tencent cloud

Tencent Cloud EdgeOne

Release Notes and Announcements
Release Notes
Security Announcement
Announcements
Product Introduction
Overview
Strengths
Use Cases
Comparison Between EdgeOne and CDN Products
Use Limits
Purchase Guide
Description of Trial Plan Experience Benefits
Free Plan Guide
Billing Overview
Billing Items
Subscriptions
Renewals
Instructions for overdue and refunds
Comparison of EdgeOne Plans
About "clean traffic" billing instructions
DDoS Protection Capacity Description
Getting Started
Choose business scenario
Quick access to website security acceleration
Quick deploying a website with Pages
Domain Service&Origin Configuration
Domain Service
HTTPS Certificate
Origin Configuration
Site Acceleration
Overview
Access Control
Smart Acceleration
Cache Configuration
File Optimization
Network Optimization
URL Rewrite
Modifying Header
Modify the response content
Rule Engine
Image&Video Processing
Speed limit for single connection download
DDoS & Web Protection
Overview
DDoS Protection
Web Protection
Bot Management
API Discovery(Beta)
Edge Functions
Overview
Getting Started
Operation Guide
Runtime APIs
Sample Functions
Best Practices
Pages
L4 Proxy
Overview
Creating an L4 Proxy Instance
Modifying an L4 Proxy Instance
Disabling or Deleting an L4 Proxy Instance
Batch Configuring Forwarding Rules
Obtaining Real Client IPs
Data Analysis&Log Service
Log Service
Data Analysis
Alarm Service
Site and Billing Management
Billing Management
Site Management
Version Management
General Policy
General Reference
Configuration Syntax
Request and Response Actions
Country/region and Corresponding Codes
Terraform
Overview
Installing and Configuring Terraform
Practical Tutorial
EdgeOne Skill User Guide
Automatic Warm-up/Cache Purge
Resource Abuse/hotlinking Protection Practical
HTTPS Related Practices
Acceleration Optimization
Scheduling Traffic
Data Analysis and Alerting
Log Platform Integration Practices
Configuring Origin Servers for Cloud Object Storage (Such As COS)
CORS Response Configuration
API Documentation
History
Introduction
API Category
Making API Requests
Site APIs
Acceleration Domain Management APIs
Site Acceleration Configuration APIs
Edge Function APIs
Alias Domain APIs
Security Configuration APIs
Layer 4 Application Proxy APIs
Content Management APIs
Data Analysis APIs
Log Service APIs
Billing APIs
Certificate APIs
Origin Protection APIs
Load Balancing APIs
Diagnostic Tool APIs
Custom Response Page APIs
API Security APIs
DNS Record APIs
Content Identifier APIs
Legacy APIs
Ownership APIs
Image and Video Processing APIs
Multi-Channel Security Gateway APIs
Version Management APIs
Data Types
Error Codes
FAQs
Product Features FAQs
DNS Record FAQs
Domain Configuration FAQs
Site Acceleration FAQs
Data and Log FAQs
Security Protection-related Queries
Origin Configuration FAQs
Troubleshooting
Reference for Abnormal Status Codes
Troubleshooting Guide for EdgeOne 4XX/5XX Status Codes
520/524 Status Code Troubleshooting Guide
521/522 Status Code Troubleshooting Guide
Tool Guide
Agreements
Service Level Agreement
Origin Protection Enablement Conditions of Use
TEO Policy
Privacy Policy
Data Processing And Security Agreement
Contact Us
Glossary
DocumentationTencent Cloud EdgeOneL4 ProxyCreating an L4 Proxy Instance

Creating an L4 Proxy Instance

PDF
Focus Mode
Font Size
Last updated: 2026-01-20 14:39:13

Use Cases

This document describes how to create and configure an L4 proxy instance.
Note:
The L4 proxy is only available with the Enterprise Edition package.

Directions

1. Log in to the Tencent Cloud EdgeOne console, enter Service Overview in the left menu bar, and click the site to be configured under Website Security Acceleration.
2. On the site details page, click L4 proxy > L4 proxy list.
3. On the page that appears, click Create L4 proxy instance.
4. Specify parameters on the Service Configurations page. The table below lists the parameters:
Item
Description
Instance name
1–50 characters ([a-z], [0-9] and [-]). It must start and end with a digit or letter. Consecutive hyphens (-) are not allowed. After creation, modifications are not allowed.
IPv6 access
If you enable this feature, EdgeOne nodes can be accessed over the IPv6 protocol.
Chinese MLC-border acceleration
When enabled, it will optimize the access performance for Chinese mainland users. For details, please refer to Cross-Regional Secure Acceleration (Overseas Sites).
DDoS protection configuration
Select DDoS protection level. See details: DDoS protection capacity description
Note:
Once created, the DDoS protection level for a layer-4 proxy instance cannot be modified, so please proceed with caution.
For mainland China region and global region, only Advanced or Ultimate protection is available.
For global region (excluding mainland China), Standard and Advanced protection levels are supported.
5. Click Create button. Confirm the cost details in the popup, then click I have read the cost statement and confirm creating the layer-4 proxy instance. For billing description, please refer to the Billing overview.
6. Specify the forwarding rules. On the L4 proxy page, select the newly created L4 proxy instance, click Configuration, enter the instance details page to configure forwarding rules. You can also import multiple forwarding rules at a time. For more information, see Batch Configuring Forwarding Rules. The table below lists the fields of a forwarding rule:



Note:
1. If you specify Origin group for Origin type, you can specify only self-owned origins. In this case, a COS bucket is not supported as the origin.
2. You can specify at most 2,000 forwarding rules for each L4 proxy instance.
Item
Description
Rule ID
Auto-generated, not supported for modification, unique identifier of the rule.
Forwarding protocol
Forwarding protocol of L4 proxy. Valid values: TCP and UDP.
Forwarding port
The supported port number ranges from 1 to 64999. You can enter multiple ports separated with semicolons (;) or use a hyphen to enter a port range.
The following ports are reserved for internal use, please do not use them:
For TCP forwarding protocol: 3943, 3944, 6088, 36000, 56000.
For UDP forwarding protocol: 4789, 4790, 6080, 61708.
Origin type and Origin address
Single origin: If you specify Single origin for Origin type, you can enter the IP address or domain name of a single origin.
Origin group: If you specify Origin group for Origin type, you can select an origin from an existing origin group, or create an origin group.
Origin port
You can enter a single port or a port range. If it is a port range, the forwarding port must also be a port range, and the length of the origin port and forwarding port ranges must be consistent.
For example: If the forwarding port range is 80-90, the origin port range can be 80-90 or 90-100.
Session persistence
As long as an origin server IP remains unchanged, traffic from the same client IP will always be forwarded to the same origin server IP.
Pass client IP
TOA: Pass client IPs via TCP Option (type 200), which only supports TCP protocols.For more information, see Obtaining Real TCP Client IPs via TOA.
Proxy Protocol V1 (recommended): Pass client IPs as plaintext by using the TCP header, which only supports TCP protocols. For more information, see Obtaining Real Client IPs Through Protocol V1/V2.
Proxy Protocol V2: Pass client IPs by using the header. V2 uses the binary format and supports both TCP and UDP protocols. The first packet of each TCP connection carries a PPv2 header, while only the first data packet carries the header for UDP.For more information, see Passing Real Client IP Through SPP.
Not passed: Real client IPs will not be transferred.
Rule Tag
Optional, you can enter 1-50 any characters to identify the forwarding rule.
7. Click Save to complete the configuration of the L4 proxy rules.
Previous Topic: OverviewNext Topic: Modifying an L4 Proxy Instance

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback