Edge Security Acceleration:DNS

Domain Name System (DNS) is a core Internet service that can translate domain names into IP addresses or translate IP addresses into domain names. Built on a distributed database, DNS makes it easier for people to access the Internet without the need to remember strings of machine-readable IP addresses.

To accommodate the increasing number of Internet users, a hierarchical tree structure is used for naming on the Internet. Any host or router connected to the Internet has a unique name in the DNS hierarchy. This name is a domain name. A domain is a manageable division in the DNS namespace. Grammatically, each domain name is a series of labels separated with dots (.). Domains can be divided into subdomains, and subdomains can be divided into lower-level subdomains. This creates top-level domains, primary domains, and subdomains. The following figure shows the domain hierarchy.

• .com is a top-level domain.

• aliyun.com is a primary domain.

• example.aliyun.com is a subdomain, or a second-level domain.

• www.example.aliyun.com is a third-level domain.

A website has a domain name such as example.com and multiple DNS records such as A record, CNAME record, and MX record may be configured for the domain name. A website is the basic unit for domain name management. Website settings include DNS records, TTL settings, security settings, and traffic management rules of the domain name and its subdomains.

DNS records are used to map domain names to IP addresses or other associated resources. DNS record types such as A, AAAA, CNAME, TXT, MX, PTR, and SRV are supported.

Multiple servers are included when you perform DNS resolution. In ESA, a DNS server is often referred to the ESA authoritative nameserver.

CNAME flattening is a DNS resolution technology that allows you to use CNAME records at root domains such as example.com. In most cases, if a CNAME record is configured for a root domain, you cannot configure other types of DNS records such as A record or AAAA record for the root domain.

ESA provides the CNAME flattening feature that allows you to configure other types of DNS records for a root domain name without the need to clear the CNAME record. This way, after you initiate a DNS query, the system can automatically return the final IP address without performing CNAME resolution. This greatly speeds up DNS resolution.

You can select CNAME or NS to set up your domain.

• CNAME: This setup option is suitable for large enterprises that use multiple proxy services at the same time. If you use different cloud services for your subdomains, such as api.example.com and img.example.com, and you want only some subdomains to be added to ESA, select CNAME. In this case, your current DNS provider remains unchanged. ESA generates a CNAME for your website. You must add the CNAME record to the DNS settings of your domain at your DNS provider.

• NS: This setup option is suitable for individual developers and small- and medium-sized enterprises. If you want to configure and proxy the DNS records of your website such as example.com on ESA, select NS. In this case, you must update the NS records of your domain with the nameservers assigned by ESA. Then, you can manage DNS records of your domain in the ESA console.

The time to live (TTL) specifies the longest period of time that a DNS record can be cached on a local DNS server. Once the TTL expires, the local DNS server deletes the record. If a user sends a request to the domain again afterward, the local DNS server makes a new recursive or iterative query.