Help Center/ Anti-DDoS Service/ User Guide/ Advanced Anti-DDoS User Guide/ Connecting Services to AAD/ Overview
Updated on 2025-07-11 GMT+08:00
View PDF
Share

Overview

Access Scenario

Table 1 Access scenarios

Access Scenario

Applicable Scenario

Normal access

There are high attacks risks during routine operations, and traffic should reside on the high-defense line. After configuring AAD, you need to change the domain name to the CNAME of AAD or change the external IP address to the high-defense IP address.

On-demand access

There are low attack risks during routine operations, with high requirements for network latency and quality. Routine traffic resides on the original line. When the network is attacked, the high-defense line is configured and connected.

Access Mode

AAD supports domain name and IP address access. The differences between the two access modes are as follows:

Table 2 AAD access modes

Access Mode

Applicable Scenario

Major Differences

Domain name access

If your services use domain names licensed by ICP, you can connect the domain names to AAD.

Huawei Cloud uses algorithms to select the optimal access point for you and does not provide fixed high-defense IP addresses. If you use this mode, you are advised to purchase an instance that uses domain name access.

IP access

If your services use IP addresses rather than domain names, you can configure forwarding rules to connect your services to AAD.

AAD provides IP port protection and fixed high-defense IP addresses. This type is recommended for users using "Layer 4 Forwarding Rules".
  • To ensure smooth service operation, you are advised to configure settings offline when services are not in use. This helps prevent protection failures or service interruptions caused by incorrect configurations. Once the configuration is complete and verified, you can safely access the service.
  • If you cannot evaluate the risks, submit a service ticket for consultation.
Parent Topic: Connecting Services to AAD