All Products
Search
Document Center

DNS over HTTPS (DoH)

Last Updated: May 27, 2021

Alibaba Cloud public DNS provides DNS resolution by using the TLS-encrypted HTTP connections as specified in the RFC 8484 specifications.

URI APIs for DNS over HTTPS (DoH) (only the TLS API is provided):

  • https://dns.alidns.com/dns-query?
  • https://alidns_ip/dns-query?
  • https://user_id.alidns.com/dns-query?

Notice: alidns_ip is the A record of dns.alidns.com and can be one of the following IP addresses: 223.5.5.5 and 223.6.6.6. The user_id is the Account ID in Alibaba Cloud Console, for example: https://9999.alidns.com/dns-query?DNS = uGkBAAABAAAAAAAAB2FsaWJhYmEDY29tAAABAAE

Request method: GET

Request parameters

Parameter Data type Description
dns

string

This parameter is the DNS parameter set in the process of the DoH client converting the normal DNS query message into HTTP request. The specific content is to convert the BINARY DNS request message into base64url-encoded string. Please refer to RFC8484 for the interface definition.

Sample request: https://dns.alidns.com/dns-query?dns=uGkBAAABAAAAAAAAB2FsaWJhYmEDY29tAAABAAE

The following DNS binary data is returned:

b869 8180 0001 0004 0000 0001 0761 6c69
6261 6261 0363 6f6d 0000 0100 0107 616c
6962 6162 6103 636f 6d00 0001 0001 0000
012c 0004 6a0b d097 0761 6c69 6261 6261
0363 6f6d 0000 0100 0100 0001 2c00 04cb
77d7 5207 616c 6962 6162 6103 636f 6d00
0001 0001 0000 012c 0004 6a0b df65 0761
6c69 6261 6261 0363 6f6d 0000 0100 0100
0001 2c00 04cb 7781 6d00 0029 1000 0000
0000 000c 0008 0008 0001 2018 6a0b 22e6

Note: As specified in the RFC8484 specifications, the DoH service applies to DNS HTTPS tunnels and DNS data access at the application layer. The binary format of DNS wireformat is not suitable for applications. If you use this format, the domain names in DNS messages must be compressed. The JSON API for DoH provides a more suitable access mode for applications.