After you purchase an on-demand Anti-DDoS Origin instance, you can manually enable
traffic rerouting to the instance if DDoS attacks are detected on a server in a data
center. Then, traffic is rerouted to the traffic scrubbing centers of Alibaba Cloud
around the world for traffic scrubbing. After the attacks stop, you can manually disable
traffic rerouting to the on-demand instance to prevent a latency increase for your
services. This topic describes how to enable and disable traffic rerouting to an on-demand
instance for a server in a data center.
Scenarios
You can use on-demand instances to protect servers in data centers outside the Chinese
mainland without the need to change IP addresses and network architecture for your
services.
Prerequisites
An on-demand Anti-DDoS Origin instance is purchased.
Note On-demand instances protect servers in data centers outside the Chinese mainland and
protect cloud assets based on CIDR blocks. You must contact sales personnel to purchase
on-demand instances.
Procedure
- Log on to the Traffic Security console.
- In the left-side navigation pane, click Assets.
- In the top navigation bar, select the region of your asset.
- On the Assets page, click the Others tab.
The Others tab lists the IP addresses of the on-demand Anti-DDoS Origin instances that you have
purchased in the current region. If you have purchased on-demand instances in other
regions or have not purchased on-demand instances, no data is displayed on the Others tab.
- Find the on-demand instance for which you want to enable traffic rerouting and click
Start Redirection in the Operation column. In the message that appears, click OK.
After you enable traffic rerouting to the on-demand instance, the instance enters
the
Redirecting state. This indicates that the system is rerouting the traffic destined for protected
assets to mitigate DDoS attacks.
If you want to stop traffic rerouting to the on-demand instance, click Pause Redirection in the Operation column.
Note After you click Pause Redirection, the system no longer reroutes the traffic destined
for protected assets to your on-demand instance and does not mitigate DDoS attacks
for your assets.
What to do next
You can also enable the Automatic (NetFlow) mode to automatically reroute traffic
to an on-demand instance. You can enable or disable traffic rerouting to an on-demand
instance based on the NetFlow information about your servers in data centers and rules
that you specified. For more information about how to enable the Automatic (NetFlow)
mode, see Enable the Automatic (NetFlow) mode.