Global Traffic Manager (GTM) uses the intelligent DNS resolution feature of Alibaba Cloud DNS to resolve DNS queries, provides the nearest access points for the requested application services, and returns accelerated IP addresses to clients that reside in different regions. This reduces resolution latency and accelerates access to web services. GTM routes access traffic to multiple IP addresses for load balancing. GTM can perform DNS failovers based on the health check results of the IP addresses. This allows active zone-redundancy, isolation for unavailable IP addresses, and geo-disaster recovery.

Prerequisites

  • An Alibaba Cloud account is created. If you do not have an Alibaba Cloud account, click here to create an Alibaba Cloud account.
  • A third-party DNS resolution service is used.

    If you use Alibaba Cloud DNS, you can configure Global Accelerator (GA) to interact with Alibaba Cloud DNS to conduct intelligent DNS resolution. For more information, see Global Accelerator interacts with Alibaba Cloud DNS.

  • Your website has an Internet Content Provider (ICP) filing.

Background information

This topic uses the following scenario as an example. A web service is deployed in the US (Silicon Valley) region. The server provides web services by using the elastic IP addresses (EIPs) of Alibaba Cloud. The forwarding port is TCP port 80. Clients reside in different regions around the world. In most cases, DNS servers return IP addresses to clients without analyzing the geographical locations of the clients. This slows down DNS resolution and access to the web services.

You can create a GA instance, specify China (Shanghai) and China (Beijing) as the acceleration regions, and configure the GA instance to interact with GTM to conduct intelligent DNS resolution. After the configuration is complete, intelligent DNS resolution returns accelerated IP addresses based on the geographical locations of the clients. This accelerates access to the web services and reduces network latency.

In this example:
  • Intelligent DNS resolution returns the accelerated IP address of China (Shanghai) for requests from both China (Hangzhou) and China (Shanghai).
  • Intelligent DNS resolution returns the accelerated IP address of China (Beijing) for requests from regions other than China (Hangzhou) and China (Shanghai) in mainland China.
  • Intelligent DNS resolution returns the IP address of the origin server in US (Silicon Valley) for requests from regions outside mainland China.
Architecture

Procedure

Procedure

Step 1: Enter the required information

You can enter the required information in the Global Accelerator console. The system then generates a list of recommended services, including a GA instance, a basic bandwidth plan, and a cross-region acceleration bandwidth plan.

To enter the required information, perform the following steps:

  1. Log on to the Global Accelerator console.
  2. On the Instances page, click Purchase Guide in the upper-right corner.
    Note Skip the preceding step if you are a first-time user.
    Purchase guide
  3. In the Enter the required information to generate a list of recommended services section, enter the required information.
    • Acceleration Area: Select the area that requires acceleration. China (Shanghai) and China (Beijing) are selected in this example.
    • Service Region: Select the region where the origin servers are deployed. US (Silicon Valley) is selected in this example.
    • ICP Filing: If you want to accelerate a web service, specify whether the domain name of the web service has applied for an ICP number. If the service to be accelerated is not a web service, select No. Yes is selected in this example.
      Note All websites must obtain an ICP number before they are permitted to provide services to users in mainland China. For more information, see What is an ICP filing?.
    • Server Area: Specify whether the origin servers are deployed on Alibaba Cloud. Select On Alibaba Cloud in this example.
    • Peak Bandwidth Range: Peak bandwidth refers to the maximum amount of bandwidth required during peak hours. Unit: Mbit/s. 10 is entered in this example.
    • Maximum Concurrent Connections: The maximum number of concurrent connections that can be established to a GA instance. If the number of connections exceeds the upper limit, new connection requests are discarded. 5 thousand is selected in this example.
  4. Click Generate Service List.
    After a list is generated, you can check the recommended services in the list.Recommended service list

Step 2: Purchase a service bundle

You can purchase a service bundle based on the recommended service list. The list includes a GA instance, a basic bandwidth plan, and a cross-region acceleration bandwidth plan.

To purchase a service bundle, perform the following steps:

  1. Click Generate Service List.
    Generate service list
  2. On the buy page, set the following parameters for the GA instance.
    • Term: Select a subscription duration.
      Note The subscription duration is applied to all services in the recommended service bundle. For example, if you set Term to one year, you subscribe to the GA instance, basic bandwidth plan, and cross-region acceleration bandwidth plan for one year.
    • Specification: Select a GA instance specification. Small II is selected in this example.
      GA supports the following types of instance specifications: Small I, Small II, Small III, Medium I, Medium II, and Medium III. The acceleration performance can vary based on the instance specification.
      Instance specification Number of acceleration regions Peak bandwidth Maximum number of concurrent connections
      Small I 1 20 Mbit/s 5,000
      Small II 2 40 Mbit/s 10,000
      Small III 3 60 Mbit/s 15,000
      Medium I 5 100 Mbit/s 25,000
      Medium II 8 160 Mbit/s 40,000
      Medium III 10 200 Mbit/s 50,000
    • Quantity: Enter the number of GA instances that you want to purchase. 1 is entered in this example.
    • Bandwidth Type: Select the type of the basic bandwidth plan. Basic is selected in this example.
      Basic bandwidth plans support the following types of bandwidth: basic, enhanced, and premium. The following table shows that the acceleration type, acceleration backend service, and acceleration scope of a basic bandwidth plan can vary based on the bandwidth type.
      Bandwidth type Workload type Accelerated object Acceleration scope
      Basic bandwidth Applications that are deployed on Alibaba Cloud
      • Elastic Compute Service (ECS)
      • Server Load Balancer (SLB)
      • Alibaba Cloud public IP address
        Note If ECS instances and SLB instances run in classic networks, both types of instances are not supported.
      By default, networking within mainland China is accelerated. You can also purchase a cross-border bandwidth plan. This allows you to optimize the acceleration of networking between mainland China and other areas.
      Enhanced bandwidth
      • Applications that are deployed on Alibaba Cloud
      • Applications that are not deployed on Alibaba Cloud
      • ECS
      • SLB
      • Alibaba Cloud public IP address
      • Custom IP address
      • Custom domain name
      By default, networking within mainland China is accelerated. You can also purchase a cross-border bandwidth plan. This allows you to optimize the acceleration of networking between mainland China and other areas.
      Premium bandwidth
      • Applications that are deployed on Alibaba Cloud
      • Applications that are not deployed on Alibaba Cloud
      • ECS
      • SLB
      • Alibaba Cloud public IP address
      • Custom IP address
      • Custom domain name
      By default, network connections are accelerated on a global scale. Network traffic transmitted from mainland China to areas outside China is accelerated in the China (Hong Kong) region. If you also purchase a cross-border bandwidth plan, the acceleration of network connections between mainland China and areas outside China are reinforced.
      Note You can specify ECS or SLB as the backend service type only when your account is included in the whitelist of GA. If you want to specify ECS or SLB as the backend service type, submit a ticket.
    • Peak Bandwidth: Specify the peak bandwidth of the basic bandwidth plan. 10 Mb is specified in this example.
    • Bandwidth: Specify the peak bandwidth of the cross-region acceleration bandwidth plan. 10 Mb is specified in this example.
  3. Click Buy Now and complete the payment.
After you complete the payment, the basic bandwidth plan and cross-region acceleration bandwidth plan are automatically bound to the GA instance.Bandwidth plans bound to the instance

Step 3: Add an acceleration region

After you purchase a GA instance, you can add one or more acceleration areas where users are located, and allocate bandwidth to these areas.

To add an acceleration area, perform the following steps:

  1. On the Instances page, find the GA instance that you have created and click the instance ID.
  2. On the instance details page, click the Acceleration Areas tab. Then, click Add Acceleration Area.
  3. In the Add Acceleration Area dialog box, set the following parameters, and click OK.
    • Acceleration Area: Select the area that requires acceleration. China North is selected in this example.
    • Regions: Select the regions where users are located. China (Beijing) is selected in this example.
    • Bandwidth: Specify the amount of bandwidth to be allocated to the region. 5 Mbit/s is specified in this example.
  4. Repeat the preceding steps to add China (Shanghai) of China East as an acceleration region, and allocate 5 Mbit/s bandwidth to this region.
After the acceleration areas are added, GA assigns an accelerated IP address to each acceleration area to accelerate connections.Add an acceleration area

Step 4: Add a listener

Listeners are used to monitor connection requests from clients. GA monitors connection requests received on the specified listener ports and forwards the requests to endpoints through the specified protocol.

To add a listener to the GA instance, perform the following steps:

  1. On the instance details page, click the Listeners tab. Then, click Add Listener.
  2. In the Configure Listener & Protocol wizard, set the following listener parameters:
    • Listener Name: Enter a name for the listener to be created. The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). It must start with a letter or Chinese character.
    • Protocol: Select a protocol for the listener. TCP is selected in this example.
    • Port Number: Enter a port number or port range. Requests are received and then forwarded from the specified ports to the endpoints. Valid values: 1 to 65499. 80 is entered in this example.
    • Client Affinity: Select whether to enable client affinity. When client affinity is enabled, requests from a specific source (client) IP address are routed to the same endpoint. Source IP Address is selected in this example.
    Listener
  3. Click Next.

Step 5: Configure an endpoint group

Each listener is associated with an endpoint group. You can associate an endpoint group with listeners by specifying the regions to which you want to distribute network traffic. After you associate an endpoint group with a listener, traffic is distributed to the optimal endpoint in the associated endpoint group.

To configure an endpoint group, perform the following steps:

  1. In the Configure Endpoint Group wizard, configure the endpoint group based on the following parameters:
    • Endpoint Group Name: Enter a name for the endpoint group. The name must be 2 to 128 characters in length, and can contain letters, Chinese characters, digits, underscores (_), and hyphens (-). It must start with a letter or Chinese character.
    • Region: Select the region where the endpoint group is created. The region specifies where the origin servers are located. US (Silicon Valley) is selected in this example.
    • Backend Service: Specify whether the origin servers are deployed on Alibaba Cloud. Alibaba Cloud is selected in this example
    • Reserve Client IP: Specify whether to reserve client IP addresses. When this feature is enabled, the origin servers can obtain client IP addresses. This feature is disabled in this example.
      Note The feature of reserving client IP addresses is available only to users in the whitelist. If you are not included in the whitelist and you want to use the feature, submit a ticket.
    • Endpoint: Configure endpoints.
      • Backend Service Type: Select EIP.
      • Backend Service: Enter the elastic IP address to be accelerated.
      • Weight: Specify a weight for the endpoint. Valid values: 0 to 255. GA distributes network traffic to endpoints based on the predefined weights.
        Notice If you set the weight of an endpoint to 0, Global Accelerator stops distributing network traffic to the endpoint. Proceed with caution.
    Configure endpoint group
  2. Click Next to check the configurations. After you confirm the configurations, click Next.

Step 6: Create a GTM instance

GTM is a traffic management service that allows you to manage access traffic from clients in a refined manner.

To create a GTM instance, perform the following steps:

  1. Log on to the Alibaba Cloud DNS console.
  2. In the left-side navigation pane, click Global Traffic Manager.
  3. On the Global Traffic Manager page, click Create Instance.
  4. On the buy page, set the following parameters for the GTM instance:
    1. Version: By default, Standard Edition is selected and cannot be changed.
      The Standard Edition plan supports the following features:
      • Health checks on IP addresses of application services.
      • GeoDNS: switches your application workload to specified IP addresses based on the geographic locations of users.
      • Disaster recovery policies for implementing DNS resolution service failovers.
      • WRR: weighted round-robin load balancing policy.
    2. Quantity: The number of GTM instances that you want to purchase.
    3. Service Time: The service duration of the GTM instance.
  5. Click Buy Now and complete the payment.

Step 7: Configure an address pool

You can configure more than one address pool for a GTM instance. This way, requests from different regions can be forwarded to the nearest access points by using different address pools.

To configure an address pool for a GTM instance, perform the following steps:

  1. Log on to the Alibaba Cloud DNS console. In the left-side navigation pane, click Global Traffic Manager.
  2. On the Global Traffic Manager page, find the GTM instance created in Step 6 and click Configure in the Actions column.
  3. In the Select Configuration Method dialog box, click Advanced Settings.
  4. On the Configurations page, click the Address Pool Configurations tab and click Create Address Pool.
  5. In the Create Address Pool pane, configure the following parameters. Then, click Confirm.
    • Address Pool Name: Enter a name for the address pool.

      Enter the accelerated IP address of China (Beijing) in this example.

    • Address Pool Type: Select the type of the address pool.

      IP and Domain are supported. Select IP in this example.

    • Minimum Available Addresses: the minimum number of available IP addresses that are contained in the address pool.

      An address pool may contain one or more IP addresses. After the Health Check feature is enabled, the system dynamically shows the number of available IP addresses and isolates unavailable IP addresses based on the health check results. If the number of available IP addresses is less than the minimum number of available IP addresses that you specified, the system automatically changes the status of the address pool to unavailable. In addition, access policies determine whether to switch to the alternative address pool based on the availability of the default address pool. Enter 1 in this example.

    • Address: Enter the accelerated IP address that is assigned by GA to China (Beijing). For more information, see Step 3: Add an acceleration region.
    • Mode: Select a mode for the accelerated IP address.
      The following modes are supported:
      • Smart Return: The system determines whether to return the IP address based on the health check results. If the IP address is available, intelligent DNS resolution returns the IP address to clients. If the IP address is unavailable, the system temporarily deletes the IP address.
      • Always Online: The system determines that the IP address is always available, and intelligent DNS resolution returns this IP address to clients.
      • Always Offline: The system determines that the IP address is unavailable, and intelligent DNS resolution does not return this IP address to clients.

      Select Smart Return in this example.

  6. Repeat the preceding steps to add the accelerated IP address of China (Shanghai) and the IP address of the origin server in US (Silicon Valley) to the address pool.
    The following table lists the configurations of the address pool.
    Address pool name Address pool type Minimum number of available IP addresses IP address Mode
    Accelerated IP address of China (Beijing) IP 1 Accelerated IP address assigned by GA to China (Beijing) Smart return
    Accelerated IP address of China (Shanghai) Accelerated IP address assigned by GA to China (Shanghai)
    IP address of the origin server in US (Silicon Valley) IP address of the origin server in US (Silicon Valley)

Step 8: Configure access policies

Access policies allow GTM to forward requests from different access points to different origin servers. You can also specify secondary origin servers to meet your business requirements.

To configure access policies for GTM, perform the following steps:

  1. On the Configurations page, click the Access Policy tab and click Add Access Policy.
  2. In the Add Access Policy pane, configure the following parameters. Then, click Confirm.
    • Policy Name: Enter a name for the access policy. Enter global access policy in this example.
    • Default Address Pool: Select a default address pool.

      By default, GTM forwards access traffic from clients to the IP addresses of the origin servers in the default address pool. Select the address pool named accelerated IP address of China (Beijing) that is configured in Step 7. For more information, see Step 7: Configure an address pool.

    • Alternative Address Pool: Select an alternative address pool.

      An alternative address pool is an IP address pool that contains IP addresses of secondary origin servers. If the servers in the default address pool are unavailable, GTM forwards requests to the secondary origin servers. Select Null in this example.

    • DNS Request Sources: Select a request source.

      After you specify a region as the request source, the requests sent by clients in the region are distributed by GTM to the specified address pool of the origin server. In this example, click Global and select Global.

  3. Repeat the preceding steps to add access policies for clients in China (Hangzhou) and China (Shanghai), regions other than China (Hangzhou) and China (Shanghai) in mainland China, and regions outside mainland China.
The following table describes the access policies after you complete the configurations.
Policy name Default address pool Alternative address pool Request source
Global access policy Accelerated IP address of China (Beijing) Null Global > Global
Access policy for clients in China (Hangzhou) and China (Shanghai) Accelerated IP address of China (Shanghai) Mainland China > East China
Access policy for clients outside mainland China IP address of the origin server in US (Silicon Valley) Overseas > Outside mainland China

Step 9: Configure basic information

After you configure the access policies, you must configure the basic information of the GTM instance. The information includes the primary domain name, CNAME access domain name, load balancing policy, global time to life (TTL), and alert group.

To configure the basic information, perform the following steps:

  1. On the Configurations page, click the Global Settings tab and click Edit.
  2. In the pane that appears, configure the following parameters. Then, click Confirm.
    • Instance Name: Enter the name of the GTM instance.
    • Primary Domain: Enter the domain name requested by a client. Enter www.example.com in this example.
    • CNAME Access Domain Name: Specify the type of the CNAME access domain name. Select Assigned Access Domain Name in this example.
    • Balance Policy: Select a load balancing policy for the GTM instance.
      • Round Robin: This is the default load balancing policy. If an address pool contains more than one IP address, access traffic from clients is evenly distributed to these IP addresses.
      • Weighted Round Robin: If clients of web services reside across the country or around the world, you can select this policy to distribute access traffic based on the processing capacity of each IP address in the address pool. This policy allows the system to distribute access traffic based on weights. You can set a weight for each IP address. DNS resolution returns IP addresses based on the predefined weights.

      Select Round Robin in this example.

    • Global TTL: the validity period of the resolution record. Select 1 minute(s) in this example.

      GTM provides traffic management services based on domain names. The Global TTL parameter specifies the validity period of the resolution record cached in the DNS system of the service provider. By default, the parameter is set to 1 minute. If you use a custom domain name, the global TTL must be the same as the minimum TTL supported by the Alibaba Cloud DNS service plan of the custom domain name.

    • Alert Group: the contact group to which a notification is sent when an exception occurs.
      Note
      • If you have not configured an alert group, log on to the Cloud Monitor console and configure an alert group. For more information, see Create an alert contact or alert group.
      • If you have configured an alert group but want to configure the basic information as a Resource Access Management (RAM) user, you must use your Alibaba Cloud account to authorize the RAM user first. After the RAM user is authorized, you can log on as a RAM user to read the alert group information.
After you configure the basic information, the system automatically allocates a CNAME access domain name to resolve the domain name of the requested web service.cname

Step 10: Configure DNS resolution

You must log on to the DNS system of your service provider to resolve domain names to the CNAME address allocated by GTM. This allows access traffic to be directed to the GTM instance. For more information about how to configure DNS resolution, consult your DNS service provider.

Step 11: Test the settings

To test the performance of intelligent DNS resolution, perform the following steps:

  1. Open the command prompt on your computer if you are located in China (Hangzhou) and China (Shanghai), regions other than China (Hangzhou) and China (Shanghai) in mainland China, and regions outside mainland China.
  2. Run the nslookup <web service domain name> command to check the DNS resolution results.
    The following results are displayed:
    • Intelligent DNS resolution returns the accelerated IP address of China (Shanghai) for requests from both China (Hangzhou) and China (Shanghai).
    • Intelligent DNS resolution returns the accelerated IP address of China (Beijing) for requests from regions other than China (Hangzhou) and China (Shanghai) in mainland China.
    • Intelligent DNS resolution returns the IP address of the origin server in US (Silicon Valley) for requests from regions outside mainland China.