Scenarios
Intelligent Domain Name System (DNS) resolution applies to the following scenarios:
Cross-ISP or cross-area access in the Chinese mainland: In most cases, enterprises host their application services on multiple servers whose IP addresses are provided by different Internet service providers (ISPs). Traditional DNS services return these IP addresses to visitors randomly or based on service loads. The IP address returned to a visitor may be in an ISP network or geographic area that is different from that of the visitor. In this case, the visitor experiences high latency or poor network quality. To address this issue, enterprises can use the intelligent DNS resolution feature of Alibaba Cloud DNS to deliver nearby access for visitors.
Intelligent access to global services: If enterprises serve users around the world, they usually deploy their application servers both inside the Chinese mainland and outside the Chinese mainland to ensure that users can have quick access to their services. The intelligent DNS resolution feature of Alibaba Cloud DNS can route users to the nearest servers.
Restriction on the access of visitors who are served by specific ISPs or are located in specific areas: Some enterprises want to deny access from specific visitors. For example, if you want to limit access to your application services from specific areas, you can use intelligent DNS resolution to do so.
Preparations
Cross-ISP or cross-area access in the Chinese mainland
One domain name that visitors can access, such as cloud-example.com. In this example, the domain name is bound to an instance of Alibaba Cloud DNS Enterprise Standard Edition.
Three ISP IP addresses: 1.1.XX.XX (China Unicom), 2.2.XX.XX (China Mobile), and 3.3.XX.XX (China Telecom).
Intelligent access to global services
One domain name that visitors can access, such as cloud-example.com. In this example, the domain name is bound to an instance of Alibaba Cloud DNS Enterprise Standard Edition.
Two server IP addresses: 1.1.XX.XX (outside the Chinese mainland) and 2.2.XX.XX (China Telecom).
Restriction on the access of visitors from specific ISPs or areas
One domain name that visitors can access, such as cloud-example.com. In this example, the domain name is bound to an instance of Alibaba Cloud DNS Enterprise Standard Edition.
One server IP address: 2.2.XX.XX (China Telecom).
Configurations
Cross-ISP or cross-area access in the Chinese mainland
You can configure DNS settings so that Alibaba Cloud DNS can return IP addresses to visitors based on the ISP networks they come from.
If the egress IP addresses of the local DNS servers for visitors belong to China Mobile, the IP address 2.2.XX.XX is returned for the DNS requests from these visitors.
If the egress IP addresses of the local DNS servers for visitors belong to China Telecom, the IP address 3.3.XX.XX is returned for the DNS requests from these visitors.
If the egress IP addresses of the local DNS servers for visitors belong to another ISP, such as China Unicom or Dr.Peng Group, rather than China Mobile and China Telecom, the IP address 1.1.XX.XX is returned for the DNS requests from these visitors.
Procedure
Log on to the Alibaba Cloud DNS console.
On the Domain Name Resolution page, click the Authoritative Domain Names tab. Find the desired domain name and click DNS Settings in the Actions column.
On the DNS Settings page, click Add DNS Record. In the panel that appears, add DNS records for the domain name
test.cloud-example.com
to point to the IP addresses of three ISPs: 1.1.XX.XX (China Unicom), 2.2.XX.XX (China Mobile), and 3.3.XX.XX (China Telecom). Select Default, China Mobile, and China Telecom for DNS Request Source separately.
Intelligent access to global services
You can achieve the following results based on the DNS settings shown in the following figure:
If the egress IP addresses of the local DNS servers for visitors do not belong to the Chinese mainland, the IP address 1.1.XX.XX outside the Chinese mainland is returned for the DNS requests from these visitors.
If the egress IP addresses of the local DNS servers for visitors belong to the Chinese mainland, the IP address 2.2.XX.XX of China Telecom is returned for the DNS requests from these visitors.
DNS settings
Restriction on the access of visitors from specific ISPs or areas
You can achieve the following results based on the DNS settings shown in the following figure:
If the egress IP addresses of the local DNS servers for visitors do not belong to the Chinese mainland, the IP address 127.0.0.1 is returned for the DNS requests from these visitors. This IP address is inaccessible to visitors from outside the Chinese mainland.
If the egress IP addresses of the local DNS servers for visitors belong to the Chinese mainland, the IP address 2.2.XX.XX of China Telecom is returned for the DNS requests from these visitors.