To use Alibaba Cloud Dynamic Content Delivery Network (DCDN) to accelerate content delivery for a website, you need to add the domain name of the website to DCDN. Then, DCDN pushes the configurations of the domain name to all DCDN points of presence (POPs). This process does not affect the availability or performance of your business.
- A domain name that you want to accelerate and its origin server are available. Note
- If the acceleration region is Chinese Mainland Only or Global, you must apply for an Internet Content Provider (ICP) number for the domain name. If you do not have an ICP number, you can perform ICP filing by using the Alibaba Cloud ICP Filing system.
- If you want to accelerate content delivery in the Chinese mainland, you need to complete real-name verification.
- DCDN is activated. For more information, see Activate DCDN.
Configure basic information
- Log on to the DCDN console.
- On the Domain Names page, click Add Domain Name to configure basic information. Note When you add a domain name to DCDN for the first time, you need to verify the ownership of the root domain. For more information about the root domain, see Add a CNAME record for a domain name. For more information about ownership verification, see Verify domain ownership. If you have already verified your domain, skip this step.
Parameter Description Domain Name to Accelerate
Domain name configuration rules (click Expand to view the details of each rule)
- Domain name type: Specify a domain name such as
example.aliyundoc.comor a wildcard domain name such as
- Domain name format: The domain name must be in lowercase letters. Chinese characters are not supported. Important
If the domain name contains Chinese characters, for example, 阿里云.网址, you must apply for an ICP number for the Chinese domain name and use the Punycode tool to convert the Chinese characters into English letters, such as xn--fiq****.xn--eq****. Then, specify the converted domain name as the domain name that you want to accelerate.
Requirements for wildcard domain names:
Dynamic Content Delivery Network (DCDN) supports wildcard domain names. For more information about the limits on wildcard domain names, see Does DCDN support wildcard domain names?
The wildcard domain name that you specify and the domain names that match the wildcard domain name must belong to the same Alibaba Cloud account. Otherwise, an error message appears when you add domain names.
If a wildcard domain name is not added to an Alibaba Cloud account, you are allowed to add the subdomains of the wildcard domain name to multiple Alibaba Cloud accounts.
Each wildcard domain name can match up to 500 specific domain names. If more than 500 specific domain names are matched, only the first 500 specific domain names can acquire the settings of the wildcard domain name. Other domain names cannot be accelerated by DCDN.Note
The first 500 specific domain names that match the wildcard domain name can be accelerated by DCDN.
You cannot add domain names that have been added to other Alibaba Cloud services. If the system prompts that the domain name is added to other Alibaba Cloud services such as ApsaraVideo VOD and Alibaba Cloud CDN, submit a ticket.
Each Alibaba Cloud account can add a maximum of 50 domain names to DCDN. If the average daily peak bandwidth of your domain names exceeds 50 Mbit/s, you can apply to add more domain names to DCDN. For more information, see Quota management.
The content that is delivered from the domain name must be legal and comply with the Terms of Service for DCDN. For more information, see Before you start.
Length: A domain name cannot exceed 67 characters in length.
ICP filing: If you set the acceleration region of a domain name to Global or Chinese Mainland Only, you need to apply for an ICP number for the domain name. We recommend that you use Alibaba Cloud ICP Filing System to apply for ICP numbers.
Domain name reclaiming: If your domain name remains disabled for 120 days, DCDN automatically deletes the configuration records that are related to the domain name. This rule also applies to domain names that fail ownership verification. If you want to continue using the domain name, you must add the domain name in the DCDN console again.
Domain name disabling: For more information, see Rules for disabling accelerated domain names.
Sandbox: If an accelerated domain name becomes the target of an attack, such as DDoS attack or HTTP flood attack, or faces significant increases in bandwidth or QPS due to traffic spikes that have not been reported to Alibaba Cloud, DCDN reserves the right to add the attacked domain name to a sandbox based on factors such as the service status of the domain name and the impact of the attack. This ensures that the acceleration services of other users can work as expected. For more information about sandboxes, see Introduction to sandboxes. If the attack is severe, other accelerated domain names in the same account are also added to the sandbox, and the addition of new domain names to the account is restricted.
Resource Group Select the default resource group or a custom resource group. For more information about how to create a resource group, see Create a resource group. Business Type
DCDN: You can use this feature to accelerate the delivery of dynamic and static content.
Acceleration Region Select an acceleration region. If you select Chinese Mainland Only or Global, you must apply for an ICP number for the domain name. We recommend that you apply for ICP numbers by using the Alibaba Cloud ICP Filing system. The Ministry of Industry and Information Technology (MIIT) may not immediately update the filing results to their database after you submit domain name information. We recommend that you configure the domain name 8 hours after you submit the domain name information.Note DCDN pricing varies based on the acceleration region. Select an acceleration region based on your business requirements. For more information, see DCDN pricing.
- Domain name type: Specify a domain name such as
- In the left-side navigation pane, click Domain Names.
Configure an origin server
After you configure the basic information, perform the following steps to configure the origin server:
- In the Origin Information section, click Add Origin Server.
- In the Add Origin Server dialog box, set the following parameters.
Parameter Description Type
Select the type of the origin server and enter the address of the origin server. The address of an origin server cannot exceed 67 characters in length. You can set up to 20 origin server addresses for each accelerated domain name.
If you use an Object Storage Service (OSS) bucket as the origin server, you can enter the public domain name of the OSS bucket, such as,
You can obtain the public domain name of an OSS bucket in the OSS console. You can also select the domain name of an OSS bucket that belongs to the current Alibaba Cloud account from the Domain Name drop-down list.
IP address: You can configure one or more IP addresses for an origin server. Internal IP addresses are not supported. IPv4 addresses and IPv6 addresses are supported. At least one of the IP addresses must be an IPv4 address. If you use a public IP address of an Alibaba Cloud Elastic Compute Service (ECS) instance as the address of the origin server, the IP address is exempt from manual review.
Origin domain name: You can configure one or more origin domain names.
Configuration rules for origin domains (click to expand rule details)
The origin domain cannot be the same as the accelerated domain name. Otherwise, a back-to-origin error occurs due to loop resolution.
The format of the origin domain name:
The domain name must be 1 to 67 characters in length,
and can contain lowercase letters, digits, and hyphens (-). Example: example.com.
The domain name cannot contain Chinese characters, uppercase letters, or special characters other than hyphens (-). The domain name cannot be only a hyphen (-). A hyphen (-) in a domain name cannot be followed by another hyphen (-). The domain name cannot start or end with a hyphen (-). If the domain name contains Chinese characters, such as 阿里云.网址, you must apply for an ICP number for the domain name in Chinese characters and use the Punycode tool to convert the Chinese characters into English letters, such as xn--fiq****.xn--eq****. Then, you can specify the converted domain name as the domain name that you want to accelerate.
You can add the domain name of an Alibaba Cloud Application Load Balancer (ALB) instance, such as
example.hangzhou.alb.aliyuncs.com, as the address of an origin server.
You can configure priorities to specify primary and secondary origin servers. The primary origin server has a higher priority than the secondary origin server. DCDN preferably redirects requests to the primary origin server. If a fault occurs on the primary origin server, requests are redirected to the secondary origin server. The priority ranges from 0 to 127. A smaller value indicates a higher priority. By default, the priority of the primary origin server is 20, and the priority of the secondary origin server is 30. If you want to specify other values, submit a ticket.
For example, you have specified two origin servers: Server A and Server B. Server A is the primary origin server and Server B is the secondary origin server. In this case, DCDN preferably redirects requests to Server A. If Origin Server A fails, Alibaba Cloud CDN redirects user requests to Origin Server B. After Origin Server A recovers, Alibaba Cloud CDN fails back to Origin Server A.
If origin servers have the same priority, DCDN redirects requests to the origin servers based on the weights of the origin servers. This way, loads are balanced among the origin servers. You can specify a weight based on your business requirements.
The weight of an origin server ranges from 1 to 100. An origin server that has a higher weight receives more requests.
Default value: 10.
For example, you specify Origin Server A and Origin Server B as primary origin servers. If the weight of Origin Server A is 80 and that of Origin Server B is 20, Alibaba Cloud CDN redirects 80% of requests to Origin Server A and 20% of requests to Origin Server B.Note By default, weight-based redirection takes effect only for static requests. To enable weight-based redirection for dynamic requests, you must enable load balancing. For more information, see Configure back-to-origin requests to retrieve dynamic content.
PortSelect a port based on the protocol that is supported by the origin server.
Note Before you can specify a custom port, you must set Static Origin Protocol Policy and Dynamic Origin Protocol Policy to HTTP after you add a domain name. For more information, see Configure the static origin protocol policy and Configure back-to-origin requests to retrieve dynamic content.
- Port 80: Requests are redirected to the origin server over port 80.
- Port 443: Requests are redirected to the origin server over port 443. Make sure that the origin server supports HTTPS.
- After you configure an origin server, click Next.
Complete domain name review
After the domain name passes the review, the status of the domain name changes to Enabled. This indicates that the domain name is added to DCDN.
Verify domain ownership
When you add a domain name to DCDN for the first time, you are required to verify the ownership of the domain name. After ownership of a domain has been verified, subdomains that belong to the verified domain do not require ownership verification when you add them to DCDN.
The domain name
image.example.com is used as an example to demonstrate how to verify the ownership of a domain name by adding a DNS record.
You can use any of the following methods to verify the ownership of a domain name:
Method 1: Use a DNS record (recommended)
- On the verification page, click the Method 1: DNS Settings tab. Important Do not close the verification page before the verification is complete.
- Add a TXT record to your DNS service provider.
The following example demonstrates how to add a TXT record. Alibaba Cloud DNS is used as the DNS service provider in this example. You can use similar methods to add TXT records to other DNS service providers, such as Tencent Cloud and Xinnet.
- Log on to the Alibaba Cloud DNS console.
- Navigate to the Manage DNS page, find the root domain name
example.com, and then click Configure in the Actions column.
- Click Add Record and enter the record type, host, and record value obtained in Step 1.
Enter the prefix of the domain name.
DNS Request Source
Select the Internet service provider (ISP) of the domain name.
Keep the default setting.
Enter the record value that is obtained in Step 1.
Enter a time-to-live (TTL) value for the record. A smaller value indicates that the record is updated quicker. The default TTL value is 10 minutes.
Keep the default setting.
- Click OK.
- After the TXT record takes effect, log on to the DCDN console. Click Verify to complete the verification.
If the domain name fails verification, check whether the TXT record is entered correctly. Wait for the TXT record to take effect and try again.
Sample success responses:
If you add a TXT record, it immediately takes effect. If you modify a TXT record, the time it takes for the updates to take effect is based on the TTL. The default TTL is 10 minutes.
If your Linux operating system does not have dig installed, you can run the
yum install bind-utilscommand to install dig.
D:\example>nslookup -qt=txt verification.example.com DNS request timed out. timeout was 2 seconds. Server: Unknown Address: 10.10.10.10 DNS request timed out. timeout was 2 seconds. Non-authoritative answer: verification.example.com text = "verify_293b6443326fbbc7ff5e61d7768f****"
[rot@example ~]# dig verification.example.com txt ; << > > DiG 9.11.26-RedHat-9.11.26-3.1.al8 << > > verification.example.com txt ;; global options: +cmd ;; Got answer: ;; - > >HEADER<<- opcode: QUERY, status: NOERROR, id: 63246 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ; COOKIE: 13561416e9b77d0701000000615fb0d7304d137ea064**** (good) ;; QUESTION SECTION: ;verification.example.com. IN TXT ;; ANSWER SECTION: verification.example.com. 600 IN TXT "verify_293b6443326fbbc7ff5e61d7768f****" ;; Query time: 152 msec ;; SERVER: 100.100.100.136#53(100.100.100.136) ;; WHEN: Fri Oct 08 10:45:43 CST 2021 ;; MSG SIZE rcvd: 143
Method 2: Upload a verification file
- On the verification page, click the Method 2: Verification File tab.
Do not close the verification page before the verification is complete.
verification.htmlto download the verification file of the domain name.
- Upload the verification file to the root directory on the origin server of the domain name. The origin server can be an Elastic Compute Service (ECS) instance, an Object Storage Service (OSS) bucket, a Cloud Virtual Machine (CVM) instance, a Container-Optimized OS (COS) instance, or an Elastic Compute Cloud (EC2) instance.
After you upload the verification file, DCDN attempts to access
http://example.com/verification.htmlto obtain the verification file and performs the verification. Make sure that the verification file is accessible until the verification is complete.
- Click Verify to complete the verification.
Method 3: Use API calls
- Use a DNS record to verify the ownership.
- Call the DescribeDcdnVerifyContent operation to obtain the DNS record for individual domain names.
- Add a TXT record to your DNS service provider. For more information, see Step 2 in Method 1.
- Call the VerifyDcdnDomainOwner operation to verify the ownership of individual domain names. Set VerifyType to dnsCheck.
- Call the AddDcdnDomain or BatchAddDcdnDomain operation to add one or more domain names to DCDN.
- Use a verification file to verify the ownership.
- Call the DescribeDcdnVerifyContent operation to obtain the DNS record for a domain name and prepare the verification file.
- Upload the verification file to the root directory on the origin server of the domain name. The origin server can be an ECS instance, an OSS bucket, a CVM instance, a COS instance, or an EC2 instance. For more information, see Step 3 in Method 2.
- Call the VerifyDcdnDomainOwner operation to verify the ownership of individual domain names. Set VerifyType to fileCheck.
- Call the AddDcdnDomain or BatchAddDcdnDomain operation to add one or more domain names to DCDN.
|Add domain names|
|Verify domain name ownership|
If you are new to DCDN, you may be interested in the following questions:
A: For security reasons, domain names can only be added to DCDN by their owners. This helps prevent domain name disputes and security issues that may arise.
A: Yes. Each Alibaba Cloud account is considered as an independent user. When you add a domain name to DCDN for the first time on an account, you must verify ownership of the domain on that account.
A: Yes. The DNS record or verification file is used only for ownership verification. After you complete the verification, you can delete the record or file.
A: No. For example, you have added the domain name example.aliyundoc.com to DCDN and the CNAME that is assigned to the domain name works as expected. In this case, you are deemed to own the domain name aliyundoc.com. When you add subdomains of aliyundoc.com, such as **.aliyundoc.com and ***.aliyundoc.com, ownership verification is not required.
A: Yes. You must first add a DNS record or upload a verification file to the root directory on the origin server of the domain name that you want to add. Then, call the AddDcdnDomain operation to add the domain name to DCDN.
A: You can activate Alibaba Cloud DCDN. For more information, see Activate DCDN.