The following table summarizes the valid port configurations, based on the load balancing scheme and the target of the forwarding rule.
| Product | Load balancing scheme | Target | Port requirements |
|---|---|---|---|
| Global external Application Load Balancer Regional external Application Load Balancer | EXTERNAL_MANAGED | Target HTTP proxy Target HTTPS proxy | Can reference exactly one port from 1-65535 |
| Classic Application Load Balancer | EXTERNAL | Target HTTP proxy Target HTTPS proxy | Can reference exactly one port from 1-65535 |
| Cross-region internal Application Load Balancer Regional internal Application Load Balancer | INTERNAL_MANAGED | Target HTTP proxy Target HTTPS proxy | Can reference exactly one port from 1-65535 |
| Global external proxy Network Load Balancer | EXTERNAL_MANAGED | Target TCP proxy Target SSL proxy | Can reference exactly one port from 1-65535 |
| Classic proxy Network Load Balancer | EXTERNAL | Target TCP proxy Target SSL proxy | Can reference exactly one port from 1-65535 |
| Regional external proxy Network Load Balancer | EXTERNAL_MANAGED | Target TCP proxy | Can reference exactly one port from 1-65535 |
| Regional internal proxy Network Load Balancer | INTERNAL_MANAGED | Target TCP proxy | Can reference exactly one port from 1-65535 |
| Cross-region internal proxy Network Load Balancer | INTERNAL_MANAGED | Target TCP proxy | Can reference exactly one port from 1-65535 |
| External passthrough Network Load Balancer | EXTERNAL | Backend service | If the forwarding rule protocol is TCP or UDP, you can configure:A list of up to five (contiguous or non-contiguous) ports, or,A single port range (contiguous), or,All ports. To configure all ports, either set --ports=ALL using the gcloud command line tool, or set allPorts to True using the API.If the forwarding rule protocol is L3_, you must configure all ports.To configure all ports, either set --ports=ALL using the gcloud command line tool, or set allPorts to True using the API. |
| Target pool | Must be a single port range (contiguous)Specifying a port is optional for forwarding rules used with target pool-based external passthrough Network Load Balancers. If no port is specified, traffic from all ports (1-65535) is forwarded. | ||
| Internal passthrough Network Load Balancer | INTERNAL | Backend service | Up to five (contiguous or non-contiguous) ports or you can configure all ports using one of these methods: set --ports=ALL using the gcloud command line tool, orset allPorts to True using the API. |
| Cloud Service Mesh | INTERNAL_SELF_MANAGED | Target HTTP proxy Target HTTPS proxy | Must be a single value. Within a VPC network, no two forwarding rules for Cloud Service Mesh can have the same IP address and port specification. |
| Classic VPN | EXTERNAL | Target VPN gateway | Can reference exactly one of the following ports: 500, 4500 |