How Is CNAME-based Access Implemented?
What is a CNAME record?
A Canonical Name (CNAME) record is a type of DNS record that maps an alias name to a true or canonical domain name. A DNS A record maps a domain name to an IP address, whereas a CNAME record maps a domain name to another domain name (alias of that domain name). For example, CNAME ccd01c25c8535fa4.huaweisafedns.com is configured for domain name www.abc.com. When a user accesses www.abc.com, the DNS protocol automatically obtains its CNAME alias ccd01c25c8535fa4.huaweisafedns.com and uses the alias to obtain the real IP address.
What are the advantages of CNAME-based access?
- Easy to Use
You only need to modify the resolution configuration with the DNS service provider (for example, DNS on HUAWEI CLOUD).
The CNAME records generated in multiple lines for the same domain name are the same. You only need to configure one CNAME resolution record. Then AAD automatically configures the CNAME record for multiple high-defense IP addresses used by the domain name. When the high-defense IP address is changed, AAD updates CNAME mapping automatically, without requiring any manual DNS configuration modification.
- Excellent access performance
If multiple lines are configured for a domain name, AAD can schedule access traffic based on the traffic source and select the optimal line to ensure the best access performance.
- High reliability
You can select multiple lines for one domain name. If the high-defense IP address of a line encounters an exception, AAD automatically switches CNAME resolution to other available lines, ensuring service continuity.
What will I configure for CNAME-based access further if I have configured line-based resolution?
Generally, the CNAME resolution for one default line is required to replace line-based resolution. HUAWEI CLOUD will complete the resolution automatically.
The CNAME records provided by HUAWEI CLOUD are capable of line-based resolution. Based on the lines you purchased, HUAWEI CLOUD will perform line-based resolution automatically.
Access Configuration FAQs
- Can I Connect My Service System to AAD If It Is Not Running on HUAWEI CLOUD?
- How Do I Check Whether a Protected Domain Name Is Correctly Configured After I Connect It to AAD?
- What Can I Do When Message "Invalid request" Is Displayed When I Upload an HTTPS/WebSockets Certificate?
- How Do I Convert a Non-PEM Certificate into a PEM One?
- How Do I Enable Both AAD and WAF?
- How Do I Connect My Service System to AAD?
- How Is CNAME-based Access Implemented?
- How Does AAD Distribute Traffic When There Are Multiple Origin Servers?
- How Do I Check Whether a Back-to-Origin IP Address Has Been Whitelisted on My Origin Server?
- How Do I Change the Exposed IP Address of an Origin Server?
- How Do I Query the Back-to-Origin IP Address Range?
- Can I Migrate Enterprise Project Resources After Adding the Protected Domain Name?
- Can I Build My Own Anti-DDoS System Using HUAWEI CLOUD ECSs?
- How Do the AAD Blacklist and Whitelist Protect Customer's Servers?
- Do I Still Need to Configure the Blacklist and Whitelist in WAF Protection Policies After Configuring Them in DDoS Protection Policies?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore
