All Products
Search

This Product

    Alibaba Cloud DNS:Intelligent DNS Resolution

    Document Center

    Alibaba Cloud DNS:Intelligent DNS Resolution

    Last Updated:Nov 08, 2023

    Scenarios

    Intelligent Domain Name System (DNS) resolution applies to the following scenarios:

    1. Cross-ISP or cross-area access in the Chinese mainland: In most cases, enterprises host their application services on multiple servers whose IP addresses are provided by different Internet service providers (ISPs). Traditional DNS services return these IP addresses to visitors randomly or based on service loads. The IP address returned to a visitor may be in an ISP network or geographic area that is different from that of the visitor. In this case, the visitor experiences high latency or poor network quality. To address this issue, enterprises can use the intelligent DNS resolution feature of Alibaba Cloud DNS to deliver nearby access for visitors.

    1. Intelligent access to global services: If enterprises serve users around the world, they usually deploy their application servers both inside the Chinese mainland and outside the Chinese mainland to ensure that users can have quick access to their services. The intelligent DNS resolution feature of Alibaba Cloud DNS can route users to the nearest servers.

    1. Restriction on the access of visitors who are served by specific ISPs or are located in specific areas: Some enterprises want to deny access from specific visitors. For example, if you want to limit access to your application services from specific areas, you can use intelligent DNS resolution to do so.

    Preparations

    Cross-ISP or cross-area access in the Chinese mainland

    • One domain name that visitors can access, such as cloud-example.com. In this example, the domain name is bound to an instance of Alibaba Cloud DNS Enterprise Standard Edition.

    • Three ISP IP addresses: 1.1.XX.XX (China Unicom), 2.2.XX.XX (China Mobile), and 3.3.XX.XX (China Telecom).

    Intelligent access to global services

    • One domain name that visitors can access, such as cloud-example.com. In this example, the domain name is bound to an instance of Alibaba Cloud DNS Enterprise Standard Edition.

    • Two server IP addresses: 1.1.XX.XX (outside the Chinese mainland) and 2.2.XX.XX (China Telecom).

    Restriction on the access of visitors from specific ISPs or areas

    • One domain name that visitors can access, such as cloud-example.com. In this example, the domain name is bound to an instance of Alibaba Cloud DNS Enterprise Standard Edition.

    • One server IP address: 2.2.XX.XX (China Telecom).

    Configurations

    Cross-ISP or cross-area access in the Chinese mainland

    You can configure DNS settings so that Alibaba Cloud DNS can return IP addresses to visitors based on the ISP networks they come from.

    • If the egress IP addresses of the local DNS servers for visitors belong to China Mobile, the IP address 2.2.XX.XX is returned for the DNS requests from these visitors.

    • If the egress IP addresses of the local DNS servers for visitors belong to China Telecom, the IP address 3.3.XX.XX is returned for the DNS requests from these visitors.

    • If the egress IP addresses of the local DNS servers for visitors belong to another ISP, such as China Unicom or Dr.Peng Group, rather than China Mobile and China Telecom, the IP address 1.1.XX.XX is returned for the DNS requests from these visitors.

    Procedure

    1. Log on to the Alibaba Cloud DNS console.

    1. On the Domain Name Resolution page, click the Authoritative Domain Names tab. Find the desired domain name and click DNS Settings in the Actions column.

    1. On the DNS Settings page, click Add DNS Record. In the panel that appears, add DNS records for the domain name test.cloud-example.com to point to the IP addresses of three ISPs: 1.1.XX.XX (China Unicom), 2.2.XX.XX (China Mobile), and 3.3.XX.XX (China Telecom). Select Default, China Mobile, and China Telecom for DNS Request Source separately. image.png

    Intelligent access to global services

    You can achieve the following results based on the DNS settings shown in the following figure:

    • If the egress IP addresses of the local DNS servers for visitors do not belong to the Chinese mainland, the IP address 1.1.XX.XX outside the Chinese mainland is returned for the DNS requests from these visitors.

    • If the egress IP addresses of the local DNS servers for visitors belong to the Chinese mainland, the IP address 2.2.XX.XX of China Telecom is returned for the DNS requests from these visitors.

    DNS settingsimage.png

    Restriction on the access of visitors from specific ISPs or areas

    You can achieve the following results based on the DNS settings shown in the following figure:

    • If the egress IP addresses of the local DNS servers for visitors do not belong to the Chinese mainland, the IP address 127.0.0.1 is returned for the DNS requests from these visitors. This IP address is inaccessible to visitors from outside the Chinese mainland.

    • If the egress IP addresses of the local DNS servers for visitors belong to the Chinese mainland, the IP address 2.2.XX.XX of China Telecom is returned for the DNS requests from these visitors.

    DNS settingsimage.png