After you add a domain name or a port to an instance, Anti-DDoS Pro or Anti-DDoS Premium forwards the packets received by the port to the port of the origin server. To ensure service stability, we recommend that you verify whether the forwarding configuration takes effect on your local machine before the inbound traffic is rerouted to Anti-DDoS Pro or Anti-DDoS Premium. This topic describes how to verify the configuration.
Prerequisites
- A website or port is added to Anti-DDoS Pro or Premium. For more information, see Add a website and Create forwarding rules.
- The back-to-origin IP address of Anti-DDoS Pro or Anti-DDoS Premium is added to the whitelist of the origin server. For more information, see Allow back-to-origin IP addresses to access the origin server.
Background information
To protect a service that is associated by using a domain name instead of an IP address, you must add a website to Anti-DDoS Pro or Anti-DDoS Premium. After you add a website configuration, you can modify the hosts file or use the CNAME record of Anti-DDoS Pro or Anti-DDoS Premium to connect to the server and check whether the forwarding configuration takes effect.
Requests to access Layer 4 services, such as games, are processed by using IP addresses instead of domain names. You must add port forwarding rules to Anti-DDoS Pro or Anti-DDoS Premium to protect these services. Then, you can verify the forwarding configuration by using the IP address of Anti-DDoS Pro or Anti-DDoS Premium to access the server.
Modify the local hosts file
Use the CNAME record assigned by Anti-DDoS Pro or Anti-DDoS Premium to access the origin server
If the client cannot connect to the service, check whether the prerequisites are met. If the fault persists, contact Alibaba Cloud technical support.
Use the IP address of the instance to access the origin server
Assume that the IP address of the instance is 99.99.99.99, the forwarding port is 1234, the IP address of the origin server is 11.11.11.11, and the port of the origin server is 1234.
If you can use telnet commands to access the IP address of the instance by using port 1234, the forwarding rule has taken effect.
If the client allows users to enter the IP address of the origin server, you can enter the IP address of the instance for verification.