Features supported by Anti-DDoS Proxy - Anti-DDoS - Alibaba Cloud Documentation Center

Anti-DDoS Proxy (Chinese Mainland) instances support IPv4 addresses and IPv6 addresses. Anti-DDoS Proxy (Outside Chinese Mainland) instances support only IPv4 addresses. This topic describes the service adding methods, mitigation settings, and mitigation analysis capabilities that are supported by different types of Anti-DDoS Proxy instances.

Service adding methods

A tick (√) indicates that the service adding method is supported and a cross (×) indicates that the service adding method is not supported.

Note

If you use an instance to forward access requests from clients that use IPv6 addresses, the supported destination varies based on the methods that are used to add your services to Anti-DDoS Proxy. If you add your services by using domains, the access requests are forwarded only to origin servers that use IPv4 addresses. If you add your services by using ports, the access requests can be forwarded to origin servers that use IPv4 addresses or IPv6 addresses.

Item	Anti-DDoS Proxy (Chinese Mainland)		Anti-DDoS Proxy (Outside Chinese Mainland)
Item	IPv4 address	IPv6 address	Anti-DDoS Proxy (Outside Chinese Mainland)
Use domains	√	√	√
Use ports	√	√	√
Sec-Traffic Manager	√ Cloud service interaction Tiered protection Alibaba Cloud CDN (CDN) or Dynamic Content Delivery Network (DCDN) interaction	√ Cloud service interaction Tiered protection CDN or DCDN interaction	√ Cloud service interaction Tiered protection CDN or DCDN interaction Secure acceleration Network acceleration

Mitigation settings

After you add your service to Anti-DDoS Proxy, you can configure mitigation policies for Anti-DDoS Proxy instances, domain names, or ports. The following table describes the settings.

Item	Sub-item	Anti-DDoS Proxy (Chinese Mainland)		Anti-DDoS Proxy (Outside Chinese Mainland)
Item	Sub-item	IPv4 address	IPv6 address	Anti-DDoS Proxy (Outside Chinese Mainland)
Protection for infrastructure	Configure the global mitigation policy feature	✓	✓	✓
	Configure the blacklist and whitelist (IP address-based) feature	✓	✓	✓
	Configure the location blacklist feature	√ (supported only when the Enhanced function plan is used)	×	√ (supported only when the Enhanced function plan is used)
	Configure the blackhole filtering deactivation feature	√	×	×
	Configure the near-origin traffic diversion feature	√	×	×
	Configure the UDP reflection attack mitigation feature	√ (supported only when the Enhanced function plan is used)	×	√ (supported only when the Enhanced function plan is used)
Protection for website services	Use the intelligent protection feature	√	√	√
	Configure the global mitigation policy feature	√	√	√
	Configure the blacklist/whitelist (domain names) feature	√	√	√
	Configure the location blacklist (domain names) feature	√ (supported only when the Enhanced function plan is used)	√ (supported only when the Enhanced function plan is used)	√ (supported only when the Enhanced function plan is used)
	Configure the HTTP flood mitigation feature	√	√	√
Protection for non-website services	Configure the intelligent protection feature for Layer 4 services	√	×	√
	Configure the false source feature	√	√	√
	Configure the advanced attack mitigation feature Only TCP ports can be protected.	✓	✓	✓
	Configure the speed limit for destination feature	√	√	√
	Configure the packet length limit feature	√	√	√
	Configure the rate limit for source feature	√	×	√
Scenario-specific policies		√	√	√

Mitigation analysis capabilities

The following table describes the mitigation analysis capabilities of Anti-DDoS Proxy.

Item	Anti-DDoS Proxy (Chinese Mainland)		Anti-DDoS Proxy (Outside Chinese Mainland)
Item	IPv4 address	IPv6 address	Anti-DDoS Proxy (Outside Chinese Mainland)
View information on the Attack Analysis page	√	×	√
Log analysis	√	√	√
Query system logs	√	√	√
Query operation logs	√	√	√
Query advanced mitigation logs	√	√	√
Use the alert monitoring feature of CloudMonitor	√	√	√