All Products
Search
Document Center

Global Accelerator:Instance diagnosis

Last Updated:Apr 01, 2026

When a Global Accelerator (GA) instance experiences access failures, performance degradation, or configuration errors, instance diagnosis helps you identify the root cause without manually inspecting each component. It checks your instance across six categories — configurations, running status, resource limits, certificates, security policies, payment status, and service access — and surfaces actionable suggestions when exceptions are detected. You can also view previous diagnostic results.

Instance diagnosis is supported only on standard GA instances. Basic GA instances do not support this feature.

Prerequisites

Before you begin, ensure that you have:

Run a diagnosis

  1. Log on to the GA console.

  2. On the Instances page, find the instance you want to diagnose and click Diagnose in the Monitor/Diagnostics column.

  3. In the Instance Diagnostics panel, view the progress, summary, and details of the diagnostic task.

    • If an exception is detected, the affected diagnostic item appears in the panel. Click the item to view details.

    • To see all supported diagnostic items regardless of status, go to the Diagnostic Items section and select Show All Diagnostic Items. Expand each item to view details.

  4. (Optional) Click Go to the NIS console to view diagnostic records to open the NIS console Overview page, where you can review the full diagnostic history and additional context.

Diagnostic items and details

The following table describes all diagnostic items supported by standard GA instances.

CategoryDiagnostic itemWhat it checksUse this to
Configuration diagnosticsCheck Instance StatusWhether the service status of the GA instance is normalConfirm the instance itself is healthy before investigating other issues
Configuration IntegrityWhether the acceleration configurations of the GA instance are completeIdentify missing configurations — such as listeners or endpoint groups — that prevent traffic from flowing
Configuration CorrectnessWhether the configurations of the GA instance are validCatch misconfigured settings that cause routing failures even when the configuration appears complete
Access ControlWhether network access control lists (ACLs) are configured as whitelists or blacklists for the instanceVerify that ACL rules are not accidentally blocking legitimate traffic. For details, see Enable access control for GA listeners
Quota limit diagnosticsHigh Bandwidth Usage of Acceleration IPInbound and outbound bandwidth utilization of accelerated IP addressesDetect whether an accelerated IP is approaching its bandwidth cap, which can degrade throughput for all users sharing that IP. View the risk level for each risk reported in the console
Packet Loss Rate Due to Throttling on Acceleration IPPacket loss on accelerated IP addresses and the calculated packet loss rateConfirm whether bandwidth throttling is causing packet loss on an accelerated IP. If this item and High Bandwidth Usage of Acceleration IP both report high risk for the same IP, throttling is actively causing packet loss — consider upgrading your bandwidth plan
High Bandwidth Usage of Endpoint GroupInbound and outbound bandwidth usage of endpoint group IP addressesIdentify endpoint groups that are saturating their allocated bandwidth, which affects all backends in the group
Packet Loss Rate Due to Throttling on Endpoint GroupPacket loss on endpoint group IP addresses and the calculated packet loss rateDetermine whether packet loss at the endpoint group level is caused by throttling. If this item and High Bandwidth Usage of Endpoint Group both report high risk for the same endpoint group, consider increasing capacity
Bandwidth Usage Check for Inter-region ConnectionBandwidth usage of inter-region connectionsMonitor whether cross-region links are approaching saturation, which affects latency and throughput across acceleration regions
Packet Loss Check for Inter-region ConnectionPacket loss on inter-region connections and the calculated packet loss rateIdentify network instability on inter-region links that could explain access failures in specific acceleration regions
Certificate diagnosticsCertification ExpirationWhether certificates for HTTPS listeners expire within 60 daysGet advance warning of certificate expiry before it causes HTTPS connection failures. For details, see Associate and manage certificates
Security policy diagnosticsAnti-DDoS Origin Basic StatusWhether accelerated IP addresses are protected by Anti-DDoS Origin Basic, and whether traffic scrubbing or blackholing is triggeredIdentify whether a DDoS mitigation response — scrubbing or blackholing — is causing traffic drops on an accelerated IP
Interception by Cloud FirewallWhether network activities related to accelerated IP addresses are protected by Cloud FirewallDetermine whether Cloud Firewall policies are blocking traffic that should reach your endpoints
Penalty for Security ControlWhether network activities related to accelerated IP addresses are punished by Security Control of Alibaba Cloud SecurityCheck whether a security penalty is restricting traffic on your accelerated IPs
Suspension for Security ReasonsWhether accelerated IP addresses are suspended due to security risksQuickly confirm whether an IP suspension is the root cause of a sudden access failure
Cost diagnosticsAlerts for Overdue PaymentsWhether the GA instance or bandwidth plans have overdue paymentsCatch payment issues before they trigger service suspension
Alerts for ExpirationWhether the GA instance expires within seven daysPlan renewals in advance to avoid unexpected service interruptions
Access diagnosticsHealth Check StatusThe health status of endpointsIdentify which endpoints are unhealthy and causing traffic to fail over or drop. For details, see Enable and manage health checks
Access ErrorsWhether the backend service returns timeout errors or error codesPinpoint whether access failures originate at the backend rather than in the network or GA configuration
Traffic CheckWhether traffic is flowing from the Internet to the GA instance, based on access logs from the acceleration regionVerify end-to-end traffic arrival. If no inbound traffic is detected, the check indicates an access failure at the entry point. For details, see Work with access logs

What's next

For more information about NIS diagnostics and how to review historical diagnostic records, see Work with instance diagnostics.