Edge Acceleration
  • Site Acceleration
    • Overview
    • Access Control
      • Token Authentication
    • File Optimization
      • Smart Compression
    • Network Optimization
      • HTTP/2
      • HTTP/3(QUIC)
        • Overview
        • Enable HTTP/3
        • QUIC SDK
          • SDK Overview
          • SDK Download and Integration
          • Sample Code
            • Android
            • iOS
          • API Documentation
            • Android
            • iOS
      • IPv6 Access
      • Maximum Upload Size
      • WebSocket
      • Client IP Geolocation Header
      • Client IP Geographical Location
      • gRPC
    • URL Rewrite
      • Access URL Redirection
      • Origin-Pull URL Rewrite
    • Modifying Header
      • Modifying HTTP Response Headers
      • Modifying HTTP Request Headers
    • Custom Error Page
    • Request and Response Actions
      • Processing order
      • Default HTTP Headers of Origin-Pull Requests
      • Default HTTP Response Headers
    • Media Services
      • Audio and Video Pre-pulling
      • Just-in-Time Image Processing
      • Just-in-Time Media Processing
      • VOD Media Origin
  • Smart Acceleration
  • L4 Proxy
    • Creating an L4 Proxy Instance
    • Overview
    • Modifying an L4 Proxy Instance
    • Disabling or Deleting an L4 Proxy Instance
    • Batch Configuring Forwarding Rules
    • Obtaining Real Client IPs
      • Obtaining Real TCP Client IPs via TOA
      • Obtaining Real Client IPs Through Protocol V1/V2
        • Overview
        • Method 1: Obtaining Real Client IPs Through Nginx
        • Method 2: Parsing Real Client IPs on Application Server
        • Format of Real Client IPs Obtained Through Proxy Protocol V1/V2
      • Transmitting Client Real IP via SPP Protocol
  • Edge DNS
    • Hosting DNS Records
      • Modifying DNS Servers
      • Configuring DNS Records
      • Advanced DNS Configuration
    • Domain Connection
      • Adding A Domain Name for Acceleration
      • Ownership Verification
      • Modifying CNAME Records
    • Domain alias
      • Overview
      • Configuration Guide
      • Batch Connecting SaaS Domain Names
      • Configuring Alias Domain Names for Disaster Recovery
    • Traffic Scheduling
      • Traffic Scheduling Management
    • Origin Configuration
      • Load Balancing
        • Overview
        • Quickly Create Load Balancers
        • Health Check Policies
        • Viewing the Health Status of Origin Server
        • Related References
          • Load Balancing-Related Concepts
          • Introduction to Request Retry Strategy
      • Origin Group Configuration
      • Origin-pull configuration
        • Configuring Origin-Pull HTTPS
        • Host Header Rewrite
        • Controlling Origin-pull Requests
        • Redirect Following During Origin-Pull
        • HTTP/2 Origin-Pull
        • Range GETs
      • Related References
        • ld Version Origin Group Compatible Related Issues
      • Collect EdgeOne origin-pull node IP
  • Edge Cache
    • Overview
    • EdgeOne Cache Rules
      • Content Cache Rules
      • Cache Key Introduction
      • Vary Feature
    • Cache Configuration
      • Custom Cache Key
      • Node Cache TTL
      • Status Code Cache TTL
      • Browser Cache TTL
      • Offline Caching
      • Cache Prefresh
    • Clear and Preheat Cach
      • Cache Purge
      • URL Pre-Warming
    • How to improve the Cache Hit Rate of EdgeOne
  • Rules Engine
    • Overview
    • Supported Matching Types and Actions
    • Rule Management
    • variables

Creating an L4 Proxy Instance

Use Cases

This document describes how to create and configure an L4 proxy instance.
Note:
The L4 proxy is only available with the Enterprise Edition package.

Directions

1. Log in to the Tencent Cloud EdgeOne console, enter Service Overview in the left menu bar, and click the site to be configured under Website Security Acceleration.
2. On the site details page, click L4 proxy.
3. On the page that appears, click Create L4 proxy instance.



4. Specify parameters on the Service Configurations page. By default, the service region is the accelerated region of the current site. The table below lists the parameters:



Item
Description
Instance name
1–50 characters ([a-z], [0-9] and [-]). It must start and end with a digit or letter. Consecutive hyphens (-) are not allowed. After creation, modifications are not allowed.
Security Configuration
Default protection: Enabled by default, for details, please refer to DDoS Protection Overview.
Exclusive DDoS Protection: For details, please refer to the usage of Exclusive DDoS Protection.
IPv6 access
If you enable this feature, EdgeOne nodes can be accessed over the IPv6 protocol.
Chinese MLC-border acceleration
When enabled, it will optimize the access performance for Chinese mainland users. For details, please refer to Cross-Regional Secure Acceleration (Overseas Sites).
Note:
The Chinese mainland availability zones and global availability zones do not support default protection, but only support exclusive DDoS protection; the global availability zones (excluding the Chinese mainland) support both default protection and exclusive DDoS protection.
5. View subscription fees, check and agree to the EdgeOne Service Level Agreement and Refund Policy below, and click Subscribe. For billing description, please refer to the Billing overview.
6. Specify the forwarding rules. On the L4 proxy page, select the newly created L4 proxy instance, click Configuration, enter the instance details page to configure forwarding rules. You can also import multiple forwarding rules at a time. For more information, see Batch Configuring Forwarding Rules. The table below lists the fields of a forwarding rule:



Note:
1. If you specify Origin group for Origin type, you can specify only self-owned origins. In this case, a COS bucket is not supported as the origin.
2. You can specify at most 2,000 forwarding rules for each L4 proxy instance.
Item
Description
Rule ID
Auto-generated, not supported for modification, unique identifier of the rule.
Forwarding protocol
Forwarding protocol of L4 proxy. Valid values: TCP and UDP.
Forwarding port
The supported port number ranges from 1 to 64999. You can enter multiple ports separated with semicolons (;) or use a hyphen to enter a port range.
The following ports are reserved for internal use, please do not use them:
For TCP forwarding protocol: 3943, 3944, 6088, 36000, 56000.
For UDP forwarding protocol: 4789, 4790, 6080, 61708.
Origin type and Origin address
Single origin: If you specify Single origin for Origin type, you can enter the IP address or domain name of a single origin.
Origin group: If you specify Origin group for Origin type, you can select an origin from an existing origin group, or create an origin group.
Origin port
You can enter a single port or a port range. If it is a port range, the forwarding port must also be a port range, and the length of the origin port and forwarding port ranges must be consistent.
For example: If the forwarding port range is 80-90, the origin port range can be 80-90 or 90-100.
Session persistence
As long as an origin server IP remains unchanged, traffic from the same client IP will always be forwarded to the same origin server IP.
Pass client IP
TOA: Pass client IPs via TCP Option (type 200), which only supports TCP protocols.For more information, see Obtaining Real TCP Client IPs via TOA.
Proxy Protocol V1 (recommended): Pass client IPs as plaintext by using the TCP header, which only supports TCP protocols. For more information, see Obtaining Real Client IPs Through Protocol V1/V2.
Proxy Protocol V2: Pass client IPs by using the header. V2 uses the binary format and supports both TCP and UDP protocols. The first packet of each TCP connection carries a PPv2 header, while only the first data packet carries the header for UDP.For more information, see Passing Real Client IP Through SPP.
Not passed: Real client IPs will not be transferred.
Rule Tag
Optional, you can enter 1-50 any characters to identify the forwarding rule.
7. Click Save to complete the configuration of the L4 proxy rules.