Tencent Cloud

Recent Pages

Introduction

Last updated: 2020-05-22 14:42:37

After creating a CLB instance, you need to configure a listener to it. The listener listens to requests on the instance and routes traffic to real servers based on the load balancing policy.

You need to configure the following for a CLB listener:

Listener protocol and listener port. A CLB listener port, or frontend port, is used to receive and route requests to real servers.
Listening policies, such as load balancing policy and session persistence.
Health check policies.
Bind real server by selecting its IP and port. A service port, or backend port, is used by the real server to receive requests.

Supported Protocol Types

A CLB listener can listen to layer-4 and layer-7 requests on a CLB instance and route them to real servers for processing. The main difference between layer-4 CLB and layer-7 CLB is whether layer-4 or layer-7 protocol is used to forward traffic for load balancing of user requests.

Layer-4 protocols: transport layer protocols that receive requests and forward traffic to the real server mainly via VIP + port.
Layer-7 protocols: application layer protocols that distribute traffic based on application layer information such as URL and HTTP header.

Tencent Cloud CLB supports request forwarding over the following protocols:

TCP (transport layer)
UDP (transport layer)
TCP SSL (transport layer)
HTTP (application layer)
HTTPS (application layer)
- The TCP SSL listener feature is currently in beta test. To try it out, please submit a ticket for application.
- The TCP SSL listener feature is only available to public network CLB but not private network CLB or classic CLB.

Layer-4 Listener

Protocol	Description	Scenarios
TCP	Connection-oriented and reliable transport layer protocol The source and destination ends must perform 3 handshakes to establish a connection before data transfer Session persistence based on client IP (source IP) is supported Client IP can be found at the network layer The server can directly obtain client IP	TCP is suitable for scenarios that have high requirements for reliability and data accuracy but relatively low requirements for transfer speed, such as file transfer, receiving and sending emails, and remote login. For more information, please see Configuring TCP Listener.
UDP	Connection-less transport layer The source and destination ends do not establish a connection, nor maintain the connection status Each UDP connection is point-to-point One-to-one, one-to-many, many-to-one and many-to-many communications are supported Session persistence based on client IP (source IP) is supported The server can directly obtain client IP	UDP is suitable for scenarios that have high requirements for transfer speed but relatively low requirements for accuracy, such as instant messaging and online videos. For more information, please see Configuring UDP Listener.
TCP SSL	Secure TCP TCP SSL listeners support configuration of certificates to prevent unauthorized access requests Unified certificate management is provided for CLB to implement decryption Unidirectional and bidirectional authentications are supported The server can directly obtain client IP	TCP SSL is suitable for scenarios that have high requirements for security when TCP protocol is used and supports TCP-based custom protocols. For more information, please see Configuring TCP SSL Listener.

If you use layer-4 listener (i.e., layer-4 protocol forwarding), CLB instance will establish a TCP connection with the real server on the listener port, and directly forward requests to the real server. This process does not modify any data packets (in passthrough mode) and has high forwarding efficiency.

Layer-7 Listener

Protocol	Description	Scenarios
HTTP	Application layer protocol Forwarding based on the request domain name and URL is supported Cookie-based session persistence is supported	HTTP is suitable for applications that need to identify request content, such as web applications and app services. For more information, please see Configuring HTTP Listener.
HTTPS	Encrypted application layer protocol Forwarding based on the request domain name and URL is supported Cookie-based session persistence is supported Unified certificate management is provided for CLB to implement decryption Unidirectional and bidirectional authentications are supported	HTTPS is suitable for HTTP applications that need encrypted transmission. For more information, please see Configuring HTTPS Listener.

Port Configuration

Listening port (frontend port)	Service port (backend port)	Description
This port is used to receive requests and forward them to the real server when the CLB instance provides services. You can configure load balancing for port 1 to 65535, such as 21 (FTP), 25 (SMTP), 80 (HTTP), and 443 (HTTPS).	A service port provides services for CVM, receives and processes CLB traffic. On a CLB instance, one listener port can forward traffic to multiple ports of multiple CVMs.	On a CLB instance, the listener port must be unique. For example, `TCP:80` and `HTTP:80` listeners cannot co-exist. Only ports of TCP and UDP protocols can co-exist. For example, you can create `TCP:80` and `UDP:80` listeners at the same time. The service ports can repeat on a CLB instance. For example, both `HTTP:80` and `HTTPS:443` listeners can be bound to the same port of a CVM.