This topic provides the CIDR blocks of DTS servers that reside in different regions. To ensure that DTS can access the source and destination databases, you must add the CIDR blocks of DTS servers to the security settings (for example, IP whitelist) of the databases. This is required if the database type is User-Created Database with Public IP Address or User-Created Database Connected Over Express Connect, VPN Gateway, or Smart Access Gateway.

Note You do not need to modify the security settings for ApsaraDB instances, such as ApsaraDB for RDS instances and ApsaraDB for MongoDB instances, and user-created databases hosted on ECS. DTS automatically adds the CIDR blocks of DTS servers to the IP whitelists of ApsaraDB instances or the security rules of ECS instances.

Data migration and change tracking

  • Data migration

    You must modify the security settings of the source and destination databases if the type of the database is User-Created Database with Public IP Address or User-Created Database Connected Over Express Connect, VPN Gateway, or Smart Access Gateway. You must add the CIDR blocks of DTS servers that reside in the same region as the destination database to the security settings.

    For example, the source database is deployed in the China (Shenzhen) region, and the destination database is deployed in the China (Hangzhou) region. In this case, you must add the CIDR blocks of DTS servers in the China (Hangzhou) region to the security settings of the source and destination databases.

  • Change tracking

    You must modify the security settings of the source database if the type of the database is User-Created Database with Public IP Address or User-Created Database Connected Over Express Connect, VPN Gateway, or Smart Access Gateway. You must add the CIDR blocks of DTS servers that reside in the same region as the source database to the security settings.

Table 1. CIDR blocks of DTS servers in different regions
Region CIDR blocks to be added when an on-premises database connects to Alibaba Cloud over the Internet CIDR blocks to be added when an on-premises database connects to Alibaba Cloud over Express Connect, VPN Gateway, or Smart Access Gateway
China (Hangzhou) 101.37.14.0/24, 114.55.89.0/24, 115.29.198.0/24, 118.178.120.0/24, 118.178.121.0/24, 120.26.106.0/24, 120.26.116.0/24, 120.26.117.0/24, 120.26.118.0/24, 120.55.192.0/24, 120.55.193.0/24, 120.55.194.0/24, 120.55.241.0/24, 121.40.125.0/24, 121.196.246.0/24, 101.37.12.0/24, 101.37.13.0/24, 101.37.15.0/24, 101.37.25.0/24, 47.96.39.0/24, 118.31.184.0/24, 118.31.165.0/24, 118.31.246.0/24, 120.55.12.0/24, 47.97.7.0/24, 47.97.27.142/32, 47.97.73.210/32, 121.43.162.118/32, 121.43.185.141/32, 121.196.211.16/32, 114.55.125.94/32, 121.43.179.168/32, 121.43.174.187/32, 47.99.171.159/32, 47.97.118.150/32, 47.98.251.185/32, 47.99.43.73/32, 47.97.195.167/32, 120.27.211.237/32, 47.97.125.64/32, 47.98.52.255/32, 47.97.116.109/32, 47.97.119.148/32, 47.98.51.78/32, 47.97.106.64/32, 116.62.172.149/32, 120.55.40.134/32, and 47.98.39.64/32 100.104.52.0/24, and 100.104.61.128/26
China (Shanghai) 139.196.17.0/24, 139.196.18.0/24, 139.196.25.0/24, 139.196.27.0/24, 139.196.154.0/24, 139.196.116.0/24, 139.196.254.0/24, 139.196.166.0/24, 106.14.46.0/24, 106.14.37.0/24, 106.14.36.0/24, 106.15.250.0/24, 101.132.248.0/24, 47.100.95.0/24, 106.15.73.0/24, 106.15.75.0/24, 47.100.137.0/24, 106.14.177.89/32, 106.14.178.118/32, 139.196.138.36/32, 106.14.4.132/32, 139.196.92.27/32, 139.196.143.11/32, 139.196.44.156/32, 139.196.6.35/32, 139.196.50.106/32, 139.196.25.56/32, 139.196.47.137/32, 139.196.6.124/32, 139.196.49.138/32, 139.196.41.168/32, 139.196.48.218/32, 139.196.51.72/32, 47.101.194.1/32, 47.101.166.207/32, 47.101.181.171/32, 47.101.177.224/32, and 47.100.186.20/32 100.104.205.0/24
China (Qingdao) 115.28.200.0/24, 115.28.216.0/24, 115.28.226.0/24, 115.28.247.0/24, 118.190.133.0/24, 120.27.53.0/24, 10.31.69.0/24, 10.144.88.0/24, 10.144.153.0/24, 10.161.39.0/24, 10.161.59.0/24, 10.252.29.0/24, and 100.104.72.0/24 100.104.72.0/24
China (Beijing) 112.126.80.0/24, 112.126.87.0/24, 112.126.91.0/24, 112.126.92.0/24, 123.56.108.0/24, 123.56.120.0/24, 123.56.137.0/24, 123.56.148.0/24, 123.56.164.0/24, 123.57.48.0/24, 182.92.153.0/24, 182.92.186.0/24, 101.200.174.0/24, 101.200.160.0/24, 101.200.176.0/24, 47.94.36.0/24, 47.94.47.0/24, 101.201.214.0/24, 101.201.82.0/24, 123.56.182.0/24, 101.201.105.0/24, 182.92.132.0/24, 60.205.157.0/24, 101.201.107.0/24, 60.205.164.0/24, 60.205.165.0/24, 59.110.4.0/24, 59.110.17.0/24, 123.56.186.0/24, 60.205.146.0/24, 59.110.37.0/24, 59.110.19.0/24, 60.205.112.0/24, 60.205.243.0/24, 101.201.108.0/24, 59.110.38.0/24, 60.205.197.0/24, 60.205.166.0/24, 101.200.194.0/24, 101.200.182.0/24, 123.57.204.0/24, 101.200.235.0/24, 123.57.206.0/24, 123.57.65.0/24, 47.94.167.117/32, 182.92.157.129/32, 101.200.39.123/32, 101.200.192.4/32, 101.200.213.59/32, and 39.105.58.165/32 100.104.183.0/24, and 100.104.236.128/26
China (Zhangjiakou-Beijing Winter Olympics) 47.92.22.0/24, 11.192.243.0/24, 100.104.175.0/24, and 11.112.227.0/24 100.104.175.0/24
China (Hohhot) 100.104.72.0/24, 39.104.29.0/24, and 11.193.183.0/24 100.104.72.0/24
China (Shenzhen) 112.74.0.0/16, 120.24.0.0/16, 120.25.0.0/16, 120.78.6.0/24, 120.78.5.0/24, 47.115.165.0/24, 47.115.166.0/24, 47.115.162.0/24, 47.115.161.0/24, 120.24.65.0/24, 120.24.67.0/24, 120.24.160.0/24, 120.25.215.0/24, 120.24.214.0/24, and 120.24.223.0/24 100.104.205.0/24
China (Hong Kong) 203.88.163.0/24, 47.90.37.0/24, 47.90.38.0/24, 47.89.39.0/24, 10.26.5.0/24, 10.47.47.0/24, 10.175.251.0/24, 10.175.254.0/24, 10.175.255.0/24, 100.104.233.0/24, 47.52.111.0/24, 47.52.25.202/32, 47.91.228.249/32, 47.52.166.98/32, 10.28.201.197/32, 10.28.185.63/32, and 10.28.201.14/32 100.104.233.0/24
Singapore (Singapore) 47.88.133.0/24, 47.88.139.0/24, 100.107.4.0/24, 10.45.241.0/24, 10.45.244.0/24, 10.45.245.0/24, and 100.104.188.0/24 100.104.188.0/24
Australia (Sydney) 47.91.49.0/24 and 47.91.50.0/24 100.104.233.0/24
Malaysia (Kuala Lumpur) 47.254.212.0/24 100.104.5.0/24
Indonesia (Jakarta) 149.129.228.0/24 100.104.175.0/24
India (Mumbai) 149.129.164.0/24 100.104.8.0/24
Japan (Tokyo) 47.91.9.0/24 and 47.91.13.0/24 100.104.112.0/24
US (Silicon Valley) 98.11.174.0/24, 198.11.175.0/24, 10.172.115.0/24, 10.172.117.0/24, 10.172.119.0/24, 100.104.175.0/24, and 47.89.244.175/32 100.104.175.0/24
US (Virginia) 100.104.233.0/24, 10.152.235.0/24, and 47.89.170.0/24 100.104.233.0/24
Germany (Frankfurt) 47.91.82.0/24, 47.91.83.0/24, 47.91.84.0/24, 11.192.168.0/24, 11.192.169.0/24, 11.192.170.0/24, and 100.104.5.0/24 100.104.5.0/24
UK (London) 8.208.17.0/24 100.104.133.64/26
UAE (Dubai) 47.91.102.0/24 and 47.91.103.0/24 100.104.205.0/24

Data synchronization

If you select User-Created Database Connected Over Express Connect, VPN Gateway, or Smart Access Gateway as the source database type when configuring data synchronization, you must modify the database security settings as follows:
  • If you want to allow DTS to access the source database, you must modify the security settings of the source database. You must add the CIDR blocks of DTS servers in the regions where the source and destination databases are deployed to the security settings of the source database.

    For example, the source database is deployed in the China (Shenzhen) region and the destination database is deployed in the China (Hangzhou) region. In this case, you must add the CIDR blocks of DTS servers in both regions to the security settings of the source database.

  • If you want to allow DTS to access the destination database, you must modify the security settings of the destination database. You must add the CIDR blocks of DTS servers in the region where the destination database is deployed to the security settings of the destination database.

    For example, the source database is deployed in the China (Shenzhen) region and the destination database is deployed in the China (Hangzhou) region. In this case, you must add the CIDR blocks of DTS servers in the China (Hangzhou) region to the security settings of the destination database.

Table 2. CIDR blocks of DTS servers in different regions
Region CIDR blocks to be added when an on-premises database connects to Alibaba Cloud over Express Connect, VPN Gateway, or Smart Access Gateway
China (Hangzhou) 100.104.52.0/24, and 100.104.61.128/26
China (Shanghai) 100.104.205.0/24
China (Qingdao) 100.104.72.0/24
China (Beijing) 100.104.183.0/24, and 100.104.236.128/26
China (Zhangjiakou-Beijing Winter Olympics) 100.104.175.0/24
China (Hohhot) 100.104.72.0/24
China (Shenzhen) 100.104.205.0/24
China (Hong Kong) 100.104.233.0/24
Singapore (Singapore) 100.104.188.0/24
Australia (Sydney) 100.104.233.0/24
Malaysia (Kuala Lumpur) 100.104.5.0/24
Indonesia (Jakarta) 100.104.175.0/24
India (Mumbai) 100.104.8.0/24
Japan (Tokyo) 100.104.112.0/24
US (Silicon Valley) 100.104.175.0/24
US (Virginia) 100.104.233.0/24
Germany (Frankfurt) 100.104.5.0/24
UK (London) 100.104.133.64/26
UAE (Dubai) 100.104.205.0/24

Related topics