Network load balancer types
Written by
Updated at September 10, 2025
Note
You can only set the load balancer type (internal or external) when creating it and cannot change it later.
Here are the options for deploying a network load balancer in Yandex Cloud:
- External load balancer (
EXTERNAL), which is created by default. It is used to handle Internet traffic. - Internal load balancer (
INTERNAL), which is used to handle internal Virtual Private Cloud traffic.
These load balancers operate similarly, but you should keep the following distinctions in mind:
| Load balancer property | External | Internal |
|---|---|---|
| Listener IP address | Public IP addresses only | IP addresses from RFC-1918 only |
| Blocking the listener target port for traffic on target VMs | Active (*) | Blocked |
| Blocking the listener target port for health checks on target VMs | Active | Blocked |
| Locality in traffic processing | - | Considerations apply |
| Use of static routes | - | Considerations apply |
Explanation of the table:
- The VM ports (Target-Port) used to receive traffic from the internal load balancer and health checks become unavailable for connecting.
The VMs will only receive traffic from the internal load balancer. The same restriction will not allow a VM from the load balancer's target group to access it through the port being used. - (*) A VM from the load balancer's target group cannot access itself through the target port.
Use cases
- Deploying an Always On availability group with an internal network load balancer
- Connecting to Container Registry from Virtual Private Cloud
- Connecting to Object Storage from Virtual Private Cloud
- Implementing fault-tolerant scenarios for NAT VMs
- Integrating Cloud DNS and a corporate DNS service
- Migrating services from an NLB to an L7 ALB to enable Yandex Smart Web Security protection