All Products
Search
Document Center

Web Application Firewall:Intelligent load balancing

Last Updated:Jan 15, 2024

Web Application Firewall (WAF) supports intelligent load balancing. WAF uses the intelligent multi-node access technology to ensure that access requests to websites are automatically scheduled among multiple nodes or lines to achieve disaster recovery. This ensures high service availability and reduces access latency.

Scenarios

Intelligent load balancing helps ensure availability and reduce access latency and is suitable for the following services:

  • Active geo-redundancy services: Multiple nodes are deployed on the cloud or in data centers across regions. The nodes simultaneously provide services and work as backups for each other to achieve disaster recovery. Active geo-redundancy services require high reliability and low access latency.

  • Co-location multi-active services: Multiple nodes are deployed on the cloud or in data centers in the same region. The nodes simultaneously provide services and work as backups for each other to achieve disaster recovery. Co-location multi-active services require high reliability.

  • Co-location single-active services: A single node is deployed on the cloud or in a data center in the same region to provide services. Co-location single-active services require high reliability.

    Note

    Co-location single-active services do not provide automatic disaster recovery capabilities. You can enable intelligent load balancing to ensure the reliability of the services.

How it works

After you enable intelligent load balancing for a WAF instance, the WAF instance is allocated at least three protection nodes that reside in different regions to achieve automatic disaster recovery. The WAF instance uses the intelligent DNS resolution feature and the least-time back-to-origin algorithm to reduce the latency of traffic from protection nodes to origin servers.

Note
  • After you enable intelligent load balancing for a WAF instance in the Chinese mainland, the WAF instance is allocated one node in each of the following regions: China (Beijing), China (Hangzhou), and China (Shenzhen).

  • After you enable intelligent load balancing for a WAF instance outside the Chinese mainland, the WAF instance is allocated one node in each of the following areas: North America, Europe, and Southeast Asia.

The following table describes the capabilities of a WAF instance for which intelligent load balancing is enabled.

Feature

Before intelligent load balancing is enabled

After intelligent load balancing is enabled

Disaster recovery

  • Access protection based on multiple single-active nodes

  • Standard failover for disaster recovery

  • Access protection based on multi-node load balancing

  • Automatic failover based on intelligent DNS resolution

Access acceleration

N/A

The closest protection node and origin server to achieve the shortest link

image

Benefits

The following table describes the benefits of intelligent load balancing.

Scenario

Benefit

Architecture

Active geo-redundancy services

  • Automatic disaster recovery on multiple lines to achieve automatic recovery from faults

  • Distributed health check to balance loads on multiple lines

  • Upgraded least-time back-to-origin algorithm to reduce latency

image

Co-location multi-active services

  • Automatic disaster recovery on multiple lines to achieve automatic recovery from faults

  • Distributed health check to balance loads on multiple lines

image

Co-location single-active services

  • Automatic disaster recovery on multiple lines to achieve automatic recovery from faults

  • Distributed health check to balance loads on multiple lines

image

Billing

By default, the intelligent load balancing feature is disabled. You must purchase the feature before you can use the feature.

When you use intelligent load balancing, you are charged based on the subscription period of the WAF instance. The following list describes the billing rules.

  • WAF instances in the Chinese mainland: USD 180/month

  • WAF instances outside the Chinese mainland: USD 800/month

Use intelligent load balancing

To use intelligent load balancing, perform the following steps:

  1. Enable intelligent load balancing for your WAF instance.

    Enable intelligent load balancing when you purchase a subscription WAF instance. You can also enable intelligent load balancing when you upgrade a subscription WAF instance. For more information, see Renewal and upgrade of a subscription WAF instance.

    Important

    Only the WAF Business and Enterprise editions support intelligent load balancing in regions outside the Chinese mainland.

  2. Add your website to WAF in CNAME record mode. In the Enter Your Website Information step, enter the addresses of all origin servers in the Destination Server (IP Address) section and select Least time for the Load Balancing Algorithm parameter. Configure other website information based on your business requirements. For more information, see Add a domain name to WAF.选择负载均衡算法

  3. Update the DNS record of your website to map the domain name to the CNAME that is provided by WAF. This way, requests that are destined for your website are protected by WAF. For more information, see Modify a DNS record.

After you add your website to WAF, WAF uses the intelligent DNS resolution feature and the least-time back-to-origin algorithm to reduce the latency of traffic from protection nodes to origin servers.

Important

If you use an A record to map the domain name that you added to WAF to the virtual IP address (VIP) of WAF, your web services may be inaccessible after you enable or disable intelligent load balancing.