Alibaba Cloud DNS PrivateZone (PrivateZone) is a VPC-based resolution and management service for private domain names. Cloud Connect Network (CCN) instances and virtual border routers (VBRs) attached to a Cloud Enterprise Network (CEN) instance can access the PrivateZone service through the CEN instance.

Prerequisites

A virtual private cloud (VPC), a VBR, or a CCN instance in the region where PrivateZone is deployed and the region where the on-premises network is deployed are attached to a CEN instance.

Background information

PrivateZone supports only VBRs and CCN instances that are deployed in the same region as PrivateZone. To enable access to PrivateZone from VPCs attached to a CEN instance, you must configure DNS settings for VPCs. For more information, see Associate with and disassociate from a VPC.

Procedure

  1. Log on to the CEN console.
  2. On the Instances page, find the CEN instance that you want to manage and click the ID of the instance.
  3. On the instance details page, click the ID of the transit router that is deployed in the same region as the cloud service.
  4. Click the PrivateZone tab and then click Authorization.
    Note You must authorize the SAG instance only if this is the first time that you enable the PrivateZone service.
  5. On the Cloud Resource Access Authorization page, click Confirm Authorization Policy to allow the on-premises network to access PrivateZone. Make sure that the on-premises network is associated with the CCN instance that is attached to the CEN instance.
  6. Click Configure PrivateZone. In the Set PrivateZone pane, set the following parameters:
    PrivateZone
    1. Hots Region: Select the region of the VPC for which PrivateZone is enabled.
    2. Host VPC: Select the VPC for which PrivateZone is enabled.

      PrivateZone is accessible from only specified VPCs.

    3. Access Region: Select the region to which the network that needs to access PrivateZone belongs.
      Note
      • Set Access Region to the region where PrivateZone is deployed or a CCN instance that is deployed in the same region as PrivateZone. Make sure that the VBR and CCN instance in the selected region are attached to the CEN instance.
      • If you select a CCN instance that is under a different Alibaba Cloud account from the VPC or CEN instance, you must grant permissions on PrivateZone. For more information, see Authorize CCN instances to use the PrivateZone service.
    4. Click OK.