All Products
Search
Document Center

Anti-DDoS:Modify the back-to-origin settings for a port

Last Updated:Feb 22, 2024

You can configure back-to-origin settings to enable the origin redundancy feature for a port forwarding rule. This feature improves the disaster recovery (DR) capabilities of back-to-origin links for Anti-DDoS Pro and Anti-DDoS Premium. This topic describes how to modify the back-to-origin settings for a port.

Background information

The origin redundancy feature allows you to configure the IP addresses of the primary and secondary origin servers. You can specify whether to forward back-to-origin requests to the primary or secondary origin server at any time. This way, your Anti-DDoS Pro or Anti-DDoS Premium instance forwards service traffic to the origin server that you specified. If a back-to-origin link fails, you can quickly switch service traffic to the backup link to ensure normal service access.

Limits

  • If your origin servers are deployed on Alibaba Cloud, you can add only the origin servers of the current Alibaba Cloud account when you configure the origin redundancy feature.

  • After you enable the origin redundancy feature, you can no longer modify the corresponding port forwarding rule.

Prerequisites

A non-website service is added to Anti-DDoS Pro or Anti-DDoS Premium. For more information, see Manage forwarding rules.

Enable origin redundancy

  1. Log on to the Anti-DDoS Pro console.

  2. In the top navigation bar, select the region of your asset.

    • Anti-DDoS Proxy (Chinese Mainland): If your instance is an Anti-DDoS Pro instance, select Chinese Mainland.

    • Anti-DDoS Proxy (Outside Chinese Mainland): If your instance is an Anti-DDoS Premium instance, select Outside Chinese Mainland.

    You can switch the region to configure and manage Anti-DDoS Pro or Anti-DDoS Premium instances. Make sure that you select the required region when you use Anti-DDoS Pro or Anti-DDoS Premium.

  3. In the left-side navigation pane, choose Provisioning > Port Config.

  4. On the page that appears, select the instance that you want to manage. Find the port forwarding rule for which you want to enable the origin redundancy feature and click Back-to-origin Settings in the Actions column.

  5. In the Back-to-origin Settings dialog box, configure the parameters and click OK.

    1. Turn on Origin Redundancy. In the Note message, click OK.

      Note

      When you enable the origin redundancy feature, the current origin IP address of the port forwarding rule is automatically used as the IP address of the primary origin server, and service traffic is forwarded to the primary origin server.

    2. Configure the IP addresses of the primary and secondary origin servers and select the origin server that you want to enable.

      You can configure up to 20 IP addresses for each origin server. Separate multiple IP addresses with commas (,).

If the primary back-to-origin link fails, you can select Use Secondary Origin Server in the Back-to-origin Settings dialog box to switch service traffic to the secondary back-to-origin link.

Disable the origin redundancy feature

If you no longer need the origin redundancy feature, you can turn off Origin Redundancy in the Back-to-origin Settings dialog box. After you disable the origin redundancy feature, you can modify the port forwarding rule to change the origin IP address of the port forwarding rule. For more information, see Configure port forwarding rules.

Note

After you disable the origin redundancy feature, the IP address of the origin server that you enabled is automatically used as the origin IP address of the port forwarding rule. For example, if the secondary origin server is enabled and you disable the origin redundancy feature, the IP address of the secondary origin server is automatically used as the origin IP address of the port forwarding rule that is used to forward service traffic.