After you purchase an on-demand Anti-DDoS Origin instance, you can manually enable traffic rerouting to the instance if DDoS attacks are detected on a server in a data center. Then, traffic is rerouted to the traffic scrubbing centers of Alibaba Cloud around the world for traffic scrubbing. After the attacks stop, you can manually disable traffic rerouting to the on-demand instance to prevent a latency increase for your services. This topic describes how to enable and disable traffic rerouting to an on-demand instance for a server in a data center.

Scenarios

You can use on-demand instances to protect servers in data centers outside the Chinese mainland without the need to change IP addresses and network architecture for your services.

Prerequisites

An on-demand Anti-DDoS Origin instance is purchased.
Note On-demand instances protect servers in data centers outside the Chinese mainland and protect cloud assets based on CIDR blocks. You must contact sales personnel to purchase on-demand instances.

Procedure

  1. Log on to the Traffic Security console.
  2. In the left-side navigation pane, click Assets.
  3. In the top navigation bar, select the region of your asset.
  4. On the Assets page, click the Others tab.
    The Others tab lists the IP addresses of the on-demand Anti-DDoS Origin instances that you have purchased in the current region. If you have purchased on-demand instances in other regions or have not purchased on-demand instances, no data is displayed on the Others tab.
  5. Find the on-demand instance for which you want to enable traffic rerouting and click Start Redirection in the Operation column. In the message that appears, click OK.
    After you enable traffic rerouting to the on-demand instance, the instance enters the Redirecting state. This indicates that the system is rerouting the traffic destined for protected assets to mitigate DDoS attacks.

    If you want to stop traffic rerouting to the on-demand instance, click Pause Redirection in the Operation column.

    Note After you click Pause Redirection, the system no longer reroutes the traffic destined for protected assets to your on-demand instance and does not mitigate DDoS attacks for your assets.

What to do next

You can also enable the Automatic (NetFlow) mode to automatically reroute traffic to an on-demand instance. You can enable or disable traffic rerouting to an on-demand instance based on the NetFlow information about your servers in data centers and rules that you specified. For more information about how to enable the Automatic (NetFlow) mode, see Enable the Automatic (NetFlow) mode.

Related operations