When a user hits the load balancer and the load balancer determines which web server to forward to, what happens next? Does the load balancer forward the request and all its data to the webserver, receive the webserver's response and return that back to the user?
Or is it more like a redirect where the load balancer literally just returns the selected server's ip address back to the browser and the browser has to open a new connection with the given server?
My instinct says it wouldn't be the latter because that would imply all web server IP addresses would be public and I thought for security reasons it's best to only expose load balancer addresses to the public. But then again I'm not exactly sure because if you enable SSL termination
at the load balancer, wouldn't SSL need to be re-established again with the redirected server?
Best Answer
The end-IP is not published. The process actually works in a way the client (a user hitting the balancer) believes they are communicating with the balancer, while talking to an actual node.
In a very simple explanation, most transactions work like this:
Keep in mind the packet rewriting (the change of the IP address in the step 4) is very important. Without it the client, receiving a packet from an IP it does not trust, would simply discard the response.