Creates a TCP or UDP listener, or a listener that uses SSL over TCP for a Network Load Balancer (NLB) instance.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateListener

The operation that you want to perform. Set the value to CreateListener.

ListenerProtocol String Yes TCP

The listener protocol. Valid values: TCP, UDP, and TCPSSL.

ListenerPort Integer Yes 80

The listener port. Valid values: 0 to 65535.

If you set the value to 0, the listener listens by port range. If you set the value to 0, you must specify StartPort and EndPort.

ListenerDescription String No tcp_80

The name of the listener.

The name must be 2 to 256 characters in length, and can contain letters, digits, commas (,), periods (.), semicolons (;), forward slashes (/), at signs (@), underscores (_), and hyphens (-).

LoadBalancerId String Yes nlb-83ckzc8d4xlp8o****

The NLB instance ID.

ServerGroupId String Yes sgp-ppdpc14gdm3x4o****

The server group ID.

IdleTimeout Integer No 900

The timeout period of idle connections. Unit: seconds.

Valid values: 1 to 900. Default value: 900.

SecurityPolicyId String No tls_cipher_policy_1_0

The security policy ID. System security policies and custom security policies are supported.

  • Valid values for system security policies: tls_cipher_policy_1_0 (default), tls_cipher_policy_1_1, tls_cipher_policy_1_2, tls_cipher_policy_1_2_strict, and tls_cipher_policy_1_2_strict_with_1_3.
  • Custom security policy: the ID of the custom security policy.
Note This parameter takes effect only for listeners that use SSL over TCP.
CertificateIds.N String No 12315790212_166f8204689_1714763408_70998****

The server certificates. This parameter takes effect only for listeners that use SSL over TCP.

Note You can specify only one server certificate.
CaCertificateIds.N String No 139a00604ad-cn-east-hangzh****

The certificate authority (CA) certificates. This parameter takes effect only for listeners that use SSL over TCP.

Note You can specify only one CA certificate.
CaEnabled Boolean No false

Specifies whether to enable mutual authentication. Valid values:

  • true
  • false (default)
DryRun Boolean No false

Specifies whether to perform only a dry run, without performing the actual request. Valid values:

  • true: performs only a dry run. The system checks the request for potential issues, including missing parameter values, incorrect request syntax, and service limits. If the request fails the dry run, an error message is returned. If the request passes the dry run, the DryRunOperation error code is returned.
  • false (default): performs a dry run and performs the actual request. If the request passes the dry run, a 2xx HTTP status code is returned and the operation is performed.
ClientToken String No 123e4567-e89b-12d3-a456-426655440000

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters.

Note If you do not specify this parameter, the system automatically uses the request ID as the client token. The request ID may be different for each request.
RegionId String No cn-hangzhou

The region ID of the NLB instance.

You can call the DescribeRegions operation to query the most recent region list.

ProxyProtocolEnabled Boolean No false

Specifies whether to use Proxy Protocol to pass client IP addresses to backend servers. Valid values:

  • true
  • false (default)
SecSensorEnabled Boolean No false

Specifies whether to enable fine-grained monitoring. Valid values:

  • true
  • false (default)
AlpnEnabled Boolean No false

Specifies whether to enable Application-Layer Protocol Negotiation (ALPN). Valid values:

  • true
  • false (default)
AlpnPolicy String No HTTP1Only

The ALPN policy. Valid values:

  • HTTP1Only: uses only HTTP 1.x. The priority of HTTP 1.1 is higher than the priority of HTTP 1.0.
  • HTTP2Only: uses only HTTP 2.0.
  • HTTP2Optional: preferentially uses HTTP 1.x over HTTP 2.0. The priority of HTTP 1.1 is higher than the priority of HTTP 1.0, and the priority of HTTP 1.0 is higher than the priority of HTTP 2.0.
  • HTTP2Preferred: preferentially uses HTTP 2.0 over HTTP 1.x. The priority of HTTP 2.0 is higher than the priority of HTTP 1.1, and the priority of HTTP 1.1 is higher than the priority of HTTP 1.0.
Note If you set AlpnEnabled to true, you must specify this parameter.
StartPort Integer No 244

The first port in the listener port range. Valid values: 0 to 65535.

Note You must specify this parameter if you set ListenerPort to 0.
EndPort Integer No 566

The last port in the listener port range. Valid values: 0 to 65535.

The number of the last port must be greater than the number of the first port.

Note You must specify this parameter if you set ListenerPort to 0.
Cps Integer No 100

The maximum number of connections that can be created per second on the NLB instance. Valid values: 0 to 1000000. 0 specifies that the number of connections per second is unlimited.

Mss Integer No 43

The maximum size of a TCP segment. Unit: bytes. Valid values: 0 to 1500.

0 specifies that the maximum segment size remains unchanged.

Note This parameter is supported only by TCP listeners and listeners that use SSL over TCP.

Response parameters

Parameter Type Example Description
RequestId String CEF72CEB-54B6-4AE8-B225-F876FF7BA984

The request ID.

ListenerId String lsn-bp1bpn0kn908w4nbw****

The listener ID.

JobId String 72dcd26b-f12d-4c27-b3af-18f6aed5****

The ID of the asynchronous task.

Examples

Sample requests

http(s)://[Endpoint]/?Action=CreateListener
&ListenerProtocol=TCP
&ListenerPort=80
&ListenerDescription=tcp_80
&LoadBalancerId=nlb-83ckzc8d4xlp8o****
&ServerGroupId=sgp-ppdpc14gdm3x4o****
&IdleTimeout=900
&SecurityPolicyId=tls_cipher_policy_1_0
&CertificateIds=["12315790212_166f8204689_1714763408_70998****"]
&CaCertificateIds=["139a00604ad-cn-east-hangzh****"]
&CaEnabled=false
&DryRun=false
&ClientToken=123e4567-e89b-12d3-a456-426655440000
&RegionId=cn-hangzhou
&ProxyProtocolEnabled=false
&SecSensorEnabled=false
&AlpnEnabled=false
&AlpnPolicy=HTTP1Only
&StartPort=244
&EndPort=566
&Cps=100
&Mss=43
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<CreateListenerResponse>
    <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
    <ListenerId>lsn-bp1bpn0kn908w4nbw****</ListenerId>
    <JobId>72dcd26b-f12d-4c27-b3af-18f6aed5****</JobId>
</CreateListenerResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "CEF72CEB-54B6-4AE8-B225-F876FF7BA984",
  "ListenerId" : "lsn-bp1bpn0kn908w4nbw****",
  "JobId" : "72dcd26b-f12d-4c27-b3af-18f6aed5****"
}

Error codes

For a list of error codes, visit the API Error Center.