What is L4 / L7 Proxy?

Layer 4 (L4) proxy and Layer 7 (L7) proxy are two categories of proxy servers in computer networks. They are distinguished by the network layer in which they function within the context of the L4-L7 network services definition. The Layer 4 proxy mainly operates at the transport layer, while the Layer 7 proxy works at the application layer. To better understand the differences between these two types and their roles in L4-L7 network services, one must first familiarize oneself with the OSI model and the concept of load balancing.

What is the OSI Model?

The open systems interconnection (OSI) model is a conceptual model created by the International Organization for Standardization that enables diverse communication systems to communicate using standard protocols. In plain English, the OSI provides a standard for different computer systems to communicate with each other.

The OSI Model can be seen as a universal language for computer networking. It is based on splitting up a communication system into seven abstract layers, each stacked upon the last.

What is Load Balancing?

Load balancing is used in computer networks and servers to distribute workloads evenly among servers. Its goal is to enhance system performance, reliability, and availability while preventing server overloads and failures. By spreading traffic across multiple servers, load balancing ensures network and application stability, responsiveness, and increased capacity for user requests.

Load balancing can be applied at various levels and in different scenarios. For a deeper understanding of DNS load balancing, hardware, and software load balancing, refer to What is DNS Load Balancing? However, this particular article will mainly delve into the concepts of load balancing as it pertains to Layer 4 and Layer 7 proxy servers:

1. Layer 4 load balancing (L4): Load balancing is implemented at the transport layer, focusing on IP addresses and port numbers. Layer 4 load balancing allocates traffic based on the connection status between clients and servers.
2. Layer 7 load balancing (L7): Load balancing is implemented at the application layer, and the application layer protocols, such as HTTP, can be understood. It can allocate traffic based on the content of requests (e.g., URL, request headers, etc.).

There are various load balancing strategies, such as Round Robin, Weighted Round Robin, Least Connections, etc. Choosing the appropriate load-balancing strategy can help improve system performance and reliability.

The L4 Proxy

The Layer 4 proxy mainly operates at the fourth layer of the OSI model, the transport layer. The transport layer is primarily responsible for end-to-end data transmission, including TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). The Layer 4 proxy primarily focuses on IP addresses and port numbers and forwards data packets between the client and the server. It is mainly used for load balancing and network traffic control, improving network performance and reliability.

Use Cases of L4 Proxy

1. Basic load balancing: Layer 4 proxy can forward data packets between clients and servers, achieving essential load balancing. This helps improve network performance and reliability, preventing overloading on individual servers.
2. Game Acceleration: L4 proxy accelerates data transmission over TCP/UDP for mobile and PC games, such as real-time battle games and MMORPGs that require global access to a unified server. L4 proxy connects players to the nearest high-speed channels to reduce the game's packet loss rate and latency due to varying network conditions across regions.
3. Real-time Audio/Video: L4 proxy supports forwarding acceleration over UDP. This ensures reliable audio and video transmission in real-time interactive scenarios, such as video meetings and video communication between anchors and audience members. L4 proxy also solves network issues such as audio/video lags, packet loss, and high latency during cross-ISP, long-distance, and cross-border communication.

The L7 Proxy

The Layer 7 proxy mainly operates at the seventh layer of the OSI model, namely the application layer. The application layer handles network application protocols and data, such as HTTP (Hypertext Transfer Protocol), FTP (File Transfer Protocol), etc. The Layer 7 proxy can understand application layer protocols to process data packets more deeply, such as content filtering, caching, security checks, etc. The Layer 7 proxy is typically used for web application optimization, security protection, and load balancing.

Use Cases of L7 Proxy

1. Web application optimization: Layer 7 proxy load balancing can allocate traffic based on the content of requests (such as URLs, request headers, etc.), enabling optimization for specific pages, APIs, or services.
2. Content Delivery Network (CDN): A network of globally distributed servers that speed up content delivery by distributing content to servers closer to users. Layer 7 proxy load balancing can route requests to the nearest server based on the user's geographical location.
3. Security protection: Layer 7 proxy load balancing can identify malicious requests (such as DDoS attacks, SQL injections, etc.) and intercept or redirect them to secure servers, protecting backend servers from attacks.

The Difference between L4 and L7

Layer 4 and Layer 7 proxies differ in their working layers, processing capabilities, and applicable scenarios. Layer 4 proxy primarily operates at the transport layer, focusing on IP addresses and port numbers, while Layer 7 proxy works at the application layer, understanding application layer protocols. Layer 4 proxy mainly forwards data packets, whereas Layer 7 proxy can perform more in-depth data packet processing, such as content filtering, caching, and security checks. Layer 4 proxy is typically used for simple load balancing and network traffic control, while Layer 7 proxy is more suitable for web application optimization, security protection, and scenarios that require intelligent routing.

L4 vs L7

L4 Proxy (Layer 4 Proxy) Advantages:

1. Transport Layer Processing: L4 proxy deals with transport layer (TCP/UDP) data, enabling functions such as load balancing and failover during network transmission.
2. Simplicity and Efficiency: Since the L4 proxy only processes transport layer data, it is relatively simple, fast, and highly efficient.
3. Protocol Agnostic: L4 proxy is not concerned with application-layer protocols, so it can support multiple protocols, such as HTTP, FTP, SMTP, etc.
4. Network Security: L4 proxy can act as a firewall, providing a certain level of network security protection.

L7 Proxy (Layer 7 Proxy) Advantages:

1. Application Layer Processing: L7 proxy processes application layer data, enabling more intelligent load balancing, failover, and other functions.
2. Content Awareness: Since the L7 proxy processes application-layer data, it can perform corresponding actions based on request content, such as caching and compression.
3. Flexible Control: L7 proxy enables flexible control of requests, such as URL rewriting, request/response modification, etc.
4. Enhanced Security Features: L7 proxy can implement more advanced security features, such as Web Application Firewall, SSL decryption, etc.
5. Session Persistence: L7 proxy can achieve session persistence, ensuring session continuity even if client requests are distributed to different servers.
6. Better Performance Optimization: L7 proxy can optimize performance based on application-layer protocols, such as HTTP/2 support, WebSocket, etc.
7. Richer Monitoring and Statistics: L7 proxy provides more detailed application layer monitoring and statistical information, facilitating analysis and optimization.

Unlocking Performance & Security with Tencent EdgeOne

The L7 Proxy in Tencent EdgeOne plays a crucial role at the application layer, managing functionalities specific to applications like HTTP traffic management for web applications. It offers in-depth insights into application usage patterns through a comprehensive analysis of L7 (application layer) access log data. This multi-dimensional, visualized view of traffic includes time trend curves, request metrics, country/region distribution, and top rankings. This information enables users to identify potential issues, refine performance, and enhance user experience, making applications more efficient and effective. L7 Proxy in EdgeOne serves as an efficient tool for holistic traffic analysis, performance monitoring, and optimal operation.

On the other hand, the L4 Proxy in Tencent EdgeOne focuses on improving and accelerating data transmission over TCP/UDP, benefiting applications like mobile and PC games that require global access to a unified server. Real-time battle games and MMORPGs, for example, rely on L4 Proxy to connect players to the nearest high-speed channels, reducing packet loss rates and latency that might be affected by varying network conditions across different regions.

Additionally, L4 Proxy enhances the performance and reliability of real-time audio and video transmission in interactive scenarios, such as video meetings and live communications between video anchors and their audiences. It can resolve network issues like video/audio lags, packet loss, and high latency during cross-ISP, long-distance, and cross-border communication.

In terms of security, L4 Proxy in Tencent EdgeOne offers various protection methods, including DDoS Protection with dedicated resources, IP blocking, redirection, returning to specified pages, and returning custom error pages. It also provides basic bot protection capabilities.

We have now launched a free trial, click here or contact us for more information.