Add and Manage Listeners

You can add listeners to a Network Load Balancer (NLB), view the list of listeners, modify their information, and manage them. Below are the steps to do so.

Add Listener

Add TCP/UDP listener

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer to which you want to add a listener from the Load Balancer list.

3. Click the Listener tab in the detailed view, then click the [Add Listener] button.

4. In the Add Listener popup, select either the TCP or UDP protocol and modify the port if necessary.

5. After selecting the Default forwarding target, click the [Add] button to configure the target group.

Add TLS listener

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer to which you want to add a listener from the Load Balancer list.

3. Click the Listener tab in the detailed view, then click the [Add Listener] button.

4. In the Add Listener popup, select the TLS protocol and modify the port if necessary.

5. Select the Default forwarding target and Minimum TLS version.

6. Select the Default SSL certificate. If an existing certificate is registered, select it; if not, click the dropdown button and click the [Add New Certificate] button to navigate to the Certificate Manager to register a new certificate.

Supported Cipher Suites by minimum TLS version security policy

Minimum TLS Version Security Policy	TLSv1.0	TLSv1.1	TLSv1.2
TLS Protocol
TLSv1.0	v
TLSv1.1	v	v
TLSv1.2	v	v	v
Cipher Suite
ECDHE-RSA-AES128-GCM-SHA256			v
ECDHE_RSA_AES128_CBC_SHA(ECDHE-RSA-AES128-SHA)	v	v	v
ECDHE-RSA-AES128-SHA256			v
ECDHE-RSA-AES256-GCM-SHA384			v
ECDHE_RSA_AES256_CBC_SHA(ECDHE-RSA-AES256-SHA)	v	v	v
ECDHE-RSA-AES256-SHA384			v
AES128-GCM-SHA256			v
AES128-SHA	v	v	v
AES128-SHA256			v
AES256-GCM-SHA384			v
AES256-SHA	v	v	v
AES256-SHA256			v
CAMELLIA128-SHA	v	v	v
CAMELLIA256-SHA	v	v	v
DHE-RSA-AES128-GCM-SHA256			v
DHE-RSA-AES128-SHA	v	v	v
DHE-RSA-AES128-SHA256			v
DHE-RSA-AES256-GCM-SHA384			v
DHE-RSA-AES256-SHA	v	v	v
DHE-RSA-AES256-SHA256			v
DHE-RSA-CAMELLIA128-SHA	v	v	v
DHE-RSA-CAMELLIA256-SHA	v	v	v
ECDHE_ECDSA_AES128_SHA	v	v	v

info

After adding the listener, you can connect the target group under Listener Settings. If the Default forwarding target is set to 'None', an error will occur when trying to access the service externally. Please ensure to connect the target group for smooth service operation.

View listeners

In the load balancer detailed view, you can modify or delete existing listeners, or add new listeners.

View listener list

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer whose listener list you want to view from the Load Balancer list.

3. Click the Listener tab in the detailed view to see the list of listeners connected to the load balancer.

   Field	Description
   Protocol:Port	Protocol and port of the listener
   ID	ID assigned during creation
   Provisioning Status	Information on whether the listener has been created successfully or is being modified/deleted
   Operational Status	Information on whether the listener is in an available state
   Minimum TLS Version	Security policy used for TLS communication between the client and the load balancer
   Default SSL Certificate	Certificate used for TLS communication between the client and the load balancer
   Default Action	Default action for handling traffic received by the listener, typically Forward - Displays the target group name if a target group is connected
   [More] Icon	Provides options for listener settings and deletion

View listener details

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer whose listener details you want to view from the Load Balancer list.

3. In the load balancer detailed view, click the Listener tab, then select the listener for which you want to view details.

   Listener Details

   Field	Item	Description
   Attributes	Idle Timeout	Connection idle timeout setting
   	Maximum Connections	Displays the maximum value if set
   SSL Certificate (TLS listeners only)	Default	Whether it is the default certificate
   	Certificate ID	ID assigned when the certificate was added
   	Domain	Certificate domain
   	Registration Date	Date the certificate was registered
   	Expiration Date	Expiration date of the certificate
   	Disconnect Icon	Displays a popup for disconnecting the certificate when clicked

Manage listeners

Modify target group

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer containing the listener you want to modify from the Load Balancer list.

3. Click the Listener tab, then click the [More] icon for the listener whose default forwarding target you want to change.

4. From the [More] menu, click Listener Settings.

5. In the Listener Settings popup, select the new target group from the Default forwarding target list, then click [Save].

Set maximum connections

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer containing the listener you want to modify from the Load Balancer list.

3. Click the Listener tab, then select the listener for which you want to change the maximum connection setting.

4. In the listener detailed view, click the [Set Maximum Connections] button at the top of the properties section.

5. In the Set Maximum Connections popup, adjust the settings.

   • To set a limit: Enable the Maximum Connections option and enter the maximum value (from 1 to 2,147,483,647).
   • To remove the limit: Disable the Maximum Connections option.

   Set Maximum Connections for Listener

6. Click [Apply].

Set idle timeout

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer containing the listener you want to modify from the Load Balancer list.

3. Click the Listener tab, then select the listener for which you want to modify the idle timeout.

4. In the listener detailed view, click the [Set Properties] button at the top of the properties section.

5. In the Listener Properties popup, modify the Idle Timeout setting (1 to 4000 seconds, default is 50 seconds).

6. Click [Save].

Set minimum TLS version (TLS listeners only)

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer containing the listener you want to modify from the Load Balancer list.

3. Click the Listener tab, then click the [More] icon for the listener whose minimum TLS version you want to change.

4. From the [More] menu, click Listener Settings.

5. From the Minimum TLS Version list, select the desired version, then click [Save].

Change Default Certificate from All Certificates (TLS listeners only)

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer containing the listener you want to modify from the Load Balancer list.

3. In the load balancer detailed view, click the Listener tab, then click the [More] icon for the listener whose certificate you want to change.

4. From the [More] menu, click Listener Settings.

5. In the Listener Settings modal, select the certificate from the Default SSL Certificate list, then click [Confirm].

caution

You cannot change the default certificate if no certificate is connected or if all connected certificates have been deleted. Please add a new certificate in the Certificate Manager and retry the action.

Connect Additional Certificates (TLS listeners only)

You can connect up to 5 additional certificates excluding the default certificate.

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer containing the listener you want to modify from the Load Balancer list.

3. In the detailed view, click the Listener tab, then select the listener to which you want to add certificates.

4. Click the [Connect Certificate] button in the listener detailed view.

   Option	Description
   Select existing certificate	Click the dropdown button and select an existing certificate
   Add new certificate	1. Click the dropdown button and click [Add New Certificate]. 2. In the Add Certificate popup, enter the required information and click [Add]. 3. From the SSL certificate list, select the added certificate.

   Connect Certificate to Listener

   Add New Certificate

5. In the Connect Certificate popup, select the SSL certificate you want to connect.

6. Click [Connect].

Disconnect Certificate (TLS listeners only)

You can disconnect certificates other than the default certificate.

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer containing the listener you want to modify from the Load Balancer list.

3. In the detailed view, click the Listener tab, then click the [Expand] button next to the listener in the list at the bottom.

4. If two or more certificates are connected in the [SSL Certificates] list, the [Disconnect] button will appear in the top right corner. You can disconnect certificates other than the default one.

5. Check the checkboxes of the certificates you want to disconnect, then click [Disconnect].

6. In the Disconnect Certificate modal, click [Disconnect].

caution

If any certificates have been deleted, check all certificates (except the default certificate) to disconnect them simultaneously.

Delete listener

1. Go to the KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer menu.

2. Select the load balancer containing the listener you want to delete from the Load Balancer list.

3. Click the Listener tab.

4. Click the [More] icon for the listener you want to delete.

5. From the [More] menu, click Delete Listener.

6. In the Delete Listener popup, enter the confirmation phrase and click [Delete].