IP Group Usage Guide

BLB BLB

  • API Reference
    • Access control
    • API Service Domain Name
    • Appendix
    • Application BLB Interface
      • Application BLB Instance Related Interfaces
      • Application BLB Listener Related Interfaces
      • Application BLB Security Group Related Interfaces
      • Application BLB Server Group Related Interfaces
    • Application IPv6 BLB Interface
      • Application IPv6 BLB Instance Related Interfaces
      • Application IPv6 BLB Listener Related Interfaces
      • Application IPv6 BLB Security Group Related Interfaces
      • Application IPv6 BLB Server Group Related Interfaces
    • BLB Order Related Interfaces
      • BLB - Resize
      • BLB Charge Shift - Cancel Prepay to Postpay
      • BLB Charge Shift - Postpay to Prepay
      • BLB Charge Shift - Prepay to Postpay
      • BLB Inquiry
      • BLB Unsubscribe Interface
    • Document Update Records
    • Error code
    • Interface Specifications
    • Introduction
    • Load Balancer Dedicated Cluster LBDC Interface
      • LBDC Instance Related Interfaces
    • Service Publishing Point Interface
      • Service Publishing Point Related Interfaces
    • Standard BLB Interface
      • Standard BLB Instance Related Interfaces
      • Standard BLB Listener Related Interfaces
      • Standard BLB Real Server Related Interfaces
      • Standard BLB Security Group Related Interfaces
    • Standard IPv6 BLB Interface
      • Standard IPv6 BLB Related Interfaces
  • FAQs
    • Billing Problems
    • Common Questions Overview
    • Configuration-related questions
    • Fault-related questions
    • General Problems
    • Load Balancer Dedicated Cluster Related Issues
    • Performance-related questions
    • Security Problems
  • Function Release Records
  • Operation guide
    • Access control
    • Access Logs
    • Application BLB instance
    • Application IPv6 Instance
    • BLB metric description
    • Certification
    • Custom configuration
    • Extended domain name
    • General-purpose BLB instance
      • Creating BLB Ordinary Instance
      • Managing BLB Ordinary Instance
    • General-purpose IPv6 BLB instance
    • Identity and access management
    • IP Group Usage Guide
    • Load Balance Dedicated Cluster
    • Load Balancer Frontend and Backend Protocol Correspondence
    • Recording Access Logs Using VPC Flow Logs
    • Service Release Point
    • Tag Management
  • Product Description
    • Application scenarios
    • Basic Architecture
    • Basic concepts
    • Performance Specification Description
    • Product advantages
    • Product features
    • Product Introduction
    • Usage restrictions
  • Product pricing
    • Load Balancer Dedicated Cluster Billing
    • Load Balancer Instance Billing
  • Quick Start
  • SDK
    • GO-SDK
      • Application BLB Instance
      • Initialization
      • Install
      • IPv6 BLB Instance
      • Load Balance Dedicated Cluster (LBDC)
      • Ordinary BLB Instance
      • Overview
      • Service Release Point
      • Version Change Records
    • Java-SDK
      • Application BLB instance
      • General-purpose BLB instance
      • Initialization
      • Install the SDK Package
      • IPv6 BLB Instance
      • Load Balance Dedicated Cluster (LBDC)
      • Overview
      • Service Release Point
      • Version Update Description
    • PHP-SDK
      • Initialization
      • Install
      • Ordinary BLB Instance
      • Overview
    • Python-SDK
      • Application BLB Instance
      • Initialization
      • Install
      • IPv6 BLB Instance
      • Load Balance Dedicated Cluster (LBDC)
      • Ordinary BLB Instance
      • Overview
      • Service Release Point
      • Version Update Description
  • Service Level Agreement (SLA)
    • Description of Baidu AI Cloud Load Balancer Trusted Cloud certification service availability
    • LBDC Service Level Agreement SLA
    • BLB Service Level Agreement (V2.0)
  • Typical Practices
    • BLB Selection Guide
    • Health Check Exception Troubleshooting
    • Implementing BLB Association with Listeners, Real Servers, Security Groups, etc. via Terraform
    • Implementing Multi-Site Hosting via Application BLB
    • Load Balancer Security Protection Strategy
    • Managing BLB via Terraform
    • Obtaining Client Information via Application BLB Instance
    • Using IP Group Function to Mount Real Servers Across VPCs in Different Regions
    • Using IP Group Function to Mount Real Servers Across VPCs in the Same Region
All documents
menu
No results found, please re-enter

BLB BLB

  • API Reference
    • Access control
    • API Service Domain Name
    • Appendix
    • Application BLB Interface
      • Application BLB Instance Related Interfaces
      • Application BLB Listener Related Interfaces
      • Application BLB Security Group Related Interfaces
      • Application BLB Server Group Related Interfaces
    • Application IPv6 BLB Interface
      • Application IPv6 BLB Instance Related Interfaces
      • Application IPv6 BLB Listener Related Interfaces
      • Application IPv6 BLB Security Group Related Interfaces
      • Application IPv6 BLB Server Group Related Interfaces
    • BLB Order Related Interfaces
      • BLB - Resize
      • BLB Charge Shift - Cancel Prepay to Postpay
      • BLB Charge Shift - Postpay to Prepay
      • BLB Charge Shift - Prepay to Postpay
      • BLB Inquiry
      • BLB Unsubscribe Interface
    • Document Update Records
    • Error code
    • Interface Specifications
    • Introduction
    • Load Balancer Dedicated Cluster LBDC Interface
      • LBDC Instance Related Interfaces
    • Service Publishing Point Interface
      • Service Publishing Point Related Interfaces
    • Standard BLB Interface
      • Standard BLB Instance Related Interfaces
      • Standard BLB Listener Related Interfaces
      • Standard BLB Real Server Related Interfaces
      • Standard BLB Security Group Related Interfaces
    • Standard IPv6 BLB Interface
      • Standard IPv6 BLB Related Interfaces
  • FAQs
    • Billing Problems
    • Common Questions Overview
    • Configuration-related questions
    • Fault-related questions
    • General Problems
    • Load Balancer Dedicated Cluster Related Issues
    • Performance-related questions
    • Security Problems
  • Function Release Records
  • Operation guide
    • Access control
    • Access Logs
    • Application BLB instance
    • Application IPv6 Instance
    • BLB metric description
    • Certification
    • Custom configuration
    • Extended domain name
    • General-purpose BLB instance
      • Creating BLB Ordinary Instance
      • Managing BLB Ordinary Instance
    • General-purpose IPv6 BLB instance
    • Identity and access management
    • IP Group Usage Guide
    • Load Balance Dedicated Cluster
    • Load Balancer Frontend and Backend Protocol Correspondence
    • Recording Access Logs Using VPC Flow Logs
    • Service Release Point
    • Tag Management
  • Product Description
    • Application scenarios
    • Basic Architecture
    • Basic concepts
    • Performance Specification Description
    • Product advantages
    • Product features
    • Product Introduction
    • Usage restrictions
  • Product pricing
    • Load Balancer Dedicated Cluster Billing
    • Load Balancer Instance Billing
  • Quick Start
  • SDK
    • GO-SDK
      • Application BLB Instance
      • Initialization
      • Install
      • IPv6 BLB Instance
      • Load Balance Dedicated Cluster (LBDC)
      • Ordinary BLB Instance
      • Overview
      • Service Release Point
      • Version Change Records
    • Java-SDK
      • Application BLB instance
      • General-purpose BLB instance
      • Initialization
      • Install the SDK Package
      • IPv6 BLB Instance
      • Load Balance Dedicated Cluster (LBDC)
      • Overview
      • Service Release Point
      • Version Update Description
    • PHP-SDK
      • Initialization
      • Install
      • Ordinary BLB Instance
      • Overview
    • Python-SDK
      • Application BLB Instance
      • Initialization
      • Install
      • IPv6 BLB Instance
      • Load Balance Dedicated Cluster (LBDC)
      • Ordinary BLB Instance
      • Overview
      • Service Release Point
      • Version Update Description
  • Service Level Agreement (SLA)
    • Description of Baidu AI Cloud Load Balancer Trusted Cloud certification service availability
    • LBDC Service Level Agreement SLA
    • BLB Service Level Agreement (V2.0)
  • Typical Practices
    • BLB Selection Guide
    • Health Check Exception Troubleshooting
    • Implementing BLB Association with Listeners, Real Servers, Security Groups, etc. via Terraform
    • Implementing Multi-Site Hosting via Application BLB
    • Load Balancer Security Protection Strategy
    • Managing BLB via Terraform
    • Obtaining Client Information via Application BLB Instance
    • Using IP Group Function to Mount Real Servers Across VPCs in Different Regions
    • Using IP Group Function to Mount Real Servers Across VPCs in the Same Region
  • Document center
  • arrow
  • BLBBLB
  • arrow
  • Operation guide
  • arrow
  • IP Group Usage Guide
Table of contents on this page
  • Create IP group
  • Selection of IP group type
  • Open protocol
  • Add IP
  • Bind IP group to listener
  • Configure route
  • Manage IP group
  • Usage restrictions of cross-VPC scenario access protocols of IP groups
  • Instructions for cascading mounting of load balancers

IP Group Usage Guide

Updated at:2025-10-16

Introduction

An IP Target Group is a type of load balancer server group that uses IP addresses as targets. It is a component of the load balancer service, designed to distribute incoming network traffic to specified target IPs. This allows routing to IP address-based targets such as BCC instances, containers, and IPs within an IDC. It enables you to configure targets using IP addresses while dynamically directing traffic to one of the designated targets.

Advantages

IP groups allow you to customize targets, including those across VPCs and IDCs, offering greater flexibility and supporting a broader range of networking scenarios.

Operation

Create IP group

  • On the Application BLB Instance List page, click the BLB instance name to navigate to the Instance Details page.
  • On the Instance Details page, navigate to the left panel and select Target Group. Then, choose the IP group tab from the top options.
  • Click on Add IP Group.

Selection of IP group type

The current IP group is of the following five types: same region - same VPC, same region - cross VPC, cross region, hybrid cloud, and custom IP. Where, the supported scenarios for each type are as follows:

IP group type Network connection environment Real server
Same region - same VPC VPC Intranet environment · Cloud server within the same VPC environment.
· Pod server in the same VPC environment.
· Elastic network interface in the same VPC environment.
· Service network interface card in the same VPC environment.
· Load balancers in the same VPC environment.
Same region - cross-VPC · Peering connections
· CSN
· VPN
· Cloud server.
· Pod server.
· Elastic network interface.
· Load Balance.
Cross region · Peering connections
· CSN
· VPN
· Cloud server.
· Pod server.
· Elastic network interface.
· Load Balance.
Hybrid cloud · Dedicated Line
· VPN
· Services deployed within user IDC.
· Servers deployed within Baidu IDC.
· Service network interface cards mounted on public servers.
Custom IP Support combining IPs from the four scenarios mentioned earlier within a single group. Support for all the types of real servers mentioned above.

Open protocol

  • In the Open Protocol section, select Add Protocol, and configure health check settings there.
  • Open protocols refer to the access protocol methods supported by the load balancer for frontends. For IP groups, client access will be redirected to the ports specified in the IP entries configured in IP Management.
  • For health check requests, if no specific health check port is set, the request will be redirected to the ports specified in IP Management's IP entries. If a health check port has been configured, requests will instead be sent to the user-defined health check port for all the IPs specified in IP Management.

Add IP

Click Add under IP Management to include the required real server IPs. You can add a single or multiple IPs as needed.

  • When adding multiple IPs, the same port for all chosen IPs will be registered to the IP group simultaneously.
  • If the custom IP type is selected for the IP group, you must specify the type of each IP entry based on their actual conditions.
  • The system reserves the first IP address in a subnet, and IP addresses ending with .0.1 are not supported.

Click Confirm to successfully create the IP group.

Bind IP group to listener

Create a listener in the corresponding load balancer instance and then bind this IP group to the listener. Note: The listener protocol must match the open protocols of the IP group. If not, you can add new open protocols in the IP group.

Configure route

If your configured IP is in a same-region cross-VPC, cross-region, hybrid cloud, or custom IP scenario, you also need to configure corresponding routes based on the network environment. These routes include the route for the load balancer to access real servers and the back-to-source route from real servers.

Configure routes according to the operation documentation of your VPN, CSN, peering connections, or dedicated line products.
Note: When the peering connections are established for same region - cross VPC or cross region cross VPC IP groups, a ticket shall be submitted to configure custom routes.

Manage IP group

You can manage IP groups on the Target Group List page.

  • To add a new open protocol, click "Add Protocol" in the operation bar.
  • To manage existing open protocols or health checks, click the icon in the Protocol/Rule Binding Count bar to delete or modify current protocols.
  • To manage IP entries in an IP group, click "Manage IP Group" in the operation bar to add, edit, or delete IP entries.

Usage restrictions of cross-VPC scenario access protocols of IP groups

Note: When peering connections are established for same-region cross-VPC or cross-region cross-VPC IP groups, you must submit a ticket to configure custom routes.

Currently, cross-VPC access scenarios with IP groups are supported as follows:

IP version Cross region Connection environment Load balancer protocol Supported
The real server is of v4 Same region VPN TCP/UDP Support
HTTP/HTTPS/SSL Not supported
CSN TCP/UDP Support
HTTP/HTTPS/SSL Not supported
Peering connections TCP/UDP Support
HTTP/HTTPS/SSL Not supported
Cross region VPN TCP/UDP Support
HTTP/HTTPS/SSL Support
CSN TCP/UDP Not supported
HTTP/HTTPS/SSL Not supported
Peering connections TCP/UDP Support
HTTP/HTTPS/SSL Support
IDC Dedicated line TCP/UDP Support
HTTP/HTTPS/SSL Support
VPN TCP/UDP Support
HTTP/HTTPS/SSL Support
The real server is of v6 Same region VPN TCP/UDP Support
HTTP/HTTPS/SSL Not supported
CSN TCP/UDP Support
HTTP/HTTPS/SSL Not supported
Peering connections TCP/UDP Support
HTTP/HTTPS/SSL Not supported
Cross region VPN TCP/UDP Not supported
HTTP/HTTPS/SSL Not supported
CSN TCP/UDP Not supported
HTTP/HTTPS/SSL Not supported
Peering connections TCP/UDP Not supported
HTTP/HTTPS/SSL Not supported
IDC Dedicated line TCP/UDP Support
HTTP/HTTPS/SSL Support
VPN TCP/UDP Support
HTTP/HTTPS/SSL Support

Instructions for cascading mounting of load balancers

When the backend mounted IP is actually the frontend IP of the load balancer, it creates a cascaded mounting of the load balancer. Avoid mounting load balancers as the real servers of each other, as this may lead to network loops and disrupt normal business operations.

Previous
Identity and access management
Next
Load Balance Dedicated Cluster