Domain Monitoring is a one-stop, full-link domain name monitoring service from Alibaba Cloud DNS designed for public Internet scenarios. The service monitors key areas such as domain name registration compliance, Name Server (NS) authorization chain validity, DNS record accuracy, anti-hijacking, Time to Live (TTL) anomalies, and resolution latency. Using multi-dimensional visualization and real-time alerts, the service lets you quickly detect and respond to potential threats, ensuring the stability, security, and reliability of your domain name resolution.
Scenarios
Application scenario | Description |
Domain name resolution hijacking monitoring | Monitors in real time if a domain name is illegally tampered with or redirected to a malicious address. This prevents user access from being hijacked. |
NS record authorization monitoring | Checks if the domain name's NS configuration is complete and points to a legitimate DNS server. This ensures a stable and reliable resolution path. |
DNS service anomaly monitoring | Monitors the online status and response capability of DNS servers. This prevents resolution failures caused by server faults. |
Resolution latency monitoring | Tracks changes in domain name resolution response time. This helps you promptly find latency issues that affect user experience. |
TTL anomaly monitoring | Detects if the TTL of a DNS record is modified abnormally. This prevents cache invalidation or malicious use. |
Global propagation validation | After a domain name's DNS record is changed, validates its propagation status across the globe in real time. This ensures the DNS record is updated to the latest address. |
Domain name anti-transfer or anti-deletion monitoring | Monitors the security lock status at the domain name registry. It checks the lock status for prohibiting deletion, transfer, and updates in real time. This prevents the domain name from being maliciously transferred, tampered with, or deleted. |
Features
Resolution result monitoring
Domain Monitoring monitors the resolution results for common DNS record types, such as A, AAAA, CNAME, MX, NS, and TXT, to ensure that the results always match the expected configuration. If the system detects an abnormal resolution, such as an incorrect IP address, a missing record, or a mismatched type, it immediately triggers an alert. This lets you quickly locate and resolve the issue.
To provide a more comprehensive assessment of resolution quality, the monitoring system collects network probe data from multiple dimensions:
Authoritative server: Directly queries the domain name's authoritative DNS server to check if the original DNS record has been changed.
Local DNS at probe nodes: Uses network probe nodes in various regions to test the local DNS. This reflects actual resolution performance.
Alibaba Cloud Public DNS: Conducts resolution tests using the Alibaba Cloud Public DNS service to validate mainstream resolution paths.
Custom DNS server: Allows you to specify a DNS server for resolution tests to meet custom monitoring needs.
By comparing data from multiple dimensions, the system accurately detects resolution drift and abnormal fluctuations. This improves the reliability and stability of domain name resolution and ensures business continuity.
NS record tamper-proofing
Domain Monitoring integrates NS authorization chain monitoring. This lets you validate the integrity and effectiveness of the authorization path from the root server to the target domain name, ensuring the security and compliance of the entire resolution link. The system also monitors the real-time status of the anti-tamper lock, transfer lock, and update lock provided by the domain name registrar. This provides full coverage from registration and hosting to authorization configuration and final propagation, effectively preventing unauthorized modifications or malicious operations.
In addition, Domain Monitoring checks the consistency of NS records in the local DNS cache. It uses network probes to detect if the cached NS records match the authoritative DNS configuration. This lets you promptly detect resolution anomalies caused by unsynchronized caches. The system also monitors invalid or expired NS authorization cache records to ensure that end-user resolution requests always reach the correct authoritative server.
Through its multi-level, end-to-end monitoring mechanism, Domain Monitoring not only ensures the accuracy and stability of domain name resolution but also enhances the security and compliance of domain name management at the source. It provides robust DNS operations and maintenance (O&M) support for your core business.
Resolution latency monitoring
With the rapid growth of new services such as model training and AI inference, users have higher expectations for the access experience, particularly regarding service response times. In complex network environments, an increase in latency at any point can lead to service access failures or link interruptions, which can seriously affect business continuity and user experience.
To address this need, Domain Monitoring provides a resolution latency monitoring feature. This feature covers the key resolution path from the client to the authoritative DNS server. The system monitors resolution latency in real time across multiple dimensions, including the following:
Local DNS at probe nodes: Simulates the response time of a real user resolving a domain name using a local Internet Service Provider (ISP) DNS server.
Alibaba Cloud Public DNS: Checks the latency performance when resolving using the Alibaba Cloud Public DNS service.
Custom DNS server: Allows you to specify a DNS server for resolution performance testing.
When the resolution latency in any dimension exceeds the set threshold, the system immediately triggers an alert. This lets you quickly find the root cause of the problem and promptly optimize your DNS configuration. This feature ensures the quality of the DNS resolution service, supports low latency and high availability for all application access, and provides a solid foundation for the stable operation of your key business.
TTL tamper-proofing
A domain name's Time to Live (TTL) is a key parameter that affects how quickly changes to a public domain name take effect. In theory, a smaller TTL value means that after an authoritative DNS record is updated, the client's cache refreshes faster to retrieve the latest resolution result. A larger TTL value means the resolution information is kept in the cache longer, and changes take longer to propagate.
However, in practice, the actual effective cache TTL may not match the authoritative configuration, even if you set a small TTL. This can be due to factors such as local DNS cache policies and intermediate proxies. This situation is especially common in public Internet resolution scenarios.
Domain Monitoring provides a TTL tamper-proofing feature. It detects and displays the actual TTL values in the DNS cache of each probe point in real time. This lets you promptly detect anomalies or potential threats. When making record changes, this feature lets you more accurately estimate the time window required for your business changes to take effect. This improves the control and stability of change management.
Benefits
One-stop monitoring for DNS resolution
Domain Monitoring is a one-stop monitoring service that covers the entire domain name resolution link. It offers comprehensive and proactive network probe capabilities for every stage of the resolution process. From managing the compliance of domain name registration information and validating the NS authorization chain to checking the consistency of resolution results and monitoring for tampering, it lets you turn the complex resolution process from a black box into a transparent, white-box monitoring system. Through real-time monitoring and intelligent alerting, it shifts the O&M pattern from reactive response to proactive prevention. This improves the security, stability, and control of domain name resolution.
Billing
Domain Monitoring supports the pay-as-you-go billing method. For more information, see Product billing.