All Products
Search
Document Center

Jointly use Alibaba Cloud DNS, GTM, and WAF

Last Updated: Sep 11, 2020

Scenarios

This topic describes how to jointly use Alibaba Cloud DNS, Global Traffic Manager (GTM), and Web Application Firewall (WAF) in a user network architecture.

Resources

Resource

Quantity

Description

Domain name

1

dns-example.com

Alibaba Cloud DNS

1

Alibaba Cloud DNS of the Ultimate Edition

GTM

1

GTM instance

WAF

1

WAF (China)

Server Load Balancer (SLB) instance

2

China (Beijing) and China (Shanghai)

Procedure

1

1. GTM configuration

(1) Log on to the Alibaba Cloud DNS console.

(2) On the Global Traffic Manager page, create an instance. For more information, see Create an instance.

(3) Configure global settings. For more information, see Global settings.

Note: You can select Round Robin or Weighted Round Robin from the Balance Policy drop-down list. This process evenly distributes access traffic among IP addresses (SLB IP addresses in this practice) in the address pool, and performs weighted round-robin to return responses based on weight. `

2

(4) Configure address pools. Set the following parameters as needed. For more information, see Address pool configurations.

Address Pool Name

Address Pool Type

Minimum Available Addresses

Address

Mode

China (Beijing) and global

IP

1

x.x.x.210

Smart Return

China (Shanghai)

IP

1

x.x.x.242

Smart Return

(5) Configure health check settings for two address pools. Set Health Check Protocol and other parameters as needed. For more information, see Ping health check.

3

(6) Configure the access policy. For more information, see Access policy.

  • For requests from East China cities, the traffic is routed to the address pool of China (Shanghai) by default.
  • For requests from North China or non-East China cities, the traffic is routed to the address pool of China (Beijing) by default.

Policy Name

DNS Request Sources

Default Address Pool

Alternative Address Pool

China (Beijing) and global

North China

China (Beijing) and global

China (Shanghai)

China (Shanghai)

East China

China (Shanghai)

China (Beijing) and global

2. WAF configuration

(1) Log on to the WAF console. In the left-side navigation pane, click Website Access. For more information, see Website access.

Domain Name

dns-example.com

Protocol Type

HTTP

Destination Server (IP Address): Destination Server (Domain Name)

gtm-cn-o4018xxxxxxx.xxxxxxx2b4.com

(2) Complete the configuration and return to the Website Access page. The Protocol Status value is Normal.

4

3. Alibaba Cloud DNS configuration

(1) Log on to the Alibaba Cloud DNS console. On the Manage DNS page, click the domain name. On the DNS Settings page, click Edit. In the Edit Record dialog box, set parameters as needed. For more information, see Manage DNS.

Note: The following values are example values. Replace them with actual values.

Parameter

Example

Type

CNAME

Host

@

ISP Line

Default

Value

hgojkqkmvkacd8vx9zlvhl8dxxxxxxxx.yundunwaf5.com

11