Function Overview
Domain Name Service
Domain Name Service (DNS) is a highly available and scalable authoritative DNS service that translates domain names like www.example.com into IP addresses like 192.1.2.3, reliably directing end users to your applications.
DNS provides domain resolution for various scenarios, including resolution for public domain names, resolution for private domain names, reverse resolution, and intelligent resolution.
Public Domain Resolution
DNS allows you to host domain names that are registered with domain name registrars and route traffic on the Internet.
Private Domain Resolution
DNS provides resolution for domain names that are used within VPCs. By hosting private domain names, your ECSs can communicate with each other without connecting to the Internet. You can also directly access cloud services, such as OBS and SMN, through the private DNS server.
Reverse Resolution
Reverse resolution involves obtaining a domain name based on an IP address and is typically used to improve credibility of email servers.
After a recipient server receives an email, it checks whether the IP address and domain name of the sender server are trustworthy and determines whether the email is spam. If the recipient server fails to obtain the domain name mapped to the sender's IP address, it considers that the email is sent by a malicious host and rejects it. Therefore, it is necessary to map IP addresses of your email servers to domain names by adding PTR records.
You can deploy an ECS as an email server and add a PTR record to map the EIP bound to the ECS to the domain name used by the email server.
Intelligent Resolution
Usually, a DNS server returns the same resolution result to visitors from different networks or geographic locations. However, in cross-network or cross-region access, this would lead to long latency and poor user experience. DNS provides intelligent resolution to meet requirements of various scenarios.
Traffic routing by carrier or geographic location
You can configure ISP lines or region lines when you add record sets. The DNS server returns different IP addresses to visitors based on their carrier networks or locations.
Traffic routing based on weights
When your site has multiple servers and each server has an independent IP address, you can use weighted polling to distribute a certain proportion of requests to distribute requests to different servers.
Configuring ISP Lines for Record Sets
Application Scenarios
Service Overview
-
What Is DNS?
Domain Name Service (DNS) is a highly available and scalable authoritative DNS service that translates domain names (such as www.example.com) into IP addresses (such as 192.1.2.3) required for network connection.
Domain Name Service (DNS) is a highly available and scalable authoritative DNS service that translates domain names (such as www.example.com) into IP addresses (such as 192.1.2.3) required for network connection.
-
Public Domain Name Resolution
A public zone contains information about how a domain name and its subdomains are translated into IP addresses for routing traffic over the Internet. This allows end users to access your website or application over the Internet using your domain name.
A public zone contains information about how a domain name and its subdomains are translated into IP addresses for routing traffic over the Internet. This allows end users to access your website or application over the Internet using your domain name.
-
Private Domain Name Resolution
A private zone contains information about how to map a domain name (such as ecs.com) and its subdomains used within one or more VPCs to private IP addresses (such as 192.168.1.1).
A private zone contains information about how to map a domain name (such as ecs.com) and its subdomains used within one or more VPCs to private IP addresses (such as 192.168.1.1).
-
Reverse Resolution
Reverse resolution means to obtain a domain name based on an IP address. This is typically used to affirm the credibility of email servers.
Reverse resolution means to obtain a domain name based on an IP address. This is typically used to affirm the credibility of email servers.
-
Intelligent Resolution
Usually, a DNS server returns the same resolution result to visitors from different networks or geographic locations.
Usually, a DNS server returns the same resolution result to visitors from different networks or geographic locations.
-
Permissions Management
To assign DNS permissions to a user group, specify the scope as region-specific projects and select projects for the permissions to take effect.
To assign DNS permissions to a user group, specify the scope as region-specific projects and select projects for the permissions to take effect.
Service Overview
Service Overview
-
Product Advantages
The DNS service has the following advantages:
High performance
A single DNS node can handle millions of concurrent queries, allowing end users to access your website or application more quickly.
Easy access to cloud resources
Your ECSs can communicate with each other and with other resources within VPCs using private domain names. Traffic is kept within your internal network, which reduces network latency and improves security.
For more details, see Configuring a Private Domain Name for an ECS.
Smooth service migration
You can migrate an in-use website domain name to the Huawei Cloud DNS service. To ensure that your website services are not interrupted during the migration, we will create a public zone and add DNS record sets for your website in advance.
Isolation of core data
A private DNS server provides domain name resolution for ECSs carrying core data, enabling secure, controlled access to such data. You do not need to bind EIPs to these ECSs.
-
Accessing the DNS Service
The cloud platform provides a web-based management console as well as REST APIs through which you can access the DNS service.
Management console
A web-based management console enables you to access the DNS service.
- If you have already registered an account, log in to the management console, hover on the upper left to display Service List, and choose Networking > Domain Name Service.
- Otherwise, register an account with Huawei Cloud by following the instructions in Quick Start and perform the preceding step.
With a few steps, you can start using the DNS service for domain name resolution.
APIs
REST APIs are provided for accessing the DNS service. You can also use the provided APIs to integrate DNS into a third-party system for secondary development. For details, see the Domain Name Service API Reference.
-
Intelligent Resolution
If end users access a domain name, DNS servers return the same IP address to the end users regardless of their networks or geographic locations. However, in cross-network or cross-region access, this would lead to an increase in network latency and poor user experience.
With configurable resolution lines, you can specify different IP addresses for the same domain name based on the networks or geographic locations.
You can create more fine-grained resolution lines based on source IP addresses.
Huawei Cloud DNS supports the following types of resolution lines:
NOTE: Resolution lines are not available for private zones and PTR records. -
Basic Functions
The DNS service provides the following functions:
Maps domain names to public IP addresses so that end users can access your website or web applications over the Internet.
Private domain name resolution
Translates private domain names into private IP addresses to facilitate access to cloud resources within VPCs.
Obtains a domain name based on an IP address. Reverse resolution, or reverse DNS lookup, is typically used to affirm the credibility of email servers.
Returns different IP addresses for the same domain name based on the carrier networks or geographic locations. This significantly reduces network latency for end users from different carrier networks and geographic locations.
-
Reverse Resolution
Reverse resolution, also reverse DNS lookup, resolves an IP address back to a host name. This is typically used to affirm the credibility of email servers.
After a recipient server receives an email, it checks whether the IP address and domain name of the sender server are trustworthy and determines whether the email is spam. If the recipient server cannot obtain the domain name mapped to the IP address of the sender server, it concludes that the email is sent by a malicious host and rejects it. It is necessary to configure pointer records (PTR) to point the IP addresses of your email servers to domain names.
In the following figure, an ECS serves as an email server, and a PTR record is configured to map the EIP of the ECS to the domain name configured for accessing the email server.
Figure 1 Reverse resolution
NOTE: Figure 1 shows only the process for reverse resolution. Information about how an email server checks the credibility of the sender's IP address and whether domain name is available on the Internet is not provided here.If no PTR records are configured, the recipient server will treat emails from the email server as spam or malicious and discard them.
See Translating an IP Address to a Domain Name for detailed operations.