Alibaba Cloud DNS supports the following types of DNS records:
Supported types of DNS records
Alibaba Cloud DNS supports the following types of DNS records:
A record
Canonical name (CNAME) record
Mail exchanger (MX) record
AAAA record
Text (TXT) record
Explicit or implicit URL forwarding record
Name server (NS) record
Service (SRV) record
Certification Authority Authorization (CAA) record
Pointer (PTR) record
Add an A record
Scenarios
You can Add an A record to map a domain name to an IP address.
Procedure
1. Log on to the Alibaba Cloud DNS console.
2. On the Authority Domains tab of the Manage DNS page, click a domain name to go to the DNS Settings page.
3. On the DNS Settings page, click Add Record.
4. In the Add Record panel, set the following parameters:
Type: Select A.
Host: Enter the prefix of the subdomain or an at sign (@) as required. For example, if you want to create a record for the subdomain www.dns-example.com, enter www. If you want to create a record for the domain name dns-example.com, enter @.
ISP Line: Select Default. You must specify an Internet service provider (ISP) line. Otherwise, your domain name may be inaccessible to specific users.
Value: Enter the IPv4 address to which the domain name is mapped.
TTL: Enter a time-to-live (TTL) value for the A record. A smaller value indicates a shorter period of time to apply record updates. The default TTL value is 10 minutes.
Add a CNAME record
Scenarios
You can Add a CNAME record to map a domain name to another domain name that is mapped to an IP address. CNAME records apply to scenarios such as using Alibaba Cloud CDN, enterprise mailboxes, and Global Traffic Manager (GTM).
Configuration
Type: Select CNAME.
Host: Enter the prefix of the subdomain or an at sign (@) as required. For example, if you want to create a record for the subdomain www.dns-example.com, enter www. If you want to create a record for the domain name dns-example.com, enter @.
ISP Line: Select Default. You must specify an ISP line. Otherwise, your domain name may be inaccessible to specific users.
Value: Enter the domain name for which you want to create a CNAME record.
TTL: Enter a TTL value for the CNAME record. A smaller value indicates a shorter period of time to apply record updates. The default TTL value is 10 minutes.
Add an MX record
Scenarios
When you configure a mailbox, you must Add an MX record to ensure that your mailbox can receive emails. MX stands for mail exchanger. An MX record specifies the email server that receives emails based on the email address suffix of the recipient. For example, if a user sends an email to vincen@example.com, the system uses the MX record of example.com for DNS resolution. The system forwards the email to the email server that corresponds to the resolved email address based on the priority of the MX record.
Configuration
Set the following parameters. The registration service Alibaba Mail is used as an example.
Type: Select MX.
Host: Enter the prefix of the subdomain or an at sign (@) as required. For example, if the email address is xxx@mail.dns-example.com, enter mail. If the email address is xxx@dns-example.com, enter @.
ISP Line: Select Default. You must specify an ISP line. Otherwise, your email address may be inaccessible to specific users.
Value: Enter the MX record value that is obtained from the email service provider. For example, the MX record value for a sample email address registered by using Alibaba Mail is mx1.qiye.aliyun.com.
MX Priority: Enter the MX priority that is obtained from the email service provider. A smaller value indicates a higher priority. Two MX records are configured as shown in the following figures. The system attempts to forward an email to mx1.qiye.aliyun.com that has an MX priority of 5. If the attempt fails, the system forwards the email to mx2.qiye.aliyun.com that has an MX priority of 10.
TTL: Enter a TTL value for the MX record. A smaller value indicates a shorter period of time to apply record updates. The default TTL value is 10 minutes.
Note: The preceding configuration demonstrates only how to create an MX record. To configure a mailbox, you must also create CNAME and TXT records. For more information about the required DNS records, contact your email service provider. If you are using Alibaba Mail, see Configure DNS records for your mailbox.
Add an AAAA record
Scenarios
You can Add an AAAA record for the domain name of your website. This ensures that visitors can access the website by using an IPv6 address.
Configuration
Type: Select AAAA.
Host: Enter the prefix of the subdomain or an at sign (@) as required. For example, if you want to create a record for the subdomain www.dns-example.com, enter www. If you want to create a record for the domain name dns-example.com, enter @.
ISP Line: Select Default. You must specify an ISP line. Otherwise, your domain name may be inaccessible to specific users.
Value: Enter the IPv6 address to which the domain name is mapped.
TTL: Enter a TTL value for the AAAA record. A smaller value indicates a shorter period of time to apply record updates. The default TTL value is 10 minutes.
Add a TXT record
Scenarios
You can Add a TXT record for your domain name to identify and describe the domain name. In most cases, a TXT record is used as a Sender Policy Framework (SPF) record to prevent email spam.
Configuration
Type: Select TXT.
Host: Enter the prefix of the subdomain or an at sign (@) as required. For example, if you want to create a record for the subdomain www.dns-example.com, enter www. If you want to create a record for the domain name dns-example.com, enter @.
ISP Line: Select Default. You must specify an ISP line. Otherwise, your domain name may be inaccessible to specific users.
Value: In most cases, a TXT record is used as an SPF record to prevent email spam. The typical TXT record value in the SPF format is v=spf1 a mx ~all. This specifies that only IP addresses in the A records and MX records of the domain name are allowed to use this domain name to send emails.
TTL: Enter a TTL value for the TXT record. A smaller value indicates a shorter period of time to apply record updates. The default TTL value is 10 minutes.
Add an explicit or implicit URL forwarding record
Scenarios
You can Add a URL forwarding record to redirect a domain name to another domain name of an existing website.
Prerequisites
An Internet Content Provider (ICP) filing is obtained for the domain name used before URL forwarding.
Configuration
Example: Redirect http://dns-example.com to http://www.aliyun.com:80/.
1. Implicit URL forwarding
The iFrame technology is used instead of the redirection technology.
Expected results
After you enter http://dns-example.com in the address bar of your browser and press the Enter key, the website that corresponds to http://www.aliyun.com:80/ appears but http://dns-example.com is still displayed in the address bar.
2. Explicit URL forwarding
Permanent redirects (301 redirects) and temporary redirects (302 redirects) are supported.
Expected results
After you enter http://dnswork.top in the address bar of your browser and press the Enter key, the website that corresponds to http://www.aliyun.com:80/ appears and http://www.aliyun.com:80/ is displayed in the address bar.
Usage notes
Before you create a URL forwarding record, you must obtain an ICP filing for the domain name used before URL forwarding and make sure that the service provider recorded in the ICP filing is Alibaba Cloud.
The record value in a URL forwarding record cannot be an IP address.
Domain names used before URL forwarding cannot contain underscores (_).
URL forwarding does not support wildcard domain names.
Chinese domain names cannot be used as destination domain names.
Domain names used before URL forwarding support HTTP but do not support HTTPS. Destination domain names support both HTTP and HTTPS.
- URL forwarding is a special feature of Alibaba Cloud DNS. Alibaba Cloud DNS does not provide the attack defense service for this feature. URL forwarding cannot be used if a blackhole attack occurs. In such cases, you must change the host records that you want to forward to the A or CNAME type. Alternatively, you can implement URL forwarding by using NGINX. For more information, see Use NGINX to build a self-managed server for URL forwarding.
Add an NS record
Scenarios
You can Add an NS record for a subdomain to delegate the subdomain to a different DNS provider.
Configuration
For example, Alibaba Cloud DNS is responsible for the DNS resolution of dns-example.com. If you want to delegate the subdomain www.dns-example.com from Alibaba Cloud DNS to Tencent Cloud Private DNS, you can set the following parameters to create an NS record:
Type: Select NS.
Host: Enter the prefix of the subdomain. For example, if the subdomain is www.dns-example.com and you want to delegate the subdomain to Tencent Cloud Private DNS, enter www.
ISP Line: Select Default. You must specify an ISP line. Otherwise, your domain name may be inaccessible to specific users.
Value: Enter the domain name of the DNS server to which you want to delegate the subdomain. For example, the domain name of a sample DNS server that is provided by Tencent Cloud Private DNS is f1g1ns1.dnspod.net.
TTL: Enter a TTL value for the NS record. A smaller value indicates a shorter period of time to apply record updates. The default TTL value is 10 minutes.
Add an SRV record
Scenarios
An SRV record is used to identify a server that uses a specific service. SRV records are commonly used in directory management for operating systems of Microsoft.
Configuration
Type: Select SRV.
Host: Enter a hostname in the format of Service name.Protocol type.
Example: _sip._tcp.
ISP Line: Select Default. You must specify an ISP line. Otherwise, your domain name may be inaccessible to specific users.
Value: Enter a record value in the format of Priority Weight Port Destination domain name. Separate the items with spaces.
Example: 0 5 5060 sipserver.example.com.
TTL: Enter a TTL value for the SRV record. A smaller value indicates a shorter period of time to apply record updates. The default TTL value is 10 minutes.
Add a CAA record
Scenarios
CAA stands for Certificate Authority Authorization. You can Add a CAA record for a domain name to specify a certification authority (CA) that is authorized to issue certificates for the domain name. An unauthorized third-party CA will be rejected if the CA attempts to obtain a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) certificate for the domain name.
When you create a CAA record for the domain name of your website, you can specify a CA that is authorized to issue certificates for the domain name. This prevents HTTPS certificates from being issued by unauthorized CAs and improves the security of the website.
Record value format
The record value of a CAA record is in the format of: [flag] [tag] [value]. A CAA record consists of a flag ([flag]) and a tag-value pair ([tag] [value]) that is referred to as a property. You can create multiple CAA records for a domain name.
Item | Description |
flag | An unsigned integer that is used to identify the CA. Valid values: 0 and 128. We recommend that you set the value to 0. A value of 0 indicates that if the CA does not recognize the flag, the flag is ignored. |
tag | Valid values: issue, issuewild, and iodef.
|
value | The domain name of the CA or the email address that is used to receive notifications of invalid certificate requests. |
Configuration
Add the following two CAA records.
Hostname | Record value |
@ | 0 issue "symantec.com" |
@ | 0 iodef "mailto:admin@dns-example.com" |
Add PTR record
Reverse DNS lookup requires that IP addresses be mapped to domain names. To implement this feature, you must contact your data center or host service provider.
If your hosts are provided by Alibaba Cloud, you can submit a ticket. The Alibaba Cloud host after-sales team can help you implement reverse DNS lookup.
FAQ
The following topics are provided to help you troubleshoot issues that you may encounter when you create DNS records: