All Products
Search
Document Center

Set IP addresses in the DMS whitelist

Last Updated: Jun 29, 2020

You can add Classless Inter-Domain Routing (CIDR) blocks of a region in the Data Management Service (DMS) whitelist to the whitelists of registered ApsaraDB instances in the same region at a time.

Prerequisites

You are a database administrator (DBA) or a DMS administrator.

Important notes

If the database sources of your database instances are ECS Self-built, Public Network, VPC line IDC, or No Access to Public, you must manually add CIDR blocks in the DMS whitelist to the whitelists of ApsaraDB instances based on the region. To view CIDR blocks of different regions in the DMS whitelist, click View whitelist of DMS network environment on the Instance List tab of the Instance page in the DMS console. For more information, see DMS whitelist.

Procedure

  1. Log on to the DMS console.

  2. In the top navigation bar, choose System Management > Instance.

  3. On the Instance List tab, select the target instances and click Configure Whitelist on the top of the instance list.

    This operation adds the CIDR blocks in the DMS whitelist to the whitelists of registered ApsaraDB instances based on the region, such as ApsaraDB for RDS instances.

  4. In the message that appears, click OK.

DMS whitelist

For database instances that are sourced from user-built databases with public endpoints or Virtual Private Cloud (VPC)-, VPN Gateway-, or Smart Access Gateway-connected databases, you must modify the security settings of the source databases by adding the CIDR blocks in the DMS whitelist of the same region as the source databases. The following table lists the CIDR blocks of different regions in the DMS whitelist.

  • If no CIDR block in the DMS whitelist is available in the region where a database instance sourced from a database with a public endpoint resides, add the CIDR blocks of the nearby region to the whitelist of the instance.
  • The following table lists the CIDR blocks in the DMS whitelist for both of the classic network- and VPC-connected ApsaraDB databases. Proceed with caution when you manage the whitelists of ApsaraDB databases.
Region User-built databases on Elastic Compute Service (ECS) instances (classic network)
ApsaraDB databases (classic network)
User-built databases on ECS instances (VPC)
ApsaraDB databases (VPC)
VPC-connected databases in on-premises data centers
Databases with public endpoints
China (Hangzhou) 11.193.54.0/24,10.143.32.0/24,10.143.34.0/24 100.104.175.0/24 101.37.74.0/24 112.124.140.0/24
China (Shanghai) 10.152.163.0/24 100.104.5.0/24 139.224.4.0/24
China (Qingdao) 10.151.203.0/24 100.104.188.0/24 114.215.161.0/24
China (Beijing) 11.192.101.0/24 100.104.72.0/24 60.205.89.0/24
China (Zhangjiakou) 11.192.243.0/24 100.104.205.0/24 None
China (Hohhot) 11.193.183.0/24 100.104.205.0/24 39.104.29.35/24
China (Chengdu) 11.195.52.68/24 100.104.5.0/26 None
China (Shenzhen) 10.152.27.0/24 100.104.5.0/24 120.76.91.0/24
China (Heyuan) 11.118.24.0/24 100.104.96.64/26
China (Hong Kong) 10.152.161.0/24 100.104.205.0/24 47.89.61.0/24
Singapore 10.152.166.0/24 100.104.205.0/24 47.88.147.0/24
Australia (Sydney) 11.192.100.0/24 100.104.5.0/24 47.91.49.0/24
Malaysia (Kuala Lumpur) 11.193.189.0/24 100.104.175.0/24 47.254.212.25/24
Indonesia (Jakarta) 11.194.48.0/22 100.104.5.0/24 149.129.228.88/24
India (Mumbai) 11.194.10.0/24 100.104.205.0/24 149.129.164.77/24
Japan (Tokyo) 11.192.147.0/24,11.192.148.0/24,11.192.149.0/24 100.104.205.0/24 47.91.9.0/24,47.91.12.0/24,47.91.13.0/24
US (Silicon Valley) 10.152.31.0/24 100.104.205.0/24 47.89.224.0/24
US (Virginia) 10.152.235.0/24 100.104.205.0/24 47.89.170.0/24
Germany (Frankfurt) 11.192.169.0/24,11.192.170.0/24 100.104.233.0/24 47.91.83.0/24,47.91.84.0/24
UK (London) 11.199.93.0/24 100.104.5.0/24 None
UAE (Dubai) 11.192.189.0/24,11.192.190.0/24,11.192.191.0/24 100.104.5.0/24 47.91.102.0/24,47.91.103.0/24,47.91.112.0/24
Finance Cloud of China (Hangzhou) None 100.104.175.0/24 None
Finance Cloud of China (Shanghai) None 100.104.72.0/24 None
Finance Cloud of China (Shenzhen) None 100.104.205.0/24 None