Skip to main content

Add and managing listeners

The following explains how to add a Listener to a Network load balancer (NLB), view the list, modify information, and manage listeners.

Add listener

Add TCP/UDP listener

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer from the load balancer list.

  3. In the detail screen, click on the Listener tab, then click the [Add listener] button.

  4. In the popup, choose either TCP or UDP protocol and modify the port if necessary.

  5. Select the Default forwarding target and click the [Add] button to set the target group.

Add TLS listener

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer from the load balancer list.

  3. In the detail screen, click on the Listener tab, then click the [Add listener] button.

  4. In the popup, select the TLS protocol and modify the port if necessary.

  5. Choose the Default forwarding target and Minimum TLS version.

  6. Select the Default SSL certificate and click the [Add] button.

Supported Cipher Suites by minimum TLS version of security policy
Min TLS versionTLSv1.0TLSv1.1TLSv1.2
TLS protocol
TLSv1.0v
TLSv1.1vv
TLSv1.2vvv
Cipher Suite
ECDHE-RSA-AES128-GCM-SHA256v
ECDHE_RSA_AES128_CBC_SHA(ECDHE-RSA-AES128-SHA)vvv
ECDHE-RSA-AES128-SHA256v
ECDHE-RSA-AES256-GCM-SHA384v
ECDHE_RSA_AES256_CBC_SHA(ECDHE-RSA-AES256-SHA)vvv
ECDHE-RSA-AES256-SHA384v
AES128-GCM-SHA256v
AES128-SHAvvv
AES128-SHA256v
AES256-GCM-SHA384v
AES256-SHAvvv
AES256-SHA256v
CAMELLIA128-SHAvvv
CAMELLIA256-SHAvvv
DHE-RSA-AES128-GCM-SHA256v
DHE-RSA-AES128-SHAvvv
DHE-RSA-AES128-SHA256v
DHE-RSA-AES256-GCM-SHA384v
DHE-RSA-AES256-SHAvvv
DHE-RSA-AES256-SHA256v
DHE-RSA-CAMELLIA128-SHAvvv
DHE-RSA-CAMELLIA256-SHAvvv
ECDHE_ECDSA_AES128_SHAvvv
info

After adding a Listener, you can connect a target group in Configure listener. If the default target is set to 'None', errors will occur when accessing the service externally. For smooth service operation, please connect a target group.

View listeners

You can modify or delete existing Listeners or add new ones from the load balancer detail screen.

View listener list

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer from the load balancer list.

  3. In the detail screen, click on the Listener tab to view the list of listeners connected to the load balancer.

    CategoryDescription
    Protocol:PortProtocol and port of the Listener
    IDID assigned at creation
    Provisioning statusInformation on whether the Listener was created successfully or if it is being modified or deleted
    Operating statusInformation on whether the created Listener is in a usable state
    Min TLS versionSecurity policy used for TLS communication between the client and load balancer
    Default SSL certificateCertificate used for TLS communication between the client and load balancer
    Default actionDefault action for handling traffic received by the Listener, fixed to Forward
    - If a target group is connected, the Target group name is displayed
    [More] iconProvides Listener settings and deletion options

View listener details

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer with the Listener details you want to view from the load balancer list.

  3. In the load balancer detail screen, click on the Listener tab, then click the [Expand] icon.

    Image Listener Details

    CategoryItemDescription
    AttributesIdle timeoutConnection idle timeout setting
    Max Connection SettingDisplays the set maximum value when enabled
    SSL certificate (TLS listener only)DefaultIndicates if it is the default certificate
    Certificate IDID assigned when the certificate was added
    DomainCertificate domain
    Registered atCertificate registration date
    Expired atCertificate expiration date
    Disconnection IconClick to display the disconnection popup

Manage listeners

Modify target group

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Click on the load balancer containing the Listener to modify.

  3. Click on the Listener tab, then click the [More] icon and Configure listener.

  4. In the popup, select a target group and click [Save].

Set maximum connections

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer in the Load Balancer menu.

  3. Click on the Listener tab, then click the [Expand] icon.

  4. Click the [Configure max connections] button.

  5. Click [Save] to apply the settings.

Set idle timeout

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer in the Load Balancer menu.

  3. Click on the Listener tab, then click the [Expand] icon.

  4. In the listener detailed view, click the [Configure attributes] button.

  5. In the popup, modify the Idle timeout field.

    • Idle timeout: Enter a value between 1 and 4000 (default is 50 seconds).

  6. Click the [Save] button.

Set minimum TLS version (TLS listener only)

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer in the Load Balancer menu.

  3. Click the Listener tab, then click the [More] icon and Configure listener.

  4. From the Minimum TLS Version list, select the version and click [Save].

Change default certificate from All certificates (TLS listener only)

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer in the Load Balancer menu.

  3. Click the Listener tab, then click the [More] icon > Configure listener.

  4. From the list of default SSL certificates, select the certificate to change and click [Save].

caution

If there are no connected certificates that can be set as the default certificate, or if all connected certificates are in a deleted state, you cannot change the default certificate. Refer to Connect additional certificate to connect a new certificate and then replace the default certificate.

Connect additional certificate (TLS listener only)

You can connect up to 5 additional certificates excluding the default certificate.

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer in the Load Balancer menu.

  3. Click the Listener tab, then select a listener to add the certificate to.

  4. In the listener detailed view, click the [Associate certificate] button.

  5. In the popup, select the additional SSL certificate to connect.

  6. Click the [Associate] button.

Set default certificate from associated certificates (TLS listener only)

You can select the default certificate from the certificate connected when the Listener was created and the additionally connected certificates.

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. In the Load Balancer list, select a load balancer.

  3. Click on the Listener tab, then click the [Expand] icon.

  4. In the listener detailed view, click the [Set default certificate] button.

  5. In the popup, check the list of connected certificates and select the certificate to set as default.

  6. Click the [Save] button.

caution

If there are no connected certificates that can be set as the default certificate, or if all connected certificates are in a deleted state, you cannot change the default certificate. Refer to Connect additional certificate to connect a new certificate and then replace the default certificate.

Disconnect certificate (TLS listener only)

You can disconnect certificates other than the default certificate.

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. In the Load Balancer list, select a load balancer.

  3. Click the Listener tab, then select a listener to disconnect the certificate from.

  4. In the listener detailed view, check the list of connected certificates and select the certificate to disconnect.

  5. Click the [Detach] button.

  6. In the popup, check the certificate to be disconnected and click the [Detach] button.

caution

If a deleted certificate is connected, check all deleted certificates (except the default certificate) and try to disconnect them at the same time.

Delete certificate (TLS listener only)

You can delete unused or expired certificates.

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. In the Load Balancer list, select a load balancer.

  3. Click the Listener tab, then select a listener to delete the certificate from.

  4. In the listener detailed view, click the [Manage all certificates] button.

  5. Check the list of registered certificates and click the delete icon to the right of the certificate to delete.

  6. In the popup, enter the delete confirmation text and click the [Delete] button.

caution

If you delete a certificate set as the default certificate in the Listener, communication for that Listener may not be processed properly. Before deleting the certificate, refer to Set default certificate from associated certificates and replace the certificate.

Delete listener

  1. Go to KakaoCloud Console > Beyond Networking Service > Load Balancing > Load Balancer.

  2. Select a load balancer from the list.

  3. In the details view, click the Listener tab.

  4. Click the [More] icon and Delete listener.

  5. In the popup, review the listener details and click [Delete].