XLB: A High Performance Layer-7 Load Balancer for Microservices using eBPF-based In-kernel Interposition

L7 load balancers are a fundamental building block in microservices as they enable fine-grained traffic distribution. Compared to monolithic applications, microservices demand higher performance and stricter isolation from load balancers. This is due to the increased number of instances, longer service chains, and the necessity for co-location with services on the same host. Traditional sidecar-based load balancers are ill-equipped to meet these demands, often resulting in significant performance degradation. In this work, we present XLB, a novel architecture that reshapes L7 load balancers as in-kernel interposition operating on the socket layer. We leverage eBPF to implement the core load balancing logic in the kernel, and address the connection management and state maintenance challenges through novel socket layer redirection and nested eBPF maps designs. XLB eliminates the extra overhead of scheduling, communication, and data movement, resulting in a more lightweight, scalable, and efficient L7 load balancer architecture. Compared to the widely used microservices load balancers (Istio and Cilium), over 50 microservice instances, XLB achieves up to 1.5x higher throughput and 60% lower end-to-end latency.

💡 Research Summary

The paper addresses the performance and isolation challenges of Layer‑7 (L7) load balancers in modern microservice deployments. Traditional sidecar‑based approaches such as Istio and Cilium place a separate proxy container alongside each service instance, incurring substantial overhead from extra scheduling, inter‑process communication, duplicate protocol processing, and numerous system calls for connection splicing. Empirical measurements show that sidecar‑based L7 load balancers reduce throughput by up to 55 % and increase end‑to‑end latency by more than 2×, while only about 20 % of that overhead is attributable to essential functions like HTTP parsing and load‑balancing decisions. The remaining cost stems from kernel‑level TCP/IP processing and connection management, which the authors identify as prime optimization targets.

To eliminate these inefficiencies, the authors propose XLB, a novel architecture that moves the L7 load‑balancing logic into the Linux kernel using eBPF. XLB operates as an interposition layer at the socket subsystem, effectively becoming a logical extension of the application rather than an external proxy. Two key innovations enable this design: (1) a socket‑level redirection mechanism that attaches a list of backend pools directly to a client socket, bypassing the client‑side handshake and allowing the kernel to splice traffic among backend sockets without additional system calls; (2) the use of nested eBPF maps to represent complex state such as service configurations, flow statistics, and policy rules, overcoming eBPF’s native limitations on data structures and memory usage.

Implementation details include hooking eBPF programs at socket creation, connection establishment, and data transmission points, reusing parsed HTTP/gRPC headers to avoid duplicate parsing, and managing connection pools entirely within the kernel. Security and isolation are preserved by scoping eBPF programs per‑service namespace and enforcing strict permission checks, ensuring that a compromised load‑balancer cannot affect other tenants.

The evaluation comprises micro‑benchmarks with over 50 microservice instances and a production‑grade financial workload. XLB achieves up to 1.5× higher request throughput (≈101 k req/s) and 60 % lower average latency (≈0.63 ms) compared with Istio (≈44 k req/s, 1.43 ms) and Cilium (≈53 k req/s, 1.20 ms). In the financial use case, XLB delivers a 41 % latency reduction and a 30 % increase in service density. Profiling confirms that XLB eliminates more than 70 % of the kernel‑protocol and connection‑splicing overhead present in sidecar designs.

In summary, XLB demonstrates that eBPF‑based kernel interposition can provide a high‑performance, secure, and operationally compatible L7 load‑balancing solution for microservices. By removing the need for separate sidecar proxies while retaining full compatibility with existing control planes (e.g., Istio’s pilot, Cilium’s operator), XLB offers a practical path toward more efficient service meshes in public‑cloud environments.