All Products
Search
Document Center

Architecture

Last Updated: Nov 12, 2018

PrivateZone is an internal network-based Domain Name Service (DNS). You can use PrivateZone to create domain or subdomain names that can only be accessed within a specified VPC or VPCs. The procedure is as follows.

  1. Create a private zone. For example, example.com.
  2. Add a resource record to the private zone. For example, www.example.com.
  3. Associate the domain name with the VPC through which the specified domain is accessed.

After you complete the configurations, you can only visit www.example.com through the associated VPC based on the PrivateZone record you have specified. You can point the domain name to a specifically reserved IP address, such as 10.1.1.1.

Implementation

PrivateZone performs tunneling on your private domain name based on the tunneling feature of Alibaba Cloud VPC. For more information about tunneling, see Architecture. A domain can only be accessed within the associated VPCs, because each VPC has a unique tunnel ID.

Additionally, Alibaba Cloud DNS uses strict verification measures to ensure that your domain name is unique throughout Alibaba Cloud. Only you can manage your domain name.

Architecture

A private zone (for example, example.com) can be associated with one or multiple VPCs. Records in the private zone can be accessed in the associated VPCs.

Architecture