If you use a server in your data center as the origin server and use Anti-DDoS Pro or Anti-DDoS Premium to protect your service, requests are first scrubbed by Anti-DDoS Pro or Anti-DDoS Premium and then forwarded to the origin server. The origin server cannot directly obtain the actual source IP addresses of the requests. This topic describes how to configure the TOA module on the origin server to obtain the actual source IP addresses.
Scenario
Scenario | Description | Whether actual source IP addresses can be obtained |
---|---|---|
Anti-DDoS Pro or Anti-DDoS Premium - Layer 7 SLB instance - Server in your data center | The origin server is deployed in your data center. Requests are first scrubbed by Anti-DDoS Pro or Anti-DDoS Premium. Then, a Layer 7 SLB instance forwards the requests to the origin server that is deployed in your data center. | Yes |
Anti-DDoS Pro or Anti-DDoS Premium - Layer 4 instance SLB - Server in your data center | The origin server is deployed in your data center. Requests are first scrubbed by Anti-DDoS Pro or Anti-DDoS Premium. Then, a Layer 4 SLB instance forwards the requests to the origin server that is deployed in your data center. | No |
Anti-DDoS Pro or Anti-DDoS Premium - Server in your data center | The origin server is deployed in your data center. Requests are first scrubbed by Anti-DDoS Pro or Anti-DDoS Premium and then forwarded to the origin server that is deployed in your data center. | Yes |
Applicable operating systems
- Red Hat Enterprise Linux
- CentOS 6.x
- CentOS 7.x
Procedure
Before you perform the following steps, take note of the following items:
- Before you use the method in a production environment, you can use the method in a test environment to check whether your service runs as expected.
- We recommend that you keep the original kernel of the operating system. This way, you can use the original kernel to restore your service if a restart fails.
References
- If I use the TOA module, does network performance deteriorate?
No, the network performance does not deteriorate. The TOA module is deployed in bypass mode and has little impact on network performance.
- What do I do if the kernel is unstable after the TOA module is loaded?
We recommend that you keep the original kernel of the operating system. This way, you can use the original kernel to restore your service if a restart fails.