All Products
Document Center


Last Updated: Apr 22, 2021

This topic describes the overall architecture and features of Alibaba Cloud Public DNS.

Overall architecture

Overall architecture diagram


Networkwide basic DNS resolution

Provides basic DNS resolution for all domain names on the Internet. Public DNS can resolve domain names that are registered with Alibaba Cloud or a third-party domain name registrar. It also supports DNS resolution by using DNS over HTTPS (DoH) and DNS over TLS (DoT).

Accelerated domain name access

  • Allows terminals to cache DNS records. This accelerates domain name access from terminals.

  • Reduces recursive resolution and allows DNS requests to be directly sent to an authoritative DNS server. This accelerates domain name access.

  • Updates the resolution results rapidly. The recursive DNS server of Public DNS and the authoritative DNS server of Alibaba Cloud DNS update the resolution results at the same time to make the resolution results take effect in seconds.

User privacy protection

  • Supports the DoT and DoH protocols, which are developed based on Transport Layer Security (TLS). TLS is used for secure communications between users and servers of Public DNS. This ensures user privacy and prevents data leakage.

  • Supports the TLS 1.2, TLS 1.3, HTTP/1.1, and HTTP/2 protocols.

Hijacking prevention

  • Bypasses local DNS servers of Internet service providers (ISPs) to prevent domain hijacking.

  • Supports anti-DDoS capabilities, which prevent terminals from being affected by distributed denial of service (DDoS) attacks on DNS servers.

Intelligent scheduling

  • Intelligently determines the source of a visitor and returns the IP address of the nearest resolution line based on the source.

  • Supports EDNS Client Subnet (ECS) to ensure precise scheduling.

  • Achieves switchovers in seconds when a node fails. This ensures network stability.

Support for IPv6

Supports both IPv4 and IPv6 addresses.

Rich report logs

  • Allows users registered with Alibaba Cloud to obtain access log reports of historical domain names from Public DNS.

  • Allows users to query the number of DNS requests and rankings of domain names and subdomains.