Alibaba Cloud DNS PrivateZone (PrivateZone) is an Alibaba Cloud private domain name resolution and management service based on Virtual Private Cloud (VPC). After you connect a virtual border router (VBR) or a Cloud Connect Network (CCN) instance to a transit router, the on-premises network associated with the VBR or CCN instance can access PrivateZone by using the transit router.

Limits

The on-premises networks connected to VBRs or CCN instances must be deployed in the same region as the PrivateZone service.

For example, if the PrivateZone service is deployed in the China (Beijing) region, only on-premises networks connected to VBRs or CCN instances in the China (Beijing) region can access the PrivateZone service.

Work with PirvateZone

Prerequisites

Configure access to PrivateZone

  1. Log on to CEN console.
  2. On the Instances page, find the CEN instance that you want to manage and click its ID.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router in the region where the VPC that is associated with PrivateZone is deployed.
  4. If this is the first time that you configure PrivateZone, click the Private Zone tab on the transit router details page, and then click Authorization. On the Cloud Resource Access Authorization page, click Confirm Authorization Policy.

    After you grant permissions to the Smart Access Gateway (SAG) service associated with the on-premises network, the CCN instance that belongs to the SAG service can access the PrivateZone service.

  5. Return to the Private Zone tab and click Configure PrivateZone. In the Configure PrivateZone dialog box, set the following parameters and click OK.
    PrivateZone
    • Host Region: Select the region where PrivateZone is deployed.
    • Host VPC: Select the VPC associated with PrivateZone.
    • Access Region: Select the region where the VBR or CCN instance that needs to access PrivateZone is deployed.

Delete a PrivateZone configuration

  1. Log on to CEN console.
  2. On the Instances page, find the CEN instance that you want to manage and click its ID.
  3. On the Basic Settings > Transit Router tab, click the ID of the transit router in the region where PrivateZone is deployed.
  4. On the transit router details page, click the Private Zone tab, find the configuration that you want to delete, and then click Delete in the Actions column.
  5. In the Delete PrivateZone message, click OK.