Calico Load Balancer: Simplifying Network Traffic Management with eBPF

Why a Kubernetes-native load balancer matters How Calico Load Balancer works (and why Maglev matters) Strategic Assessment: Is This Right for Your Deployment? The Life of a Packet DSR compared to a traditional return path Maglev and caching: deterministic and fast What happens during failures or path changes Configuration workflow (high level) Platform Benefits Conclusion Ready to scale your on-prem networking? Authors: Alex O’Regan, Aadhil Abdul Majeed Ever had a load balancer become the bottleneck in an on-prem Kubernetes cluster? You are not alone. Traditional hardware load balancers add cost, create coordination overhead, and can make scaling painful. A Kubernetes-native approach can overcome many of those challenges by pushing load balancing into the cluster data plane. Calico Load Balancer is an eBPF powered Kubernetes-native load balancer that uses consistent hashing (Maglev) and Direct Server Return (DSR) to keep sessions stable while allowing you to scale on-demand. Below is a developer-focused walkthrough: what problem Calico Load Balancer solves, how Maglev consistent hashing works, the life of a packet with DSR, and a clear configuration workflow you can follow to roll it out. On-prem clusters often rely on dedicated hardware or proprietary appliances to expose services. That comes with a few persistent problems: Cost and scaling friction – You have to scale the network load balancer vertically as the size and throughput requirements of your Kubernetes cluster/s grows. Operational overhead – Virtual IPs (VIPs) are often owned by another team, so simple service changes require coordination. Stateful failure modes – Kube-proxy load balancing is stateful per node, so losing an ingress node can break active sessions. Configuration drift – Kubernetes is declarative, but the upstream load balancer is not, which causes divergence over time. Calico Load Balancer flips that model. Instead of dedicated hardware, it uses the Calico eBPF data plane on ordinary Linux nodes in the cluster, advertises service IPs via BGP , and makes the load balancing decision consistent across nodes.