All Products
Search
Document Center

Configure access policies

Last Updated: Mar 26, 2021

Overview

Access policies allow you to set the required address pool set that can be accessed by visitors based on your business requirements.

Prerequisites

  • A GTM instance is created and GTM is authorized to access cloud resources.

  • If "Access Delay-based Access Policy" is enabled, the load policy configuration in the address pool is ignored.

  • Before you configure an access policy, you must prepare the addresses of an application service. A minimum of two addresses are required. The IP addresses of an application service can be the public IP addresses of Alibaba Cloud resources or IP addresses that can be accessed over the Internet. These Alibaba Cloud resources include Server Load Balancer (SLB) and Elastic Compute Service (ECS) instances. We recommend that you select the public IP addresses of Alibaba Cloud resources.

Procedure

Rules

  • Latency-based access policies are available only for the users of the ultimate edition.

  • You can enable only one access policy type for each instance.

Configure a geographical location-based access policy

1 . Log on to the Alibaba Cloud DNS console.

2 . In the left-side navigation pane, click Global Traffic Manager, find the required instance, and then click Configure in the Actions column of the instance.

3 . On the Basic Configuration page, select Disabled on the Access Policy Based on Geographical Location card.

4 . Click Set Access Policy to go to the Access Policy Configuration page. Click Add Access Policy.

1

5 . Configure the access policy.

23

1. Policy Name: You can specify a custom informative name for the access policy, for example, testGlobal.

2. DNS Request Sources: You can specify the required DNS request sources based on the region from which user requests are sent. When you create an access policy for the first time, we recommend that you set this parameter to Global.

3. Address Pool Type: Valid values: IPv4, IPv6, and Domain.

Primary Address Pool Set: specifies the default address pool set that is accessed by visitors. The primary address pool set consists of multiple address pools.

4. Select Address Pool: You can select one or more address pools from the existing address pools. For example, select Address Pool 1 and Address Pool 2, as shown in the preceding figure.

Create Address Pool: If no existing address pool exists, click Create Address Pool. In the Create Address Pool dialog box, set the required parameters, and click Confirm to create an address pool.

5. Load Balancing Policy(Address Pool): Valid values: Return all address and Return addresses by weight.

6. Min. Number of Available Addresses: specifies the minimum number of available addresses in an address pool set if the address pool set is available. If the number of available addresses is less than the minimum number of available addresses, the address pool set is deemed unavailable.

Configure a latency-based access policy

1. Click Set Access Policy to go to the Access Policy Configuration page. Click Add Access Policy.

11

2. Configure the access policy.

12333

1. Policy Name: You can specify a custom informative name for the access policy, for example, testdemo.

2. Primary Address Pool Set: specifies the default address pool set that is accessed by visitors. The primary address pool set consists of multiple address pools.

3. Address Pool Type: Valid value: IPv4.

4. Select Address Pool: You can select one or more address pools from the existing address pools. For example, select Address Pool 1 and Address Pool 2, as shown in the preceding figure.

5. Create Address Pool: If no existing address pool exists, click Create Address Pool. In the Create Address Pool dialog box, set the required parameters, and click Confirm to create an address pool.

6. Min. Number of Available Addresses: specifies the minimum number of available addresses in an address pool set if the address pool set is available. If the number of available addresses is less than the minimum number of available addresses, the address pool set is deemed unavailable.

7. Max. Number of Addresses Returned: After you enable a latency-based access policy, GTM routes user requests to an application server cluster that has the lowest latency. This parameter allows GTM to return one to eight addresses that have the lowest latency.

8. Latency Resolution Scheduling Optimization: After you enable this feature, GTM returns an optimal address from the addresses that are specified by the Max. Number of Returned Addresses parameter.

Notice

If you do not configure the secondary address pool set, GTM removes only abnormal addresses when the primary address pool set fails. GMT does not perform the failover operation. After GTM removes abnormal addresses from the primary address pool set, GTM routes user requests to the IP addresses that are still available. This applies when the primary address pool set still has available IP addresses.