Overview
Private DNS is a private DNS management service based on Tencent Cloud Virtual Private Cloud (VPC). It allows you to quickly build a DNS system in one or more custom VPCs and easily use private DNS records to manage Tencent Cloud resources associated with the VPCs that are externally inaccessible, such as CVM, CLB, CDN, and COS.
Product Features
Private DNS
The private domain list contains the private domain name resource records that you need to manage. You can create multiple private domain names and add the following types of DNS records for them:
Record Type | Description |
A | It is used to specify the IPv4 address (such as 8.8.8.8) of a domain. If you want to point a domain to an IP address, you need to add an A record. |
AAAA | It is used to specify the IPv6 address (such as ff06:0:0:0:0:0:0:c3) of a domain. If you want to point a domain to an IPv6 address, you need to add an AAAA record. |
CNAME | Alias Record, points to another domain. |
MX | If you want to set up your mailbox so that it can receive emails, you need to add an MX record. |
TXT | You can enter anything in this record with a length limit of 255 characters. Most TXT records are used as SPF records (for anti-spam). |
PTR | It reversely maps an IP address to a domain. |
SRV | Used to identify a server that uses a certain service, commonly seen in Microsoft system directory management. The format is 'Service Name.Protocol Type', such as _sip._tcp. |
SPF | Used to specify the email sending server, an effective anti-spam solution. |
CAA | Used for authorization to specify a CA Organization to issue SSL Certificates for your domain to prevent misissuance of SSL Certificates |
Associated VPC
You can associate a private domain name with one or more VPCs that need to be configured so as to map it to IP addresses.
Note
Private Domains with the same name cannot be associated with the same VPC. For example, when there are two
tencent.com simultaneously, you cannot associate both tencent.com with the same VPC.Reverse Resolution
Reverse DNS refers to mapping an IP address to a domain name, that is, the private domain name pointed to by the IP address is obtained by querying the PTR record of the IP address.
Subdomain recursive DNS
Through Private DNS without depending on Authoritative DNS, intranet hijacking in a VPC environment can be achieved. In some scenarios, it is necessary to unblock some domain names to access public network IPs in a private environment. Private DNS supports combining with Authoritative DNS for Single Domain Dual Resolution, facilitating Hybrid Cloud scenarios. This means you can use cmd's nslookup to resolve the same domain name and get different IP addresses.
Custom private domain
Plan CVM hostname management to make the machine's purpose and information easier to understand and more user-friendly.
Internal API call
API calls are managed internally to avoid the troubles caused by IP address changes to the API use, which makes OPS easier.
Internal domain name security isolation
The core system privacy protection feature ensures that the domain names of internal core systems are not exposed to the internet and thus improves their security.