L4/L7 load balancing with health checks and automatic failover
Tophan includes built-in load balancing at both the transport and application layers. Define a virtual IP, point it at a pool of backend VMs, and Tophan distributes traffic, monitors health, and removes failed backends automatically. No separate appliance, no extra licensing.
Layer 4 balancing operates on TCP/UDP connections, distributing by source IP hash, round-robin, or least connections. Layer 7 balancing inspects HTTP headers, URLs, and cookies to make routing decisions — send /api traffic to one pool, /static to another, and stick authenticated sessions to a specific backend.
Health checks run at configurable intervals. HTTP checks validate status codes and response content. TCP checks verify port reachability. Custom checks can run scripts inside the backend VM. When a backend fails its health check, it’s removed from rotation within seconds and re-added automatically when it recovers.
SSL termination offloads TLS processing from backends. Certificates are managed through Vault integration with automatic renewal.
| Feature | Description |
|---|---|
| Layer 4 | TCP/UDP load balancing with connection-level distribution |
| Layer 7 | HTTP-aware routing by path, header, or cookie |
| Health Checks | HTTP, TCP, and custom script checks with configurable intervals |
| Sticky Sessions | Cookie or source-IP persistence for stateful applications |
| SSL Termination | TLS offload with automatic certificate management via Vault |
| Failover | Automatic backend removal and recovery on health state change |
| Weighted Pools | Assign capacity weights to direct more traffic to stronger backends |
| Connection Draining | Graceful removal of backends without dropping active connections |