A Network Load Balancer (NLB) operates at the transport layer (Layer 4) and is designed for ultra-low latency and high throughput, making it ideal for volatile traffic patterns. By configuring a TCP listener, the NLB passes the encrypted TLS traffic directly to the backend ECS containers without decrypting it. This "pass-through" mechanism ensures a true end-to-end encryption tunnel is established between the client and the container. The container itself is responsible for TLS termination. This approach minimizes latency and computational overhead on the load balancer, providing the highest scalability and performance while maintaining end-to-end security.

A. Terminating TLS at the NLB breaks end-to-end encryption, as traffic is decrypted and then re-encrypted. This also adds latency compared to a simple pass-through configuration.

B. An Application Load Balancer (ALB) operates at Layer 7, which inherently has higher latency than a Layer 4 NLB. Terminating TLS at the ALB also breaks true end-to-end encryption.

D. Amazon Route 53 provides DNS-level routing, not connection-based load balancing. It is less effective at handling rapid changes in target health and distributing traffic for volatile workloads compared to an NLB.

1. AWS Documentation, Elastic Load Balancing User Guide, "What is a Network Load Balancer?": "A Network Load Balancer functions at the fourth layer of the Open Systems Interconnection (OSI) model... It is capable of handling millions of requests per second while maintaining ultra-low latencies." This supports the scalability and low-latency claims.

2. AWS Documentation, Elastic Load Balancing User Guide, "Listeners for your Network Load Balancers": Under the "TCP listeners" section, it states, "When you use a TCP listener... the load balancer passes the request through to the targets without modification. The TCP connection is terminated by the targets." This confirms the pass-through capability for end-to-end encryption.

3. AWS Documentation, Amazon ECS Developer Guide, "Service load balancing": "We recommend that you use a Network Load Balancer for TCP or UDP traffic load balancing, and for use cases that require high performance." This directly recommends NLB for high-performance ECS workloads.

4. AWS Documentation, Elastic Load Balancing User Guide, "Product comparisons for Elastic Load Balancing": The feature comparison table highlights that the Network Load Balancer is "Optimized for volatile workloads and ultra-low latency," while the Application Load Balancer is for "Advanced request-based routing." This reinforces that NLB is the superior choice for the stated requirements.