Merge pull request #611 from DaleBetts/add-nlb-gotcha

adding NLB gotcha on client connectivity
open-guides · Jul 10, 2018 · 8e2e346 · 8e2e346
2 parents 8e06fca + e01cb08
commit 8e2e346
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/README.md b/README.md
@@ -1076,6 +1076,7 @@ Load Balancers
 -	❗Tune your healthchecks carefully — if you are too aggressive about deciding when to remove an instance and conservative about adding it back into the pool, the service that your load balancer is fronting may become inaccessible for seconds or minutes at a time. Be extra careful about this when an autoscaler is configured to terminate instances that are marked as being unhealthy by a managed load balancer.
 -	❗CLB HTTPS listeners don't support Server Name Indication (SNI). If you need SNI, you can work around this limitation by either providing a certificate with Subject Alternative Names (SANs) or by using TCP listeners and terminating SSL at your backend.
 -	🔸 There is a limit on the number of ALBs, CLBs and NLBs per region (separately). As of late 2017, the default limit for each is 20 per region. These limits can be easily raised for ALB and CLB, but AWS is quite reluctant to raise the limit on NLBs.
+-	🔸 If using a Network Load Balancer (NLB) then EC2 clients cannot connect to an NLB that resides in another VPC (VPC Peering) or AWS managed VPN unless the EC2 client is a C5, i3.metal or M5 instance type. For VPC peering, both VPCs must be in the same region. (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html)
 
 CLB
 ---