What is the difference between OCI Load Balancer and Network Load Balancer?

The OCI Load Balancer operates at Layer 4 and Layer 7, supporting HTTP/HTTPS routing, SSL termination, path-based routing, and cookie-based session persistence. It uses flexible bandwidth shapes from 10 Mbps to 8 Gbps. The Network Load Balancer operates at Layer 4 only, providing ultra-low latency TCP/UDP load balancing with direct server return capability. The Network Load Balancer preserves the client source IP by default and is ideal for non-HTTP protocols.

How does flexible bandwidth shaping work for OCI Load Balancers?

Flexible shapes let you set a minimum and maximum bandwidth, and you pay based on the minimum bandwidth reservation. The load balancer can burst up to the maximum during peak traffic. For example, you might set a 100 Mbps minimum with a 1 Gbps maximum. If your traffic stays below 100 Mbps, you pay the 100 Mbps rate. This model lets you optimize costs while handling traffic spikes gracefully.

OCI Load Balancer Config Builder

NetworkingOCI

Build OCI Load Balancer backend set, listener, and health check configurations.

Last verified: May 2026

OCI Load Balancer Configuration

Build OCI Load Balancer backend sets, listeners, and health checker configurations.

Required Fields

compartmentIddisplayNameshapeNamebackendSetslisteners

{
  "compartmentId": "ocid1.compartment.oc1..aaaaaaaexample",
  "displayName": "prod-app-lb",
  "shapeName": "flexible",
  "shapeDetails": {
    "minimumBandwidthInMbps": 10,
    "maximumBandwidthInMbps": 100
  },
  "isPrivate": false,
  "subnetIds": [
    "ocid1.subnet.oc1.iad.aaaaaaaexample1",
    "ocid1.subnet.oc1.iad.aaaaaaaexample2"
  ],
  "backendSets": {
    "app-backend-set": {
      "policy": "ROUND_ROBIN",
      "healthChecker": {
        "protocol": "HTTP",
        "port": 8080,
        "urlPath": "/health",
        "returnCode": 200,
        "intervalInMillis": 10000,
        "timeoutInMillis": 3000,
        "retries": 3
      },
      "backends": [
        {
          "ipAddress": "10.0.10.5",
          "port": 8080,
          "weight": 1,
          "backup": false,
          "drain": false,
          "offline": false
        },
        {
          "ipAddress": "10.0.10.6",
          "port": 8080,
          "weight": 1,
          "backup": false,
          "drain": false,
          "offline": false
        }
      ],
      "sessionPersistenceConfiguration": {
        "cookieName": "X-Oracle-LB-Session",
        "disableFallback": false
      }
    }
  },
  "listeners": {
    "https-listener": {
      "protocol": "HTTP",
      "port": 443,
      "defaultBackendSetName": "app-backend-set",
      "sslConfiguration": {
        "certificateIds": ["ocid1.certificate.oc1.iad.aaaaaaaexample"],
        "verifyDepth": 1,
        "verifyPeerCertificate": false
      }
    }
  },
  "freeformTags": {
    "environment": "production"
  }
}

Generated Output

Output will appear here...

About This Tool

OCI offers two load balancer types — a flexible Load Balancer (Layer 4 and Layer 7) and a Network Load Balancer (Layer 4 only with ultra-low latency). Configuring either requires specifying listeners, backend sets, health checks, routing policies, SSL certificates, and shape parameters. The Load Balancer Config Builder walks you through each component, generating configurations that include bandwidth shapes, session persistence settings, path-based routing rules, and certificate bundles. It outputs configurations compatible with Terraform, the OCI CLI, and the OCI SDK.

Real-World Scenario

Your team is migrating an HTTPS API from AWS ALB to OCI Load Balancer. The builder helps you replicate the architecture: HTTPS listener on 443 with TLS 1.2+ cipher suite, path-based routing (/api → api-backend-set, /admin → admin-backend-set, default → web-backend-set), HTTP-to-HTTPS redirect listener on 80, health checks with 10s interval. Migration completes in 1 day; the resulting OCI LB costs ~$25/month for the 100 Mbps shape vs the previous $50/month AWS ALB.

When to Use This Tool

•Building a public HTTPS load balancer with path-based routing that sends /api traffic to one backend set and /static to another
•Configuring a Network Load Balancer for TCP passthrough to backend database replicas with source IP preservation
•Setting up health check parameters with appropriate intervals, timeouts, and thresholds for applications with slow startup times
•Creating load balancer configurations with SSL termination, cipher suite selection, and certificate rotation settings

Pro Tips

TIP

Always size load balancers using flexible bandwidth shapes. The minimum bandwidth (e.g., 100 Mbps) is what you pay for; the max bandwidth is your burst headroom. A 100 Mbps min / 1 Gbps max LB at $0.0306/hr is dramatically cheaper than a fixed 1 Gbps LB at $0.30/hr — and handles the same peak traffic.

TIP

Network Load Balancer (Layer 4) preserves source IP by default, which is crucial for applications that do IP-based access control or geo-IP analytics. The Application Load Balancer (Layer 7) replaces source IP with the LB's IP unless you enable XFF headers and configure your app to trust them.

TIP

Health check intervals matter for failover speed. Default is every 30 seconds with 3 failures = 90 seconds before unhealthy. For latency-critical services, drop interval to 10s and failures to 2 = 20 seconds to detect failures. The cost of more health checks is negligible.

How It Works Under the Hood

The builder constructs OCI Load Balancer or Network Load Balancer configurations: listener (port, protocol, SSL config), backend set (load balancing policy, session persistence, health check), backends (instance OCIDs or IP addresses with ports/weights), routing policies (path rules, host rules), and SSL certificate references. Output is generated as oci CLI commands and Terraform oci_load_balancer / oci_network_load_balancer resources.

Frequently Asked Questions

What is the difference between OCI Load Balancer and Network Load Balancer?: The OCI Load Balancer operates at Layer 4 and Layer 7, supporting HTTP/HTTPS routing, SSL termination, path-based routing, and cookie-based session persistence. It uses flexible bandwidth shapes from 10 Mbps to 8 Gbps. The Network Load Balancer operates at Layer 4 only, providing ultra-low latency TCP/UDP load balancing with direct server return capability. The Network Load Balancer preserves the client source IP by default and is ideal for non-HTTP protocols.
How does flexible bandwidth shaping work for OCI Load Balancers?: Flexible shapes let you set a minimum and maximum bandwidth, and you pay based on the minimum bandwidth reservation. The load balancer can burst up to the maximum during peak traffic. For example, you might set a 100 Mbps minimum with a 1 Gbps maximum. If your traffic stays below 100 Mbps, you pay the 100 Mbps rate. This model lets you optimize costs while handling traffic spikes gracefully.

Related Learning Guides

OCI VCN Networking Deep Dive25 min read

Was this tool helpful?

Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.