Community Blog Accelerate Your Application using Global Accelerator with Source IP Address Persistence

Accelerate Your Application using Global Accelerator with Source IP Address Persistence

Learn how you can quickly set up Global Global Accelerator with Source IP Address Persistence so that your application can have better access in China.

Try Global Accelerator For Free

Alibaba Cloud offers the Global Accelerator service to help enterprises to improve the quality and speed access to their application from Mainland China. In short, this product is meant to help to mitigate the issues that many multinational and international companies and brands may face as they redirect Chinese users to web applications or mobile apps hosted elsewhere in the world.

Alibaba Cloud's Global Accelerator service can be extremely helpful to many international companies, as setting up services in China may not be an option for them at least temporarily, as going through the process of setting up web services in Mainland China can be lengthy with the application process taking at least one month. Luckily, for this, Alibaba Cloud also offers comprehensive solutions and guidance to help customers enter China. Check out Alibaba Cloud's China Gateway solution, and also check out the ICP filing page for more information about the requirements involved with setting up services in China.

In the meantime, why not start using Global Accelerator to reach your Chinese userbase first? In this tutorial, we're going to help you get started bring your services to China quickly by using Global Accelerator with Source IP Address Persistence. This tutorial can be completed in a matter of just 30 minutes.

Setting up Your Global Accelerator Instance

For this tutorial, you should already have an website that can be accessed through the Internet. For this purpose, I created a website hosted on an Alibaba Cloud Elastic Compute Service (ECS) instance, located in Hong Kong. As a general recommendation, consider hosting your website on Alibaba Cloud. Doing so will make this process even easier. You can access my example website here.


Now it's time to work on providing the global Accelerator service for your website. Firstly, log in to the Alibaba Cloud international console, then go to Global Accelerator console and click Create Instance.



In this example, I purchased the Small I instance type. For your reference, below are the six instance types supported by Global Accelerator service. Choose whichever instance best matches your needs.



After purchasing the instance, you should see one instance in the Global Accelerator console.

Next we will need to purchase the Accelerator bandwidth between China and the server where your website is hosted. For me, that's Hong Kong. Next, in the Global Accelerator console, click Configure Basic Bandwidth Plan.


A page will show up similar to the one below. On it, you'll need to click Buy Basic Bandwidth Plan.


For a domain without an ICP Filing, you'll need to choose the Premium Bandwidth option. You'll also need to set your peak bandwidth and duration. Once you're all finished, click Buy Now.


After purchasing the plan, you should see the Advanced Bandwidth instance in the console .


Now, it's time to work on the configuration. To start off, navigate yourselve to the Instances area from the left-side navigation pane and click Configure Basic Bandwidth Plan.


Choose the Bandwidth plan that we just purchased and then click OK.


Now that that's done, the Global Accelerator instance is ready, so we can carry on to configure the Listeners, by clicking Configure Listeners.


As part of the configuration process, you'll need to specify the Listener name. For the protocol field, choose TCP and for the port enter 80. Once everything's complete, click OK.


On this page, specify the Endpoint Group Name, also select the Region. For me, this is Hong Kong and input the original domain name, which again for me is nginx.alibabacloudhk.com, and last choose a weight of 100, and then click Next.


Finally, review the setup summary and then click Next to complete the setup process.


Now, we can continue to test the accelerated application very soon. When you see the Status is Active (with a green check mark), you can click the Global Accelerator instance ID to view its details.


On the details page to appear, you should see the instance's basic information, including the CNAME that is generated. Next, we'll need to click Add Acceleration Area to complete the setup.


For this part, choose your Acceleration area and region. For me, this is Asia Pacific and Hong Kong. Also, allocate the Bandwidth to your instance, and then click OK. This part of the setup will assign an accelerated IP address in your selected region, and let your China users connect to it to be able to connect to your application.



After a few minutes, you should see an accelerated IP generated for you, you can also use the CNAME to resolve the same IP as well. We can now modify the DNS or host table to do the test. To do so, set up the host table in the PC and set following nginx.alibabacloudhk.com, for example.


This verifies that the Accelerator IP is working, meaning that your application also works normally.

Try Global Accelerator For Free

Setting up Source IP Address Persistence

In the previous section, we shown how to purchase and configure the GA instance to make your application work, however, since Global Accelerator involves TCP proxy redirection, one question that remains is how to keep the source IP address persistence. Doing so is important because this is a common practice and standard, especially in the finance industry. Well, to do this, you'll need to set up source IP address persistence (But you will need to talk with your account BD/SA first, as this feature may need to be whitelisted). The setup is actually quite easy. You can start things off by checking the IP address of your computer. For this, you can use the free tool at this website.


So now that we know what our IP address is, we want our IP address to be seen in the orginal Nginx Server. Let's double check what's going on in the access log. For this, use the command tail -f /var/log/nginx/access.log.


What we can see from the access log is that the Global Accelerator instance used a back-to-source IP address, which happens not to be the Client IP address. The numbers are different. We are going to resolve this issue now with the below steps. Global Accelerator implemented the standard "Proxy-Protocol", so what we need to implement this in the Nginx server. You can learn more about doing this here. The configuration is simple, all you need to do is modify the nginx configuration file, /etc/nginx/nginx.conf by adding the following three lines:

listen       80 proxy_protocol;
real_ip_header proxy_protocol;


After doing that, try accessing the website again, and check what the IP addres is. You should able to get the Original IP in the access log now.


Next, you can monitor the traffic, and the concurrent sessions information in the console


If you have any issues, don't hesitate to contact your Client Business Manager or Solutions Architect or submit a service ticket.

Try Global Accelerator For Free

2 0 0
Share on

Thomas KW Poon

3 posts | 9 followers

You may also like


testdas April 18, 2020 at 3:34 pm

Abc comment

5247612462925994 February 4, 2021 at 6:28 pm

Very detail article. Well I'm working on project On my own which also involves with tracking IP address and Location.from any place in the World. http://mylocationrightnow.com/

Thomas KW Poon

3 posts | 9 followers

Related Products