Overview
When you perform global traffic analysis, Private DNS is considered as an integral module, and the square icons of the built-in authoritative module, cache module, forward module, and recursion module are dimmed in the analysis chart. On the left side of the analysis chart, you can choose to gather multiple regions in one rectangle icon or display each region in one rectangle icon. You can also select one region to analyze its traffic. The traffic routing lines of other regions are dimmed in this case.
Global traffic analysis allows you to analyze metrics such as the number of requests and latency of your intranet, the percentages of Domain Name System (DNS) records that are obtained from the built-in authoritative module, cache module, forward module, and recursion module, and the numbers of DNS requests of hotspot zones, hotspot subdomain names, hotspot virtual private clouds (VPCs), and hotspot client IP addresses.
Procedure
Log on to the Alibaba Cloud DNS console.
In the left-side navigation pane, click Private DNS (PrivateZone). On the page that appears, click Traffic Analysis Mode in the upper-right corner and click the Global Traffic (for Terminals) tab.
Search criteria settings
You can query global traffic analysis results by specifying a time range, a network scope, or the IP address of a client that initiates DNS requests.
Time range: You can query the data within a maximum of 90 days in the last one year. Only the numbers of DNS requests within the last seven days from the current time can be displayed at the minute level.
Network scope: You can specify a VPC that belongs to your current account or the account associated with your current account.
Client IP address: You can enter the IP address of a client that initiates DNS requests. In most cases, enter the IP address of an Elastic Compute Service (ECS) instance. You can also enter the IP address of another cloud service instance as needed.
Global traffic analysis reports
Throttling alert history
In the upper-right corner of the Throttling Alert History section, click Throttling Rules to view the throttling alert rules of Private DNS. 
Item | QPS |
Threshold for the total number of DNS requests initiated by an ECS instance in a VPC | 5,000 |
Threshold for the number of external recursive DNS requests initiated by an ECS instance in a VPC | 600 |
Threshold for the total number of DNS requests in a VPC | No limit |
Threshold for the total number of external recursive DNS requests in a VPC | 5,000 |
In the cloud, LocalDNS counts the number of DNS requests based on the IP address of an ECS instance. If the number of DNS requests initiated from an ECS instance reaches 5,000 QPS, a throttling alert is triggered. The Private DNS service is provided in cluster mode. Therefore, DNS requests from an ECS instance are distributed to multiple DNS servers.
If a DNS server generates a throttling alert, the actual number of DNS requests from the ECS instance exceeds 5,000 QPS.
If the number of DNS requests from the ECS instance exceeds 5,000 QPS, the number of DNS requests processed by a single DNS server may not exceed 5,000 QPS after load balancing. A throttling alert may not be triggered in this case.
In case of throttling for external recursive DNS resolution, we recommend that you enable the cache retention feature for frequently accessed domain names to cache the DNS resolution results in the memory for a long time. This prevents DNS resolution from being interrupted.
In case of throttling for overall DNS resolution, we recommend that you enable the Name Service Cache Daemon (NSCD) service for ECS instances. In this way, the number of DNS resolution times for internal domain names can be reduced, and the DNS resolution for each ECS instance can be accelerated. In addition, you can add more ECS instances for load balancing. For more information about how to enable the NSCD service, see Reduce the risk of throttling the DNS requests from ECS instances.
Analysis of the number of DNS requests
You can specify a time range to query the trend of the numbers of DNS requests from a client IP address in a specific network scope. You can also click the zoom icon in the upper-right corner to zoom in the trend chart.
Only the numbers of DNS requests within the last seven days from the current time can be displayed at the minute level.
Analysis of DNS resolution latency
You can specify a time range to query the trend of latency of DNS requests from a client IP address in a specific network scope. You can also click the zoom icon in the upper-right corner to zoom in the trend chart. 
Analysis of modules that return DNS records
You can specify a time range to query the analysis results of the built-in authoritative module, cache module, forward module, and recursion module of Private DNS that return DNS records for the DNS requests from a client IP address within a specific network scope. The analysis results include the percentage of DNS requests responded by each module, and the total number of responses and the response latency of each module. You can also click the zoom icon in the upper-right corner to zoom in the analysis chart.
Ranking of the numbers of DNS requests
You can specify a time range, network scope, and client IP address to query the ranking of the numbers of DNS requests by Zone, Subdomain Name, Network, and Client IP Address. The numbers of DNS requests can be ranked in ascending order or descending order. By default, the numbers of DNS requests are ranked in descending order. You can also click the zoom icon in the upper-right corner to zoom in the ranking table.
Ranking report of the numbers of DNS requests for hotspot zones
Ranking report of the numbers of DNS requests for hotspot subdomain names
You can enable cache retention for subdomain names. If you have activated the Private DNS service, the Add Cache Retention Domain Name panel appears after you click Enable Cache Retention. The Enable Cache Retention action is unavailable for the subdomain names that have cache retention enabled.
Ranking report of the numbers of DNS requests for hotspot networks
Ranking report of the numbers of DNS requests for hotspot client IP addresses
