tremendous adoption of Load Balancers since our original launch, and we didn't stop development. We've listened to your feedback and continue to engage with our customer community to learn what features are most important to you.

Today we are excited to announce some new Load Balancer features that make them even more flexible, convenient, and powerful. These updates are available to all customers now, and we've automatically upgraded all your existing Load Balancers with these new capabilities.

Private Network Support

The first significant upgrade is support forprivate networks. You can place yourentire infrastructure on a private networkand provide public ingress through the Load Balancer. Private Networking has been extremely useful for many customers. Adding private network support for Load Balancers enables many new service configurations you've requested.

FIGURE: Diagram of Private Network & Load Balancer

Diagram of Private Network & Load Balancer

While private network support is helpful on its own, you can also combine it with our new firewall features to create many networking scenarios. Keep reading to see more examples.

Load Balancer Firewalls

Every application needs strong security protections. One best practice is to use firewall rules which restrict network traffic to selected IP addresses and ports. That's why we've added support for Vultr Firewalls to our Load Balancers in two different areas.

The Vultr Load Balancer now has an Integrated Firewall

We've added anintegrated firewall to the Vultr Load Balancerto simplify configuration. Now you can manage your forwarding rules and protect the backend instances with a firewall from a single control panel. And, just like the Vultr Firewall, the Load Balancer's firewall features a Cloudflare IP source so that you can target all Cloudflare IPs with a single firewall rule. The integrated firewall sits in front of the load balancer, protecting it and the instances behind it.

FIGURE: Diagram of Vultr Load Balancer With Integrated Firewall

Diagram of Vultr Load Balancer With Integrated Firewall

The Vultr Firewall is now Load Balancer Aware

If your situation requires a firewall behind the load balancer, we've made that easy too. We've added Load Balancers as a named source forVultr Firewallrules. You canensure that all connections to your instances originate from the Load Balancerand prevent direct connections from the internet.

FIGURE: Diagram of Vultr Firewall Load Balancer Aware

Diagram of Vultr Firewall Load Balancer Aware

It's easy to place a Load Balancer in front of your compute instances. When you create a Vultr Firewall Rule, define one of your Load Balancers as the source. Any instance using this Vultr Firewall will accept traffic from the Load Balancer.

Putting it all Together

With these new Load Balancer features, you cancreate robust configurations for high availability. You can combine these features to configure one set of firewall rules for your Load Balancers on the private network and a different set of public firewall rules for the instances behind them.

For example, you may want to isolate web traffic to a private network and ensure it originates from Cloudflare while still allowing management access via SSH from a few select IPs on the public network.

FIGURE: Complete Diagram of Robust Configuration With Vultr Load Balancer For High Availability

Complete Diagram of Robust Configuration With Vultr Load Balancer For High Availability

Available Today

You'll find these new features today in your customer portal. We've also updated our open source tools such asour Terraform providerand theVultr APIto support these new features. As part of this upgrade, we also refactored some code to preserve the great performance and reliability you expect from Vultr.

Vultr Load Balancers now give you greater control, flexibility, and security. With these upgrades, Load Balancers support custom health checks, multiple load balancing algorithms, sticky sessions, proxy protocol, SSL certificates, firewalls, and private networks. They continue to support all our server products, includingBare Metal,Cloud Compute,High Frequency Compute, and Dedicated Cloud.

We still have some features planned that haven’t made it into this release so please stay tuned. Follow us onTwitterand keep an eye on our news pagefor more announcements.

More News