All Products
Search

This Product

    Alibaba Cloud DNS:Use CDN with GTM for access security and high availability

    Document Center

    Alibaba Cloud DNS:Use CDN with GTM for access security and high availability

    Last Updated:Dec 16, 2025

    Use case

    Customers in industries such as web hosting, gaming, video, and live streaming often use Alibaba Cloud CDN to accelerate their applications and provide users with low-latency access to origin content. These customers also require high service availability. If you have multiple origin servers, you can use Global Traffic Manager (GTM) to monitor multiple origin IP addresses, promptly isolate faulty addresses, and ensure business continuity.

    Architecture

    Many business scenarios require both domain acceleration and high origin server availability. For scenarios that combine CDN acceleration with GTM for origin IP address failover, configure the services in serial.

    image

    Prerequisites

    • The domain name cloud-example.com uses Alibaba Cloud DNS. The service domain name is www.cloud-example.com.

      Note

      If your service domain name does not use Alibaba Cloud DNS, you can still use GTM. Add a CNAME record at your current DNS provider that points to the GTM access domain name.

    • You have purchased a GTM instance, for example, gtm-cn-vkl3pob**0a. If you have not, purchase an instance.

    • The expected outcome is as follows: When all origin servers are healthy, CDN performs origin fetch from origin server 1. If origin server 1 becomes unhealthy, CDN performs origin fetch from origin server 2. If both origin servers 1 and 2 are unhealthy, CDN performs origin fetch from origin server 3. When origin server 1 recovers, CDN resumes origin fetch from origin server 1.

    Procedure

    Step 1: Configure GTM

    1. Go to the Alibaba Cloud DNS console - Global Traffic Manager.

    2. On the Access Domain tab, click Create Access Domain.

    3. Select Custom Scenario from the Select Scenario dialog box.

    4. On the Create Access Domain page, click the access domain name icon to complete the basic configuration. In this example, the access domain name is set to gtm.cloud-example.com. For more information, see Configure an access domain name.

    5. On the Create Access Domain page, click the address pool icon to configure the address pool and add addresses. For more information, see Configure an address pool.

      Note

      This example uses Ping for health checks. For more information, see Health check templates.

    6. On the Create Access Domain page, configure the load balancing policy for addresses and the load balancing policy for address pools. For this example, set them to Preemptive Mode of Global Availability and Round Robin, respectively.image

      Important

      This example demonstrates how to configure the access domain. If you see red or orange alerts in your configuration, check the health status of the addresses.

    7. Configure alert monitoring for the instance. For more information, see Configure alerts.

    8. On the Access Domain page, click the icon for the access domain name and select Enable.image

    9. On the Confirm Access Domain Enabling page, verify the access domain name and click Enable.

      Important

      • If a record with the same name and type exists in Alibaba Cloud DNS for authoritative DNS resolution, the system prioritizes the GTM policy for DNS queries of that record type. This enables intelligent scheduling and resolution for advanced features such as load balancing and failover.

      • If you disable or delete the GTM instance, the domain name is resolved by Alibaba Cloud DNS for authoritative DNS resolution.

    Step 2: Configure CDN

    1. Log on to the Alibaba Cloud CDN console.

    2. In the navigation pane on the left, choose Domain Names, and then click Add Domain Name. For Acceleration Domain Name, enter the service domain name www.cloud-example.com. For Origin Information, select Origin Domain and enter the GTM access domain name gtm.cloud-example.com. For more information, see Add an accelerated domain name.

    Step 3: Add the service domain name to CDN

    1. In Alibaba Cloud DNS - Public Zone, configure a CNAME record to point the service domain name www.cloud-example.com to the CNAME for the accelerated domain name, www.cloud-example.com.w.cdngslb.com. For more information, see Configure a CNAME record.

    2. After the configuration is complete, the CNAME Status of the domain name on the Domain Names page in the Alibaba Cloud CDN console changes to Configured.image

    Important

    Do not use GTM if your service domain name uses multiple third-party CDN providers and you want to configure failover for the CNAMEs assigned by the CDN providers. Using GTM in this scenario requires you to add the CNAMEs to a GTM address pool. However, this method does not provide optimal health checks and failover. A CDN typically has a vast number of nodes. GTM has a limited number of monitoring nodes for health checks, and it cannot obtain an accurate health status of the CDN service to perform failover.