Before you connect to a database instance from Data Management (DMS), you must add the IP addresses and CIDR blocks of DMS to the IP address whitelist of the database instance.
You can use the following methods to add the IP addresses and CIDR blocks of DMS to the IP address whitelist of a database instance:
Method 1: Add the IP addresses and CIDR blocks to the whitelist in the DMS console. For more information, see Automatically add the IP addresses and CIDR blocks of DMS to the IP address whitelist of a database instance.
Method 2: Add the IP addresses and CIDR blocks to the whitelist after you log on to the required database instance. For more information, see Manually add the IP addresses and CIDR blocks of DMS to the IP address whitelist of a database instance. For more information about the IP addresses and CIDR blocks of DMS in different regions, see DMS IP addresses and CIDR blocks.
After the IP addresses and CIDR blocks of DMS for the specified region are added to the IP address whitelist of a database instance, you may still fail to connect to the database instance from DMS. For more information about how to troubleshoot the issue, see Fail to connect to a database instance from DMS.
Automatically add the IP addresses and CIDR blocks of DMS to the IP address whitelist of a database instance
The IP addresses and CIDR blocks of DMS can be automatically added to the IP address whitelist only for an ApsaraDB instance.
When you log on to an ApsaraDB instance in DMS for the first time, DMS prompts you to add its own IP addresses and CIDR blocks for the specified region to the IP address whitelist of the ApsaraDB instance. In this case, you can click Configure Whitelist in the message that appears. Then, DMS automatically adds its own IP addresses and CIDR blocks to the whitelist. After that, the connection between the ApsaraDB instance and DMS is established. For more information, see Register an ApsaraDB instance.
If you are a database administrator (DBA) or a DMS administrator, you can also perform the following steps to configure an IP address whitelist:
- Log on to the DMS console V5.0.
In the top navigation bar, click .
On the Instance List tab of the Instances page, select one or more ApsaraDB instances for which you want to configure an IP address whitelist and click Configure Whitelist in the upper part of the tab.
In the message that appears, click OK. The IP addresses and CIDR blocks of DMS are automatically added to the IP address whitelists of the selected ApsaraDB instances.
Manually add the IP addresses and CIDR blocks of DMS to the IP address whitelist of a database instance
Log on to the required database instance. Then, manually add the IP addresses and CIDR blocks of DMS to the IP address whitelist of the database instance. For more information about the IP addresses and CIDR blocks of DMS in different regions, see the IP addresses and CIDR blocks table in this topic.
For example, you can manually add the IP addresses and CIDR blocks of DMS to the IP address whitelist of an ApsaraDB RDS for MySQL instance. For more information, see Configure an IP address whitelist for an ApsaraDB RDS for MySQL instance.
DMS IP addresses and CIDR blocks
When you add the IP addresses and CIDR blocks of DMS to the IP address whitelist of a database instance, we recommend that you add all the IP addresses and CIDR blocks of DMS for the specified region to the whitelist.
You can add the public IP addresses of DMS. However, this may impose security risks. Proceed with caution.
We recommend that you increase the security of your account and limit the ports for inbound traffic. You can also connect to the database instance over Express Connect, VPN Gateway, or Smart Access Gateway.
Region | Self-managed databases on ECS instances, ApsaraDB instances, and on-premises databases accessible from Express Connect circuits, all in VPCs | Self-managed databases on ECS instances and ApsaraDB instances, both on the classic network | Databases accessible over the Internet |
China (Hangzhou) | 100.104.175.0/24,100.104.201.0/26,100.104.52.0/24,100.104.61.128/26,100.104.244.64/26,100.104.216.192/26,100.104.85.0/26 | 11.193.54.0/24,10.143.32.0/24,10.143.34.0/24,10.137.42.0/24,10.152.29.0/24,10.6.226.32,10.6.226.33,10.187.128.215,10.187.128.216 | 8.136.163.64/27,118.31.243.0/26,118.31.243.64/26,118.31.243.128/26,118.31.243.192/26 |
China (Shanghai) | 100.104.5.0/24,100.104.205.0/24,100.104.226.128/26,100.104.149.64/26 | 10.152.163.0/24,10.137.42.0/24,11.154.24.173 | 139.224.4.85,139.224.4.79,101.133.205.192/26,47.102.181.128/26,47.102.181.192/26,47.102.234.0/26,47.102.234.64/26 |
China (Nanjing) | 100.104.182.128/26 | 11.193.54.0/24,10.143.32.0/24,10.143.34.0/24,10.137.42.0/24,10.152.29.0/24,10.6.226.32,10.6.226.33,10.187.128.215,10.187.128.216 | 8.136.163.64/27,118.31.243.0/26,118.31.243.64/26,118.31.243.128/26,118.31.243.192/26 |
China (Qingdao) | 100.104.188.0/24,100.104.72.0/24,100.104.35.192/26 | 10.151.203.0/24,10.137.42.0/24,10.245.213.244 | 114.215.161.28,114.215.161.36,118.190.207.194,118.190.207.25,120.27.72.0/26,120.27.72.64/26,120.27.72.128/26,120.27.72.192/26 |
China (Beijing) | 100.104.72.0/24,100.104.183.0/24,100.104.236.128/26,100.104.128.192/26,100.104.227.192/26 | 11.192.101.0/24,10.137.42.0/24,11.115.125.224 | 60.205.89.31,60.205.89.21,8.131.132.0/26,39.107.7.0/26,39.107.7.64/26,182.92.32.128/26,182.92.32.192/26 |
China (Zhangjiakou) | 100.104.205.0/24,100.104.175.0/24 | 11.192.243.0/24,11.193.233.87 | 47.92.22.68,39.101.252.128/26,47.92.185.0/26,47.92.185.64/26,47.92.185.128/26,47.92.185.192/26 |
China (Hohhot) | 100.104.205.0/24,100.104.72.0/24 | 11.193.183.0/24,11.197.113.225 | 39.104.29.35,39.104.78.173,39.104.79.122,39.104.86.0,39.104.62.152,39.104.72.87,39.99.77.0/26,39.99.77.64/26,39.99.77.128/26,39.104.220.192/26 |
China (Ulanqab) | 100.104.10.192/26 | 10.152.29.0/24 | 8.136.163.64/27,118.31.243.0/26,118.31.243.64/26,118.31.243.128/26,118.31.243.192/26 |
China (Chengdu) | 100.104.5.0/26 | 11.195.52.68/24,11.119.156.53 | 47.108.22.35,47.109.5.0/26,47.108.45.128/26,47.108.45.192/26,47.108.47.0/26,47.108.47.64/26 |
China (Shenzhen) | 100.104.5.0/24,100.104.75.64/26,100.104.235.192/26,100.104.205.0/24,100.104.41.64/26 | 10.152.27.0/24,10.137.42.0/24,10.245.164.219 | 120.76.91.7,120.76.91.29,47.113.76.192/26,47.112.83.192/26,47.112.84.0/26,47.112.84.64/26,47.112.84.128/26 |
China (Heyuan) | 100.104.96.64/26 | 11.118.24.0/24,10.137.42.0/24,10.152.29.0/24 | 8.136.163.64/27,118.31.243.0/26,118.31.243.64/26,118.31.243.128/26,118.31.243.192/26 |
China (Guangzhou) | 100.104.248.128/26 | 10.137.42.0/24,10.152.29.0/24,10.58.93.2 | 8.134.79.141,8.134.79.143,8.134.0.64/26,8.134.0.128/26,8.134.0.192/26,8.134.5.0/26 |
China (Hong Kong) | 100.104.205.0/24,100.104.233.0/24,100.104.177.192/26,100.104.158.192/26 | 10.152.161.0/24,10.137.42.0/24,10.254.102.13 | 47.89.61.33,47.89.61.59,47.243.0.32/28,47.56.45.128/26,47.56.45.192/26,47.90.24.0/26,47.90.24.64/26 |
Singapore (Singapore) | 100.104.205.0/24,100.104.188.0/24,100.104.207.128/26,100.104.179.64/26,100.104.12.0/26 | 10.152.166.0/24,10.137.42.0/24,10.88.51.209 | 47.88.147.36,47.88.147.22,161.117.172.0/28,161.117.146.128/26,161.117.146.192/26,161.117.164.0/26,161.117.164.64/26 |
Australia (Sydney) | 100.104.5.0/24,100.104.233.0/24,100.104.3.128/26 | 11.192.100.0/24,11.195.117.227 | 47.91.49.175,47.91.49.169,47.252.149.128/26,47.252.149.192/26,47.252.150.0/26,47.252.150.64/26 |
Malaysia (Kuala Lumpur) | 100.104.175.0/24,100.104.5.0/24 | 11.193.189.0/24,11.196.42.179 | 47.254.212.25,47.250.34.128/28,47.250.30.0/26,47.250.30.64/26,47.250.30.128/26,47.250.30.192/26 |
Indonesia (Jakarta) | 100.104.5.0/24,100.104.35.192/26,100.104.175.0/24 | 11.194.48.0/22,11.59.138.151 | 149.129.228.88,147.139.165.206,147.139.133.46,147.139.179.168,147.139.132.101,147.139.156.0/26,147.139.156.64/26,147.139.156.128/26,149.129.230.192/26 |
India (Mumbai) | 100.104.205.0/24,100.104.8.0/24,100.104.127.0/26 | 11.194.10.0/24,11.59.130.96 | 149.129.164.77,147.139.26.0/28,147.139.23.0/26,147.139.23.64/26,147.139.23.128/26,149.129.165.192/26 |
Japan (Tokyo) | 100.104.205.0/24,100.104.112.0/24,100.104.117.192/26,100.104.112.0/24,100.104.117.192/26 | 11.192.147.0/24,11.192.148.0/24,11.192.149.0/24 | 47.91.13.31,47.91.13.77,8.209.192.160/28,47.91.0.128/26,47.91.0.192/26,47.245.51.128/26,47.245.51.192/26 |
US (Silicon Valley) | 100.104.205.0/24,100.104.48.128/26,100.104.175.0/24 | 10.152.31.0/24,10.137.42.0/24,10.60.82.16 | 47.89.224.28,47.89.224.56,47.88.1.17,47.88.6.196,47.88.10.217,47.88.15.174,47.88.98.0/26,47.88.98.64/26,47.88.98.128/26,47.88.98.192/26 |
US (Virginia) | 100.104.205.0/24,100.104.233.0/24,100.104.240.128/26 | 10.152.235.0/24,10.137.42.0/24,11.194.67.243 | 47.88.98.24,47.88.98.20,47.253.64.0/28,47.252.71.128/26,47.252.71.192/26,47.252.90.0/26,47.252.90.64/26 |
UK (London) | 100.104.5.0/24,100.104.133.64/26,100.104.207.128/26 | 11.199.93.0/24,11.199.225.130 | 8.208.17.76,8.208.75.64/28,8.208.73.0/26,8.208.73.64/26,8.208.73.128/26,8.208.73.192/26 |
Germany (Frankfurt) | 100.104.233.0/24,100.104.5.0/24,100.104.193.128/26 | 11.192.169.0/24,11.192.170.0/24,11.194.56.218 | 47.91.83.56,47.91.83.15,47.245.155.0/28,8.209.86.0/26,47.254.165.64/26,47.254.165.128/26,47.254.165.192/26 |
UAE (Dubai) | 100.104.5.0/24,100.104.205.0/24 | 11.192.189.0/24,11.192.190.0/24,11.192.191.0/24 | 47.91.102.19,47.91.103.51 |
Philippines (Manila) | 100.104.36.0/26 | 10.43.148.217,10.43.148.218 | 8.212.136.64/26,8.212.136.128/26,8.212.136.192/26,8.212.137.0/26 |
Thailand (Bangkok) | 100.104.106.192/26 | 10.186.15.148,10.186.15.149 | 8.213.162.64/26,8.213.162.128/26,8.213.162.192/26,8.213.163.0/26 |
SAU (Riyadh) | 100.104.12.0/26 | 10.187.119.182,10.187.119.183,10.187.115.137 | 8.213.0.128/26,8.213.0.192/26,8.213.5.0/26,8.213.5.64/26,8.213.16.59,8.213.16.91,8.213.16.111,8.213.16.17,8.213.16.123,8.213.6.0/26,8.213.6.64/26,8.213.6.128/26,8.213.6.192/26 |
China North 2 Finance (Preview) | 100.104.144.0/26 | 10.254.13.200,10.254.13.201,10.254.22.182 | 39.107.7.0/26,39.107.7.64/26,182.92.32.128/26,182.92.32.192/26,47.92.185.0/26,47.92.185.64/26,47.92.185.128/26,47.92.185.192/26 |
China East 1 Finance | 100.104.175.0/24,100.104.52.0/24,100.104.216.192/26 | 11.193.54.0/24,10.143.32.0/24,10.143.34.0/24,10.137.42.0/24,10.152.29.0/24 | 116.62.251.150,47.96.59.4,47.96.58.245,116.62.250.113,116.62.249.73,118.31.243.0/26,118.31.243.64/26,118.31.243.128/26,118.31.243.192/26 |
Alibaba Finance Cloud region for Haidian District | 100.104.5.0/24 | 10.152.29.0/24 | 8.136.163.64/27,118.31.243.0/26,118.31.243.64/26,118.31.243.128/26,118.31.243.192/26 |
China East 2 Finance | 100.104.72.0/24,100.104.175.0/24 | 10.152.163.0/24,10.137.42.0/24,10.152.29.0/24,10.254.213.170 | 139.224.122.227,139.224.123.13,139.224.124.107,139.224.123.165,47.102.181.128/26,47.102.181.192/26,47.102.234.0/26,47.102.234.64/26,47.103.170.128/26,47.103.170.192/26,47.103.171.0/26,47.103.171.64/26 |
China South 1 Finance | 100.104.205.0/24,100.104.72.0/24 | 10.152.27.0/24,10.137.42.0/24,10.152.29.0/24 | 8.136.163.64/27,118.31.243.0/26,118.31.243.64/26,118.31.243.128/26,118.31.243.192/26 |
Fail to connect to a database instance from DMS
After the IP addresses and CIDR blocks of DMS for the specified region are added to the IP address whitelist of a database instance, you may still fail to connect to the database instance from DMS. In this case, troubleshoot the issue by performing the following operations:
Try again later because the whitelist may take time to become effective.
If you access the database instance over the Internet, add the IP addresses and CIDR blocks of DMS for the China (Hangzhou) region to the IP address whitelist of the database instance. Then, try to connect to the database instance again.
In the Add Instance or Edit dialog box, check the connection information such as the port number.