We are proud to announce the addition of an exciting new capability to NGINX Open Source and our application delivery platform, NGINX Plus – UDP load balancing. The new capability builds on our existing TCP and HTTP capabilities, making NGINX a powerful, easy-to-use, and consistent frontend for an even wider range of Internet applications and devices. We’re excited to extend the load balancing capabilities that power more than half of the world’s busiest applications to a new set of users building the Internet of Things (IoT).
Most Internet applications depend on HTTP for network communication. Advanced protocols like SOAP and REST are built on the foundation of HTTP, which can take advantage of a number of rich extensions – security using TLS, compression using Gzip, and performance enhancements using HTTP/2.
Nevertheless, many applications need to use multiple protocols for different purposes, and many of the core Internet protocols predate HTTP. For this reason, a complete solution for load balancing and reverse proxying needs to support a wide range of protocols, both TCP‑based and UDP‑based.
UDP is commonly used for lightweight protocols that are not transactional in nature, such as DNS (used to resolve domain names to addresses), syslog (used for lightweight logging), and RADIUS (used for authentication). These protocols don’t have strict reliability requirements – if a UDP message (datagram) is dropped, the client can safely resend the message after a timeout – but the services they provide are critical for the correct operation of Internet services. UDP is also emerging as one of the protocols of choice for new IoT applications due to its low bandwidth requirements.
A year ago, NGINX introduced TCP load balancing to our community of users and commercial customers. We’re now pleased to extend our load balancing capabilities with the addition of UDP load balancing. With NGINX and NGINX Plus, users can now deliver UDP‑based services with reliability, scalability, and performance.
NGINX listens for UDP network traffic (protocols such as DNS, syslog, and RADIUS) on one or more addresses (IP address and port), as defined by the administrator. These addresses are published so that clients know where to send requests for the desired service.
As for HTTP and TCP load balancing, the configuration for UDP load balancing defines an upstream group – the set of origin servers that provide the UDP‑based service – and the algorithm to use when load balancing traffic across the servers (for example, Round Robin, Least Connections, or Hash based on source IP address). The configuration also defines a virtual server for each UDP port, with a proxy_pass
directive naming the upstream group that provides the associated service:
# Load balance UDP‑based DNS traffic across two serversstream {
upstream dns_upstreams {
server 192.168.136.130:53;
server 192.168.136.131:53;
}
server {
listen 53 udp;
proxy_pass dns_upstreams;
proxy_timeout 1s;
proxy_responses 1;
error_log logs/dns.log;
}
}
When NGINX receives a UDP datagram on a port (here, a DNS query on port 53), it uses the configured load balancing algorithm (here, the default Round Robin) to select which server in the upstream group will process it. Where appropriate, NGINX waits for a response from the server and forwards that response (and any subsequent packets received within the timeout period) back to the client.
If a server fails to respond to a request, NGINX marks it as ‘failed’ and temporarily stops sending datagrams to it. Every few seconds, NGINX checks the server’s health to see if it has recovered by sending it a small amount of live traffic.
NGINX Plus R9 will include application (also called ‘asynchronous’ or ‘synthetic’) health checks for UDP services, similar to those for HTTP and TCP traffic. You’ll be able to configure NGINX Plus to send special UDP requests to the upstream servers, and define the type of response the servers must return to be considered healthy.
Other features supported with UDP load balancing include logging of transactions to a web-server–style access log, IP address‑based access control lists, and a range of rate‑limiting features.
In NGINX Plus R9live activity monitoring statistics provided by the Status module will include UDP metrics, and you’ll be able to reconfigure UDP upstream groups on the fly, using an HTTP‑based API and DNS, as you currently can for HTTP and TCP servers.
UDP load balancing addresses two key use cases: high availability and horizontal scaling. By design, UDP does not guarantee end-to-end delivery of data and therefore requires the client software to deal with network‑level errors and retransmissions. UDP‑based protocols typically define a pair of servers; if a client cannot connect to its preferred server, it must wait a defined timeout period before trying the other server. This can introduce lengthy delays into UDP transactions.
Deploying NGINX or NGINX Plus as a highly available and reliable load balancer in front of your UDP servers can eliminate or reduce delays of this kind. Clients send UDP requests to the NGINX or NGINX Plus load balancer, which monitors the health and availability of UDP servers and does not send requests to failed or overloaded servers. Clients don’t experience connection or request failures and so don’t suffer the timeouts associated with retrying requests.
Using NGINX or NGINX Plus as a load balancer also makes it possible to scale a UDP application to handle heavy traffic. In a typical UDP deployment, clients are aware of at most two UDP servers, but scaling up to satisfy high demand requires many more UDP servers. In this scenario, clients send their UDP requests to the one or two known NGINX or NGINX Plus instances, which load balance the requests across the larger number of UDP servers actually required to handle the load.
UDP load balancing with NGINX and NGINX Plus is suitable for any UDP‑based application that sends data and optionally expects one or more responses. NGINX can also load balance proprietary UDP‑based protocols such as those found in IoT environments.
The specific timing of availability of UDP load balancing in our releases is as follows:
NGINX and NGINX Plus provide a complete load‑balancing and application‑delivery platform for a broad array of Internet protocols. Whether you’re delivering HTTP‑based applications, lower‑level TCP applications, or UDP‑based protocols, you can rely on NGINX and NGINX Plus to deliver high availability, reliability, scalability, and performance in a single, lightweight application. We’re very excited about the new UDP load balancing feature and its potential to bring high‑performance load balancing and flawless application delivery to a whole new host of devices.
Want to familiarize yourself with NGINX Plus in advance of the release of UDP load balancing in Release 9? Start your free 30-day trial today or contact us to discuss your use cases.
"This blog post may reference products that are no longer available and/or no longer supported. For the most current information about available F5 NGINX products and solutions, explore our NGINX product family. NGINX is now part of F5. All previous NGINX.com links will redirect to similar NGINX content on F5.com."