L4 mechanics
Looks at TCP headers only. Preserves connection. Fast — millions of connections. Blind to HTTP.
Advertisement
L4 mechanics
Looks at TCP headers only. Preserves connection. Fast — millions of connections. Blind to HTTP.
Advertisement
L7 mechanics
Terminates TCP + parses HTTP. Routes by path/header/cookie. Can rewrite. Costs CPU but enables logic.
When L4 wins
Non-HTTP protocols (gRPC without header routing, custom TCP). Sub-millisecond added latency. Cost-sensitive at high QPS.
When L7 wins
Path-based routing. A/B routing by header. WAF integration. Response manipulation.
Real deployments
Often both stacked: L4 at edge for throughput, L7 behind for routing. AWS ALB is L7; NLB is L4.