Tencent Cloud

Recent Pages

CLB Listener Overview

Last updated: 2024-01-04 14:34:05

After creating a CLB instance, you need to configure a listener for it. The listener listens to requests on the instance and distributes traffic to real servers based on the load balancing policy.
You need to configure a CLB listener with the following items:
1. Listening protocol and port. The listening port, or frontend port, is used to receive and forward requests to real servers.
2. Listening policies, such as the load balancing policy and session persistence.
3. Health check policies.
4. Real server. Bind a real server by selecting its IP address and port. A service port, or backend port, is used by the real server to receive requests.
Supported Protocol Types
A CLB listener can listen to layer-4 and layer-7 requests on a CLB instance and route them to real servers for processing. The main difference between layer-4 CLB and layer-7 CLB is whether layer-4 protocol (such as TCP or UDP) or layer-7 protocol (such as HTTP or HTTPS) is used to forward traffic for load balancing of user requests.
Layer-4 protocols: Transport layer protocols that receive requests and forward traffic to the real server mainly via VIP and port.
Layer-7 protocols: Application layer protocols that distribute traffic based on application layer information such as URL and HTTP header.
If you use a layer-4 listener (i.e., layer-4 protocol forwarding), the CLB instance will establish a connection with the real server on the listening port, and directly forward requests to the real server. This process does not modify any data packets (in pass-through mode) and has high forwarding efficiency.
Tencent Cloud CLB supports request forwarding over the following protocols:
TCP (transport layer)
UDP (transport layer)
TCP SSL (transport layer)
QUIC (transport layer)
HTTP (application layer)
HTTPS (application layer)
Note:
 TCP SSL listeners currently not support classic CLB instances.
Protocol Type
Protocol
Description
Use Case
Layer-4 protocol
TCP
Connection-oriented and reliable transport layer protocol:
The source and destination ends must perform a three-way handshake to establish a connection before data transfer.
Session persistence based on the client IP address (source IP address) is supported.
The client IP address can be found at the network layer.
The server can directly obtain the client IP address.
TCP is suitable for scenarios that have high requirements for reliability and data accuracy but relatively low requirements for transfer speed, such as file transfer, receiving and sending emails, and remote login. For more information, see Configuring a TCP Listener.
﻿
UDP
Connection-less transport layer protocol:
The source and destination ends do not establish a connection, nor maintain the connection status.
Each UDP connection is point-to-point.
One-to-one, one-to-many, many-to-one, and many-to-many communications are supported.
Session persistence based on the client IP address (source IP address) is supported.
The server can directly obtain the client IP address.
UDP is suitable for scenarios that have high requirements for transfer efficiency but relatively low requirements for accuracy, such as instant messaging and online videos. For more information, see Configuring a UDP Listener.
﻿
TCP SSL
Secure TCP:
TCP SSL listeners support configuring certificates to block unauthorized access.
Unified certificate management is supported for CLB to implement decryption.
One-way authentication and mutual authentication are supported.
The server can directly obtain the client IP address.
TCP SSL is suitable for scenarios that have high requirements for security when TCP is used and supports TCP-based custom protocols. For more information, see Configuring a TCP SSL Listener.
﻿
QUIC
UDP-based multiplexing concurrent transport layer protocol:
QUIC implements reliable data transmission, security and HTTP2 over UDP, and is comparable to the combination of TCP, TLS, and HTTP2.
In a QIUC connection, no matter what happens to the IP address or port, the connection will not be interrupted, enabling seamless connection migration.
QIUC is suitable for audio and video services, game services, etc. When the network is unstable, such as frequent switching between 4G network and Wi-Fi network, it can smoothly migrate and connect services without interruption. For more information, see Configuring a QUIC Listener.
Layer-7 protocol
HTTP
Application layer protocol:
Forwarding based on the request domain name and URL is supported.
Cookie-based session persistence is supported.
HTTP is suitable for applications that need to identify request content, such as web applications and mobile applications. For more information, see Configuring an HTTP Listener.
﻿
HTTPS
Encrypted application layer protocol:
Forwarding based on the request domain name and URL is supported.
Cookie-based session persistence is supported.
Unified certificate management is supported for CLB to implement decryption.
One-way authentication and mutual authentication are supported.
HTTPS is suitable for HTTP applications that require encrypted transmission. For more information, see Configuring an HTTPS Listener.
Port Configuration
Port Type
Description
Restrictions
Listening port (frontend port)
Listening ports are used by CLB instances to receive and forward requests to real servers. You can configure CLB instances for ports 1 to 65535, such as port 21 (FTP), port 25 (SMTP), port 80 (HTTP), and port 443 (HTTPS).
On one CLB instance:
Listening ports of UDP can be used for TCP. For example, a TCP:80 listener and a UDP:80 listener can coexist.
Listening ports must be unique for the same type of protocol. TCP, TCP SSL, HTTP, and HTTPS are all TCP protocols, so a TCP:80 listener and an HTTP:80 listener cannot coexist.
Service port (backend port)
Service ports are used by real servers to provide services, receive and process traffic from CLB instances. On one CLB instance, one listening port can forward traffic to ports of multiple real servers.
On one CLB instance:
Listeners using different protocols can be bound to the same service port. For example, listener HTTP:80 and listener HTTPS:443 can be bound to the same port of a real server.
When using the same listening protocol, each real server port can be bound to only one listener, that is, the quadruple (VIP, listening protocol, private IP address of the real server, and real server port) must be unique.
References
Use Limits

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support

tencent cloud

Recent Pages

CLB Listener Overview

Supported Protocol Types

Port Configuration

References

Was this page helpful?

Was this page helpful?

Protocol Type	Protocol	Description	Use Case
Layer-4 protocol	TCP	Connection-oriented and reliable transport layer protocol: The source and destination ends must perform a three-way handshake to establish a connection before data transfer. Session persistence based on the client IP address (source IP address) is supported. The client IP address can be found at the network layer. The server can directly obtain the client IP address.	TCP is suitable for scenarios that have high requirements for reliability and data accuracy but relatively low requirements for transfer speed, such as file transfer, receiving and sending emails, and remote login. For more information, see Configuring a TCP Listener.
		UDP	Connection-less transport layer protocol: The source and destination ends do not establish a connection, nor maintain the connection status. Each UDP connection is point-to-point. One-to-one, one-to-many, many-to-one, and many-to-many communications are supported. Session persistence based on the client IP address (source IP address) is supported. The server can directly obtain the client IP address.	UDP is suitable for scenarios that have high requirements for transfer efficiency but relatively low requirements for accuracy, such as instant messaging and online videos. For more information, see Configuring a UDP Listener.
		TCP SSL	Secure TCP: TCP SSL listeners support configuring certificates to block unauthorized access. Unified certificate management is supported for CLB to implement decryption. One-way authentication and mutual authentication are supported. The server can directly obtain the client IP address.	TCP SSL is suitable for scenarios that have high requirements for security when TCP is used and supports TCP-based custom protocols. For more information, see Configuring a TCP SSL Listener.
		QUIC	UDP-based multiplexing concurrent transport layer protocol: QUIC implements reliable data transmission, security and HTTP2 over UDP, and is comparable to the combination of TCP, TLS, and HTTP2. In a QIUC connection, no matter what happens to the IP address or port, the connection will not be interrupted, enabling seamless connection migration.	QIUC is suitable for audio and video services, game services, etc. When the network is unstable, such as frequent switching between 4G network and Wi-Fi network, it can smoothly migrate and connect services without interruption. For more information, see Configuring a QUIC Listener.
Layer-7 protocol	HTTP	Application layer protocol: Forwarding based on the request domain name and URL is supported. Cookie-based session persistence is supported.	HTTP is suitable for applications that need to identify request content, such as web applications and mobile applications. For more information, see Configuring an HTTP Listener.
Layer-7 protocol		HTTPS	Encrypted application layer protocol: Forwarding based on the request domain name and URL is supported. Cookie-based session persistence is supported. Unified certificate management is supported for CLB to implement decryption. One-way authentication and mutual authentication are supported.	HTTPS is suitable for HTTP applications that require encrypted transmission. For more information, see Configuring an HTTPS Listener.

Port Type	Description	Restrictions
Listening port (frontend port)	Listening ports are used by CLB instances to receive and forward requests to real servers. You can configure CLB instances for ports 1 to 65535, such as port 21 (FTP), port 25 (SMTP), port 80 (HTTP), and port 443 (HTTPS).	On one CLB instance: Listening ports of UDP can be used for TCP. For example, a `TCP:80` listener and a `UDP:80` listener can coexist. Listening ports must be unique for the same type of protocol. TCP, TCP SSL, HTTP, and HTTPS are all TCP protocols, so a `TCP:80` listener and an `HTTP:80` listener cannot coexist.
Service port (backend port)	Service ports are used by real servers to provide services, receive and process traffic from CLB instances. On one CLB instance, one listening port can forward traffic to ports of multiple real servers.	On one CLB instance: Listeners using different protocols can be bound to the same service port. For example, listener `HTTP:80` and listener `HTTPS:443` can be bound to the same port of a real server. When using the same listening protocol, each real server port can be bound to only one listener, that is, the quadruple (VIP, listening protocol, private IP address of the real server, and real server port) must be unique.

tencent cloud

Sign Up

Log in

Recent Pages

CLB Listener Overview

Supported Protocol Types

Port Configuration

References

Was this page helpful?

Was this page helpful?