Introduction
Recursive Gateway provides rate limiting protection for enterprise domain name queries made through Alibaba Cloud Public DNS (223.5.5.5/223.6.6.6). This service ensures the stability of recursive resolution. It also prevents rate limiting that is triggered by internal web crawlers or malicious requests from affecting normal domain name resolution.
Features
Feature | Description | Key parameters |
Recursive resolution | The Recursive Gateway service can replace carrier recursive DNS. It provides public recursive resolution for terminals in environments such as office networks and data centers (IDCs). The service resolves domain names to IP addresses. | |
Effective immediately | The Recursive Gateway service does not alter the TTL of DNS records. This helps DNS records take effect quickly. | |
Linked refresh | For domain names hosted on the Alibaba Cloud DNS authoritative service, changes to authoritative records can trigger a linked refresh of the cached records in Recursive Gateway. This process makes the updated records take effect faster for clients. | Linked refresh takes effect in seconds. |
Rate limiting protection | The Recursive Gateway service provides rate limiting protection for customers who have bound their source IP addresses. When Alibaba Cloud Public DNS is under a large-scale network attack, the service prioritizes DNS queries from the source IPs bound in the Recursive Gateway to ensure normal resolution (but this does not guarantee that rate limiting will never be applied). |
Benefits
Benefit | Description |
Extensive node coverage | Recursive Gateway is deployed on over 160 nodes worldwide. It covers the three major carriers in first-tier cities across the Chinese mainland. Outside the Chinese mainland, more than 18 cluster nodes are deployed. These nodes provide comprehensive coverage across major continents, especially in Southeast Asia, Europe, and the Americas. The service uses Anycast IP to connect clients to the nearest node, which improves resolution speed. |
Stable and reliable service | The service is built on proprietary, high-performance DNS software that can handle large-scale, high-concurrency query requests. Compared to free public DNS or carrier DNS services, it offers superior stability. Resolution failures are less likely to occur in high-concurrency scenarios. |
Scenarios
Application Scenario | Scenario description |
Public domain name recursion for data centers or office networks | Public domain name recursion from data centers (IDCs) or office networks often requires high-performance recursive DNS that supports low latency, high concurrency, and minimal packet loss. Standard carrier DNS and free public DNS services often impose rate limits. This can lead to packet loss and resolution failures when query concurrency is high. The Recursive Gateway service is ideal for these scenarios. With over 160 nodes worldwide, Recursive Gateway provides low-latency access. Its proprietary, high-performance DNS software handles high-concurrency query requests to ensure business stability. |
Global cluster distribution
The global tier-1 DNS cluster nodes include the following:
China (Hangzhou), China (Shanghai), China (Chengdu), China (Shenzhen), China (Beijing), China (Qingdao), China East 5 (Nanjing - local region - decommissioning), Dalian, Xi'an, Wuhan, Taiyuan, Zhengzhou, Tianjin, Jinan, Shijiazhuang, China (Hong Kong), US (Silicon Valley), US (Virginia), US (Atlanta), Mexico, Singapore, Germany (Frankfurt), Japan (Tokyo), UK (London), Indonesia (Jakarta), Philippines (Manila), Malaysia (Kuala Lumpur), South Korea (Seoul), Thailand (Bangkok), UAE (Dubai), and SAU (Riyadh - Partner Region).
In addition to the tier-1 DNS cluster nodes, Alibaba Cloud has expanded its network with over 160 tier-2 DNS recursive nodes. These nodes cover major tier-1 and tier-2 cities and the three major carriers in the Chinese mainland. This vast network provides users with faster and more accurate DNS resolution, which significantly improves the network access experience.
A global multi-cluster deployment ensures that you can obtain low-latency, highly reliable domain name resolution services, regardless of your location.
The cluster node information is for reference only and does not constitute a service commitment. The cluster node information is subject to change as our infrastructure evolves.
System architecture
Recursive Gateway consists of two parts: a control layer and a resolution layer:
Control layer: The control layer provides services using the console and OpenAPI. It manages and stores DNS data, configuration data, and logs. The control layer is located in the China (Zhangjiakou) and China (Hangzhou) regions in the Chinese mainland.
Resolution layer: The resolution layer provides services using globally deployed server clusters. It retrieves DNS records from the control layer and responds to DNS queries. The resolution layer has nodes deployed across major continents and regions worldwide.