Help Center/ Global Accelerator/ Best Practices/ Using Global Accelerator to Speed Up Cross-Border Access to Third-Party On-premises Servers

Updated on 2024-06-26 GMT+08:00

View PDF

Using Global Accelerator to Speed Up Cross-Border Access to Third-Party On-premises Servers

Overview

Application scenario: Suppose you have a web server deployed in an on-premises data center in Hangzhou. Users can access your website over the public network. Due to unstable cross-border networks, users outside the Chinese mainland may face problems such as high latency, packet loss, and jitter. To address these issues, you need a global accelerator.

Solution architecture: To accelerate cross-border access to your website, you can use DNS to map your domain name to the anycast IP address of a global accelerator, so that users across the globe can access your website faster through the Huawei backbone network.

Resource and Cost Planning

The following table describes the planned resources.

**Table 1** Resource and cost planning
Resource	Description	Quantity	Price
Global accelerator	You are charged based on how long each global accelerator is retained in your account. The smallest billing unit is one hour. Partial hours are counted as full hours. Global accelerator price = Unit price x Required duration	1	For details, see Global Accelerator Pricing Details.
Data transfer	You are charged for either the inbound or outbound traffic, in GB, whichever direction has more traffic. Data transfer price = Unit price x Traffic used	Per actual use	For details, see Global Accelerator Pricing Details.
Record sets added to the public zone	Three A record sets are required for users in different areas: A record set with Line set to Default and Value set to the public IP address bound to the web server deployed in your on-premises data center. A record set with Line set to Region > Chinese mainland and Value set to the public IP address bound to the web server deployed in your on-premises data center. A record set with Line set to Region > Global and Value set to the anycast IP address of the global accelerator.	3	Free

Flowchart

Step 1: Apply for a cross-border permit.

In accordance with the laws and administrative regulations of the Ministry of Industry and Information Technology (MIIT) of the People's Republic of China, only China Mobile, China Telecom, and China Unicom are allowed for cross-border network communications, and a cross-border permit is required if you carry out business activities outside the Chinese mainland.

Click Request a Cross-Border Permit.
The Cross-Border Service Application System page is displayed.

Figure 1 Applying for a cross-border permit
On the application page, set related parameters and upload related materials.
Click Submit.

Step 2: Buy a global accelerator.

To use Global Accelerator for faster access, you first need to create a global accelerator.

On the Global Accelerator page, click Buy Global Accelerator.
Figure 2 Buying a global accelerator

Set parameters. Select Outside the Chinese mainland for Applicability. For other parameters, see Table 2.

Figure 3 Creating a global accelerator

**Table 2** Parameters for configuring a global accelerator
Parameter	Description
Name	Name of the global accelerator you want to create. Only letters, digits, and hyphens are allowed. You can enter up to 64 characters.
Enterprise Project	An enterprise project you would like to use to centrally manage your Global Accelerator resources. You can use an existing enterprise project or create one.
Applicability	Where the global accelerator will be used. There are two options: Outside the Chinese mainland or Chinese mainland. Outside the Chinese mainland is selected by default. Outside the Chinese mainland is recommended for this practice.
IP Address Type	The type of the IP address used by the global accelerator. IPv4 is selected by default.
Tags	An identifier of the global accelerator. Each tag consists of a key and a value. You can add 20 tags for a global accelerator. NOTE: If a predefined tag has been created in TMS, you can select the corresponding tag key and value. For details about predefined tags, see Predefined Tag Overview. If you have configured tag policies for Global Accelerator, you need to add tags to your accelerators based on the tag policies. If you add a tag that does not comply with the tag policies, global accelerators may fail to be created. Contact the administrator to learn more about tag policies.
Description	Supplementary information about the global accelerator. You can enter up to 255 characters.

Click Next.

Step 3: Add a listener to the global accelerator.

Add a listener to the global accelerator to route requests across endpoints based on the client affinity you set.

Configure the parameters as described in Table 3.

Figure 4 Adding a listener

**Table 3** Parameters for configuring a listener
Parameter	Description
Name	Listener name. Only letters, digits, and hyphens are allowed. You can enter up to 64 characters.
Protocol	The protocol used by the listener to receive requests from clients. The protocol can be TCP or UDP.
Port	The ports or port ranges used by the listener to receive requests from clients. The port number ranges from 1 to 65535. You can enter one or more ports or port ranges separated by commas (,). Example: 1-10,11-50,51,52-200
Client Affinity	How requests are routed. There are two options: None: The listener routes requests evenly among the endpoints in the endpoint group. Source IP address (only for TCP and UDP listeners): The source IP address of each request is calculated using the consistent hashing algorithm to obtain a unique hash key, and all the endpoints are numbered and mapped to the hash keys. Requests from the same IP address are forwarded to the same endpoint for processing.
Tags	An identifier of the listener. Each tag consists of a key and a value. You can add up to 20 tags to a listener. NOTE: If a predefined tag has been created in TMS, you can select the corresponding tag key and value. For details about predefined tags, see Predefined Tag Overview. If you have configured tag policies for Global Accelerator, you need to add tags to your listeners based on the tag policies. If you add a tag that does not comply with the tag policies, listeners may fail to be created. Contact the administrator to learn more about tag policies.
Description	Supplementary information about the listener. You can enter up to 255 characters.

Step 4: Associate an endpoint group with the listener.

Associate an endpoint group with the listener. Select the region (CN East-Shanghai1) nearest to your web server and add an endpoint to this endpoint group as instructed by Table 4.

**Table 4** Parameters for configuring the endpoint group and endpoint
Item	Parameter	Description
Endpoint group	Name	Name of the endpoint group. Each listener can be associated with only one endpoint group in a given region. Only letters, digits, and hyphens are allowed. You can enter up to 64 characters.
	Region	Region where the endpoint group is used. Select CN East-Shanghai1 for this practice.
	Description	Supplementary information about the endpoint group. You can enter up to 255 characters.
	Traffic Dial	The percentage of traffic directed to the endpoint group. If you increase the traffic dial, more requests will be distributed to this endpoint group. The value ranges from 0 to 100. If you set the traffic dial to 0, no requests will be distributed to this endpoint group. NOTE: If a listener has multiple endpoint groups, traffic will be first distributed to the endpoint group with the lowest latency and then to other endpoint groups based on the traffic dial value you set.
	Endpoint	A single point of contact for clients. Global Accelerator distributes incoming traffic across healthy endpoints. Select the public IP address the domain name of your on-premises server.
Health Check	Health Check	Whether to enable health check. If you disable health check, requests may be forwarded to unhealthy endpoints.
	Protocol	The health check protocol can be TCP. Default value: TCP.
	Port	The port used for health check. The port number ranges from 1 to 65535.
	Advanced Settings
	Interval (s)	The maximum time between two consecutive health checks, in seconds. The interval ranges from 1 to 60.
	Timeout (s)	The maximum time required for waiting for a response to a health check request, in seconds. The timeout ranges from 1 to 60.
	Maximum Retries	The maximum number of health check retries allowed. The value ranges from 1 to 10.

Step 5: Add record sets.

Add record sets to map your domain name to the anycast IP address of the global accelerator or the public IP address bound to your web server deployed in the on-premises data center.

This section uses Huawei Cloud DNS as an example.

Go to the Public Zones page.
On the Public Zones page, click the target domain name.
The Record Sets page is displayed.
In the upper right corner of the page, click Add Record Set.

On Add Record Set page, add three record sets as instructed by Table 5.

Figure 5 Adding an A record set

**Table 5** Parameters for configuring an A record set
Parameter	Description
Name	Prefix of the domain name to be resolved. For example, if the domain name is example.com, the prefix can be as follows: www: The domain name is www.example.com, which is usually used for a website. Left blank: The domain name is example.com. The Name field cannot be set to an at sign (@). Just leave it blank. : The domain name is .example.com, which is a wildcard domain name, indicating all subdomains of example.com.
Type	Type of the record set. Select A – Map domains to IPv4 addresses for this practice.
Line	Resolution line. The DNS server will return the IP address of the specified line, depending on where end users come from. Select Default, Region > Chinese Mainland, and Region > Global for the three record sets, respectively.
TTL (s)	Cache duration of the record set on a local DNS server, in seconds. The value ranges from 1 to 2147483647, and the default value is 300. If your service address changes frequently, set TTL to a smaller value. Retain the default value for this practice.
Value	IPv4 addresses mapped to the domain name. Set different values for the three record sets: If Line is set to Default or Chinese Mainland, set the value to the public IP address of your web server. If Line is set to Global, set the value to the anycast IP address of the global accelerator.
Weight	(Optional) Weight of a record set. The value ranges from 0 to 1000, and the default value is 1. Retain the default value for this practice.
Tag	(Optional) Identifier of a record set. Each tag contains a key and a value. You can add a maximum of 10 tags to a record set.
Description	(Optional) Supplementary information about the record set. You can enter a maximum of 255 characters.

Click OK.
Switch back to the Record Sets tab.
View the record sets you have added and ensure that their status is Normal.

Verifying Acceleration

The listener uses TCP to receive requests from clients, so you can run the curl command to verify whether the access is accelerated. Run the curl command before and after you configure Global Accelerator and compare the values of time_connect.

Before you configure Global Accelerator, run the following command on a server in the area where acceleration is required:
```
curl -o /dev/null -s -w "time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "http[s]://<IP>[:<Port>]"
```
- IP: public IP address bound to your web server deployed in the on-premises data center.
- Port: HTTP port number used by the web server.
- time_connect: time taken to establish a connection, in seconds. It is from the time when a TCP connection request is initiated to the time when the connection is established.
- time_starttransfer: time when transfer starts, in seconds. It is from the time when the client sends a request to the time when the endpoint replies with the first byte.
- time_total: total connection time, in seconds. It is from the time when the client sends a request to the time when the endpoint responds to the request.

After you configure Global Accelerator, run the following command:

curl -o /dev/null -s -w "time_connect: %{time_connect}\ntime_starttransfer: %{time_starttransfer}\ntime_total: %{time_total}\n" "http[s]://<IP>[:<Port>]"

Set IP in the command to the anycast IP address provided by Global Accelerator.