Create a Network Load Balancer
Use this guide to create a Network Load Balancer (NLB) from the MyAccount portal. An NLB works at Layer 4 and forwards TCP traffic to backend servers based on IP address and port, with low overhead and high throughput. It does not provide content-based routing (ACLs), HTTP health checks, or auto scaling group backends — for those, use an Application Load Balancer.
If you are still deciding between the two types, see Choose a Load Balancer.
You can also create and manage Load Balancers through the MyAccount API. See API & Automation.
Before You Begin
Make sure you can sign in to MyAccount and that your account has enough billing access or infra credits to launch the selected plan. Decide your scheme (internal or external), the TCP listening port, and which backend servers will receive traffic.
Load Balancers are billable resources. Review the Summary before you deploy.
Step 1: Open the Create Flow and Select a Plan
- Log in to MyAccount.
- In the left navigation, go to Compute > Load Balancer.
- Select Create New Load Balancer.
- Plans are listed by vCPU, RAM, storage, maximum concurrent connections, and price. Select a plan to continue.
Step 2: Choose the Type
After selecting a plan, choose Network Load Balancer (NLB). The NLB operates at Layer 4, routes TCP connections based on IP and port, and provides efficient, low-overhead forwarding for high-performance network workloads.
Step 3: Enter Details
| Field | What to enter |
|---|---|
| Name | A default name is provided from the selected plan; you can change it. Use letters, digits, hyphen, or underscore. |
| Type | External (with public IP) for internet-facing traffic, or Internal (without public IP) for private VPC traffic. |
Step 4: Configure Target Mapping
Target Mapping defines the backend group and the port the NLB listens on. Add one or more backend groups with Add More Backend.
Backend Group — a uniquely named set of backend servers that receive the forwarded TCP traffic.
Routing Policy — choose how connections are distributed:
- Least Connection — sends each connection to the backend with the fewest active connections (the NLB default).
- Round Robin — even distribution across backends.
- Source IP Hash — keeps a client on the same backend based on its source IP.
LB Listening Port — the TCP port the NLB accepts connections on.
The listening port must be 80, 443, or a value between 1024 and 65535. Ports 8080, 10050, and 9101 are reserved and cannot be used.
Backends — adding a backend is mandatory. Select Add Server and enter each server's name, IP (preferably the private IP if on E2E Cloud), and port. After adding servers, open the dropdown to review the list.
Step 5: Peak Performance Features
VPC — enable this to attach a VPC so the load balancer can reach backends over private networking. A Default VPC uses a pre-defined CIDR from E2E; a Custom VPC is one you create, where you can optionally select an associated subnet. A VPC is required for the internal scheme.
Reserved IP — enable this to use a reserved IP as the default public IP, so you can re-point traffic to different backends without downtime.
Step 6: BitNinja
Enable BitNinja to protect the load balancer against cyberattacks. It installs easily, needs minimal maintenance, and provides immediate protection across all BitNinja-enabled load balancers.
Step 7: Timeouts
Configure connection timeout, client timeout, server timeout, and HTTP keep-alive timeout values to suit your traffic.
Step 8: Encryption
Enabling encryption protects the load balancer's data at rest. Encryption can only be enabled during creation — select Enable Encryption and, optionally, set a passphrase. See Load Balancer Encryption for how it works and the passphrase rules.
Encryption cannot be enabled or disabled after the load balancer is created. Decide before you deploy.
Step 9: Security Group
A security group acts as a virtual firewall, controlling inbound and outbound traffic for the load balancer. A default security group is selected automatically; you can create a new one or select an existing one during creation.
- Inbound rules decide what traffic can reach the load balancer.
- Outbound rules control what traffic the load balancer can send out.
To create one during the flow, select the + icon, name the group, define inbound and outbound rules, and select Create. It then appears in the security group dropdown. See Security Groups for full details.
Step 10: Review the Summary and Deploy
In the Summary, verify the plan, type, details, target mapping, and peak performance features, then select Submit.
Setup takes a few minutes. The load balancer appears as Creating (about 5–6 minutes), may pass through Deploying (about 2–3 minutes), and reaches Running when provisioning completes. You are redirected to the Load Balancers page.
After it is running, manage it from the Load Balancer details tabs — see Manage Load Balancers.
Related Resources
| Resource | Use it for |
|---|---|
| Choose a Load Balancer | Compare ALB and NLB and plan settings. |
| Create an Application Load Balancer | Launch a Layer 7 HTTP/HTTPS ALB instead. |
| Manage Load Balancers | Edit backends, network, monitoring, and actions. |
| Load Balancer Encryption | Encrypt the load balancer at rest. |
| VPC | Private networking. |
| Reserved IP | Stable public IP. |
| BitNinja | Load balancer protection. |