Add and manage listeners

This guide explains how to add a listener to a load balancer, view listener lists, change information, and set rules and conditions for managing listeners.

Add listener

Add HTTP listener

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.
2. Select a load balancer to add an HTTP listener from the load balancer list.
3. Click the Listener tab and then click the [Add listener] button.
4. In the popup, select the HTTP protocol and modify the port if necessary.
5. Select a target and click the [Add] button.

Add HTTPS listener

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer to add an HTTPS listener from the load balancer list.

3. Click the Listener tab and then click the [Add listener] button.

4. In the popup, select the HTTPS protocol and modify the port if necessary.

5. Select a target and default SSL certificate and click the [Add] button. You can select an existing certificate or add a new certificate as follows:

   Supported cipher suite list by Min TLS version

   Min TLS version	TLSv1.0	TLSv1.1	TLSv1.2
   TLS protocol
   TLSv1.0	v
   TLSv1.1	v	v
   TLSv1.2	v	v	v
   Cipher Suite
   ECDHE-RSA-AES128-GCM-SHA256			v
   ECDHE_RSA_AES128_CBC_SHA(ECDHE-RSA-AES128-SHA)	v	v	v
   ECDHE-RSA-AES128-SHA256			v
   ECDHE-RSA-AES256-GCM-SHA384			v
   ECDHE_RSA_AES256_CBC_SHA(ECDHE-RSA-AES256-SHA)	v	v	v
   ECDHE-RSA-AES256-SHA384			v
   AES128-GCM-SHA256			v
   AES128-SHA	v	v	v
   AES128-SHA256			v
   AES256-GCM-SHA384			v
   AES256-SHA	v	v	v
   AES256-SHA256			v
   CAMELLIA128-SHA	v	v	v
   CAMELLIA256-SHA	v	v	v
   DHE-RSA-AES128-GCM-SHA256			v
   DHE-RSA-AES128-SHA	v	v	v
   DHE-RSA-AES128-SHA256			v
   DHE-RSA-AES256-GCM-SHA384			v
   DHE-RSA-AES256-SHA	v	v	v
   DHE-RSA-AES256-SHA256			v
   DHE-RSA-CAMELLIA128-SHA	v	v	v
   DHE-RSA-CAMELLIA256-SHA	v	v	v
   ECDHE_ECDSA_AES128_SHA	v	v	v

info

After adding a listener, you can connect the target group by going to [More] icon > Configure listener. If the default forwarding target is 'Not set', an error will occur when accessing the service externally. Therefore, please connect a target group.

View listeners

You can modify or delete existing listeners or add new listeners.

View listener list

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the load balancer list.

3. Click the Listener tab to view the list of listeners associated to the load balancer.

   Category	Description
   Protocol:Port	Protocol and port of the listener
   ID	ID assigned at creation
   Provisioning status	Information on whether the listener was successfully created or is in the process of being modified or deleted
   Operating status	Information on whether the created listener is available for use
   Min TLS version	Security policy used for HTTPS communication between the client and the load balancer
   Default SSL certificate	Certificate used for HTTPS communication between the client and the load balancer
   Default action	The default action to handle traffic received by the Listener, fixed to Forward - If a target group is associated, the target group name is displayed
   Rule	Number of added rules with one rule applied by default
   [More] icon	Provides options to configure or delete the listener

View listener details

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the load balancer list.

3. Click the Listener tab and click the expand button.

   Listener details

   Type	Item	Description
   Rule	Rule order	Rules are applied in the order of their numbers, with smaller numbers applied first
   	Condition	If they are different types regardless of order, use AND; if they are the same type, use OR to determine the traffic's true/false status, and if ultimately true, the rule is applied
   	Action	Action that occurs when the rule is applied
   	[Edit] icon	Clicking this will display a rule edit popup
   	[Delete] icon	Clicking this will display a rule delete popup
   Certificate	Default	Whether it is the default certificate
   	Certificate ID	ID assigned when adding the certificate
   	Domain	Certificate domain
   	Registered at	Certificate registration date
   	Expired at	Certificate expiration date
   	[Disassociate] Icon	Clicking this will display a disassociate popup
   Attributes	HTTP/2	Fixed as not using HTTP/2
   	Idle timeout	Setting value for connection idle timeout
   	X-Forwarded-For header processing	Options for handling X-Forwarded-For header: Attach, Preserve, Remove
   	X-Forwarded-Port forwarding	Whether to use X-Forwarded-Port forwarding
   	X-Forwarded-Proto forwarding	Whether to use X-Forwarded-Proto forwarding
   	Max connections settings	If set to enabled, displays the maximum value set

Manage listener

Change target group

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer to modify from the list.

3. Click the Listener tab, then click the [More] icon > Configure listener.

4. In the popup, select a target group and click [OK].

Set minimum TLS version

If you select the HTTPS protocol for the load balancer’s Listener, you can set the Min TLS version.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer.

3. In the details view, click the Listener tab, then click the [More] and Configure listener.

4. Choose the TLS version and click [OK].

Change default certificate from all certificates

If you select the HTTPS protocol for the load balancer’s Listener, you can change the default certificate.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the list.

3. In the details view, click the Listener tab, then click the [More] icon > Configure listener.

4. Choose the certificate from the SSL certificate list, then click [OK].

caution

If there are no associated certificates available to set as the default or if all associated certificates are in a deleted state, you cannot change the default certificate. For more details, refer to Add certificate.

Add certificate

If you select the HTTPS protocol for the load balancer’s listener, you can connect up to 5 additional certificates excluding the default certificate.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the list.

3. In the details view, click the Listener tab, then select a listener to add a certificate.

4. Click the [Add certificate] button.

   Associate certificate

   Add new certificate

5. In the popup, select the SSL certificates to connect additionally.

6. Click [Associate].

Set default certificate from associated certificates

If you select the HTTPS protocol for the load balancer’s Listener, you can select a default certificate from the certificates associated when creating the listener or any additional certificates.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the list.

3. In the details view, select a listener on the Listener tab.

4. Click the [Set default certificate] button.

5. In the popup, review the list of associated certificates and select the certificate to set as default.

6. Click [Save].

caution

If there are no associated certificates available to set as default or if all associated certificates are in a deleted state, you cannot change the default certificate. In this case, refer to Add certificate to associate a new certificate and then replace the default certificate.

Disassociate certificate

If you select the HTTPS protocol for the load balancer’s listener, you can disassociate all certificates except the default one.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the list.

3. In the details view, click the Listener tab, then select a listener.

4. Review the list of associated certificates and check the one to disassociate.

5. Click the [Disassociate] button.

6. In the popup, review the details and click the [Disassociate] button.

caution

If there are deleted certificates associated, check all deleted certificates (except the default) in the certificate list and disassociate them before changing or connecting other certificates.

Delete certificate

If the listener protocol of the load balancer is set to HTTPS, you can delete unused or expired certificates.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select the load balancer that contains the listener to modify from the Load Balancer list.

3. In the details screen, click the Listener tab and select the listener to delete the certificate.

4. In the listener details screen, click the [Manage all certificates] button.

5. Review the list of registered certificates and select the [Delete] icon.

6. In the popup window, enter the deletion confirmation text and click the [Delete] button.

caution

If you delete a certificate that is set as the default certificate for a listener, the communication for that listener may not function properly. Before deleting a certificate, please refer to Set default certificate to replace the certificate.

Set or remove maximum connection limit

If the Load Balancer's Listener protocol is set to HTTP or HTTPS, you can configure the maximum connection limit/release.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select the Load Balancer from the load balancer list.

3. In the detailed screen, click a listener on the Listener tab.

4. In the listener detailed screen, click the [Configure max connections] button.

5. Change the settings in the popup.

   • To limit the maximum value: Switch the maximum connection item to "Enabled" or keep it "Enabled" and enter the allowed maximum value.
     (Maximum connection: 1~2,147,483,647)
   • To release the maximum value limit: Switch the maximum connection item to "Disabled".

   Configure max connections

6. Click the [Apply] button.

Set idle timeout

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select the Load Balancer from the load balancer list.

3. In the detailed screen, click a listener on the Listener tab.

4. In the Listener detailed screen, click the [Configure attributes].

5. Modify the idle timeout in the popup.

   • Idle timeout: Enter a value between 1~4000 (default is 50 seconds).

6. Click the [Save] button.

Set packet (X-Forwarded-For Header)

1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the Load Balancer from the load balancer list.

3. In the detailed screen, click a listener on the Listener tab.

4. In the Listener detailed screen, click the [Configure attributes] button.

5. Modify the packet settings in the popup.

   • X-Forwarded-For header processing
     ᄂAttach: Select the Attach option to save the IP addresses of clients that have passed through in the X-Forwarded-For request header and forward them to the server.
     ᄂPreserve: Select the Preserve option to forward the X-Forwarded-For request header to the target without any modifications.
     ᄂRemove: Select the Remove option to delete the X-Forwarded-For request header from the request before forwarding it to the target.
   • X-Forwarded-Port transmission
     ᄂSwitch to 'Enabled' to preserve the port in the header.
     ᄂSwitch to 'Disabled' to not preserve the port in the header.
   • X-Forwarded-Proto
     ᄂSwitch to 'Enabled' to preserve the protocol in the header.
     ᄂSwitch to 'Disabled' to not preserve the protocol in the header.

   Listener attribute

6. Click the [Save] button.

Delete listener

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the list.

3. In the details view, click the Listener tab.

4. Click the [More] icon and Delete listener.

5. In the popup, review the listener details and click [Delete].

Add ALB rules

ALB rules are used exclusively with ALB listeners (HTTP, HTTPS) for Layer 7 Load Balancing settings.
When a listener is created, a default rule is automatically generated and applied last.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer to add L7 rules from the load balancer list.

3. In the detailed view, select the Listener tab.

4. Click the [Expand] icon to add rules, and then click the [Add rule] button.

5. In the pop-up window, configure the rule's order, conditions, and actions.

   Condition types

   Type	Comparison Method	Key Condition	Value Condition
   Host-Header	Choose between Equals to or Not equals to	No input required	- Required - Up to 63 characters, excluding subdomains under . - Allows uppercase and lowercase letters, numbers, and some special characters (- .) - Cannot start with .
   Path	Choose from Contains, Not contain, Equals to, Not equals to, Starts with, Not start with, Ends with, Not end with	No input required	- Required - 1 to 255 characters - Allows uppercase and lowercase letters, numbers, and some special characters (- _ . /) - Cannot start with -
   HTTP-Header	Choose from Contains, Not contain, Equals to, Not equals to, Starts with, Not start with, Ends with, Not end with	- Required - 1 to 255 characters - Allows uppercase and lowercase letters, numbers, and some special characters (- _)	- Required - 1 to 255 characters - Allows uppercase and lowercase letters, numbers, and some special characters (( ) - = * . ? ; + : & _)
   File Type	Choose between Equals to or Not equals to	No input required	- Required - 1 to 255 characters - Allows uppercase and lowercase letters, numbers, and some special characters (! @ # $ % ^ & { } _ + - = , . ~ ')
   Cookie	Choose from Contains, Not contain, Equals to, Not equals to, Starts with, Not start with, Ends with, Not end with	- Required - 1 to 32 characters - Allows uppercase and lowercase letters, numbers, and some special characters (- _)	- Required - 1 to 255 characters - Allows uppercase and lowercase letters, numbers, and some special characters (- / + = _ . \)

   Rule actions

   Action Method	settings
   Forward	Target group - HTTP: HTTP, PROXY - HTTPS: HTTP
   Redirect to URL	Protocol - HTTP: HTTP, HTTPS - HTTPS: HTTPS URL: Maximum 247 characters Response Code - 301 - Moved Permanently - 302 - Found (Default) - 303 - See Other - 307 - Temporary Redirect
   Redirect prefix	Protocol - HTTP: HTTP, PROXY - HTTPS: HTTPS URL: Maximum 247 characters Response Code - 301 - Moved Permanently - 302 - Found (Default) - 303 - See Other - 307 - Temporary Redirect

6. In Set condition, enter the condition type, key, value, and comparison method. If needed, click [Add Condition] to add more conditions, or click the delete icon next to the condition to remove it.

7. In Set actions, select the action and enter the settings for each action, then click the [Add] button.

Manage ALB rules

View rules

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the load balancer list.

3. In the detailed view, select the Listener tab.

4. Select a listener.

   Category	Description
   Rule order	The order in which rules are applied; smaller numbers are applied first
   Condition	Operates with AND if different types, or OR if the same type; applies if the final condition is TRUE
   Action	Actions taken when the rule is applied

Set rule order

You can change the order of rules except for the automatically created last rule.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Click the load balancer from the load balancer list.

3. In the detailed view, select the Listener tab.

4. Select a listener to change the rule order.

5. In the listener detailed view, click the [Set rule order] button.

6. In the window, change the order and click the [Save] button.

Modify rule

You can change settings for rules except for the automatically created last rule.

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the load balancer list.

3. In the detailed view, select the Listener tab.

4. Select a listener to to edit.

5. Click the [Edit] icon.

6. In the pop-up window, modify the information and click [OK].

Delete rule

1. Go to Beyond Networking Service > Load Balancing > Load Balancer in the KakaoCloud Console.

2. Select a load balancer from the load balancer list.

3. In the detailed view, select the Listener tab.

4. Select a listener to delete a rule.

5. In the listener detailed view, click the [Delete] icon.

6. In the pop-up window, click [Delete].