Alibaba Cloud DNS provides public authoritative DNS services. You can add your domain names and configure DNS records to make your services accessible over the Internet.
Overview
Public Zone is a secure, fast, stable, and reliable service built on Alibaba Cloud's proprietary, high-performance DNS software. It translates easy-to-remember domain names into IP addresses to direct users to the correct websites or application servers. When businesses build websites, they can use the Public Zone service. An administrator can configure DNS records in the Public Zone service to map a business domain name to the IP address of a target service. When a user accesses the domain name, their device uses a local DNS to retrieve the destination IP address from the Public Zone service. The device then connects to the destination server to access the web service.
Scenarios
Application scenario | Description |
Website building | Use A records to point a domain name to a website's server address. This lets users open the website. |
Use MX records to configure DNS records based on the settings from your email service provider. This enables sending and receiving emails. | |
High-traffic services | When multiple servers support the same service, use weighted round-robin resolution to distribute traffic across the servers. This balances the service load. |
Cross-network or cross-region access | When users are in different carrier networks or regions, use smart DNS resolution to return different resolution results based on their location or network environment. |
CDN acceleration | Use CNAME records to point to an alias provided by a CDN provider. This improves website response and download speeds for users. |
Features
Feature | Description |
Host domain names registered with Alibaba Cloud or other registrars in the public authoritative DNS service. Independent hosting of subdomains is also supported. | |
Configure DNS records of common types, such as A, AAAA, CNAME, MX, TXT, NS, SRV, CAA, SVCB, HTTPS, and URL forwarding. | |
Uses a high-precision IP address library to configure different destination addresses for different carrier lines in various regions. The system has over 1,700 built-in carrier lines. Lines in the Chinese mainland can be specified by province and carrier. Lines outside China cover major countries and regions. For some countries, such as the US, India, and Canada, lines can be specified by state. | |
Configure weighted resolution for A, AAAA, and CNAME records to implement traffic load balancing policies at the DNS layer. | |
Built on proprietary, high-performance DNS software and Alibaba Cloud's massive bandwidth. A single domain zone can withstand DNS query attacks exceeding 100 million queries per second. | |
Coordinated refresh | The paid editions of DNS support coordinated cache refresh for domain name records on Alibaba Cloud's public DNS servers (such as 223.5.5.5 and 223.6.6.6). This ensures that DNS record changes take effect on Alibaba Cloud's public DNS within seconds. |
Provides hourly scheduled backups for DNS records. This allows for quick rollbacks and immediate remediation if a configuration error occurs. | |
Supports the DNSSEC feature. It uses digital signatures to ensure the authenticity and integrity of DNS response messages. This protects users from being redirected to unintended addresses and improves domain name resolution security. | |
Enable the collection of detailed logs for public authoritative DNS responses. Based on these logs, you can analyze DNS traffic from various dimensions, such as query volume, query source, line hit rate, abnormal responses, and detailed resolution logs. |
Benefits
Stable and reliable | DNS clusters are deployed in multiple data centers worldwide with high-quality, dynamic Border Gateway Protocol (BGP) access. The clusters provide mutual backup to ensure DNS availability, with a 100% Service-Level Agreement (SLA) for resolution service availability. An artificial intelligence for IT operations (AIOps) system automatically detects DNS resolution anomalies, contains issues, and reroutes traffic to ensure stable service. |
Secure and controllable | With over 10 Tbit/s of global bandwidth reserves and multiple large scrubbing centers, a reliable and intelligent Anti-DDoS system can handle over 100 million DNS queries per second to easily defend against DNS DDoS attacks. Multiple sets of proprietary DNS software create a heterogeneous service environment, ensuring the service is controllable, secure, and stable. |
Scalability | A hybrid cloud architecture combines the public cloud with self-hosted data centers to create a two-layer, scalable system. When service traffic grows rapidly, the public cloud-based Public Zone service can scale automatically to support smooth operations. When building a global high availability architecture, you can deploy the private edition of Alibaba Cloud DNS software in your own data centers (or other clouds). This expands the nodes of the public cloud-based Public Zone service, increasing node coverage and availability. |
Global nodes: US (Virginia), US (Silicon Valley), Mexico, Indonesia (Jakarta), Malaysia (Kuala Lumpur), Singapore, Japan (Tokyo), SAU (Riyadh - Partner Region), UAE (Dubai), Germany (Frankfurt), UK (London), Thailand (Bangkok), South Korea (Seoul), Philippines (Manila), China (Hong Kong), China (Beijing), China (Shanghai), China (Shenzhen), China (Hangzhou), China (Chengdu), China (Qingdao), Dalian, Xi'an, Tianjin, Taiyuan, Zhengzhou, China (Nanjing - Local Region - Decommissioning).
Cluster deployment is subject to change based on the development of Alibaba Cloud's infrastructure and is not covered by the service's Service Level Agreement (SLA).
System architecture
Public Zone consists of a control layer and a resolution layer:
Control layer: The control layer provides services through the console and OpenAPI. It primarily manages create, retrieve, update, and delete (CRUD) operations and stores DNS data, configuration data, and logs. The control layer is located in China (Zhangjiakou) and China (Hangzhou).
Resolution layer: The resolution layer provides services through globally deployed resolution server clusters. It receives DNS record data from the control layer and responds to DNS query requests. The resolution layer nodes provide coverage across major continents and regions worldwide.
Edition comparison
Public Zone is available in a Free Edition and Paid Editions. To use the Free Edition, add DNS records. For a more stable and faster resolution service, purchase and attach a domain name.
Feature/Edition | Free Edition | Paid Edition | ||
Personal Edition | Enterprise Ultimate Edition | Exclusive Edition | ||
Applicable sites | Business testing scenarios | For purchase and use by individual developers only Note Enterprise users cannot purchase new Personal Edition instances. Existing Personal Edition instances can still be used and renewed. | Suitable for enterprise customers in various industries Note Suitable for enterprise organizations in various industries. Provides more refined O&M capabilities and expert consulting services. | |
Availability SLA | No availability guarantee | 100% monthly availability | 100% monthly availability | 100% monthly availability |
Dedicated service support | None | DingTalk user support group | DingTalk user support group | 1-on-1 expert service 6 resolution change support requests per year 1 DNS architecture planning consultation per year |
DNS POPs | 4 in the Chinese mainland | 12 in the Chinese mainland, 15 outside China | 12 in the Chinese mainland, 15 outside China | 12 in the Chinese mainland, 15 outside China |
Subdomain hosting level | Level 16 | Level 16 | Level 16 | Level 16 |
Number of DNS records for a single primary domain | 100,000 | 100,000 | 100,000 (Submit a ticket to request an increase if you exceed the limit.) | Unlimited* |
Subdomain levels | 10 | 20 | Level 20 | Unlimited* |
Minimum TTL value | 600 seconds | 600 seconds | 1 second | 1 second |
Intelligent Resolution |
|
|
|
|
URL forwarding (single domain name) | 2 items | 5 entries | 10 | Unlimited* |
Weight configuration (A, CNAME, and AAAA records) | Supported | Supported | Supported | Supported |
Load balancing (IP address capacity for a single domain name on a single line) | 10 | 100 | 100 | Unlimited* |
Request statistics (accurate to the subdomain level) | × | Supported | Support | Supported |
IPv6 DNS | Supported | Supported | Support | Supported |
Secondary DNS | × | × | Supported | Supported |
DNS record backup | × | × | Supported | Supported |
DNSSEC | × | Supported | Supported | Supported |
Number of domain names that can be attached to an instance | Not applicable | 1 by default, up to 100,000 | 1 by default, up to 100,000 | 1 by default, up to 100,000 |
DNS resolution peak | Up to 20,000 queries/second | Up to 200,000 queries/second | Up to 200,000 queries/second | Up to 200,000 queries/second |
DNS attack protection | Not supported | Optional Basic Protection and Full Protection | Optional Basic Protection and Full Protection | Full Protection included by default |
Note *Unlimited: If you exceed the default system limit, you can submit a ticket to request a limit increase, provided that the product can run in a stable and secure manner. | ||||
Billing
Alibaba Cloud DNS offers a free edition of Public Zone that is suitable for project testing. This edition has a limit on peak queries and does not offer an SLA. For production environments, use a paid authoritative resolution instance. For more information, see Billing.