All Products
Search

This Product

    Alibaba Cloud DNS:Add a DNS record

    Document Center

    Alibaba Cloud DNS:Add a DNS record

    Last Updated:Nov 04, 2024

    This topic describes how to add a Domain Name System (DNS) record in the Alibaba Cloud DNS console.

    Types of DNS records

    Alibaba Cloud DNS supports the following types of DNS records:

    Add an A record

    Scenarios

    To map a domain name to an IPv4 address, you can add an A record for the domain name.

    Procedure

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add an A record and click DNS Settings in the Actions column.

    3. On the DNS Settings tab, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select A.

    • Hostname: Enter the prefix of a subdomain name or an at sign (@) as required. If you want to create an A record for the subdomain name www.cloud-example.com, enter www. If you want to create an A record for the domain name dns-example.com, enter @.

    • DNS Request Source: Select Default. If you want to return different IP addresses for DNS requests from different sources, you can add other DNS request sources, such as Outside mainland China and China Unicom. For more information, see Intelligent DNS resolution.

      Note

      • Default must be selected. If you do not select this option, your domain name may be inaccessible to specific users.

    • Record Value: Enter the IPv4 address to which the domain name is mapped.

    • TTL Period: Enter a time to live (TTL) value for the A record. Theoretically, a smaller TTL value indicates that record updates take effect more quickly. Select 10 Minutes for this example.

      Note

      Alibaba Cloud DNS Free Edition and Alibaba Cloud DNS Personal Edition support the minimum TTL value of 10 minutes. Alibaba Cloud DNS Enterprise Standard Edition supports the minimum TTL value of 1 minute. Alibaba Cloud DNS Enterprise Ultimate Edition supports the minimum TTL value of 1 second.

      image.png

    Add a CNAME record

    Scenarios

    To map a domain name to another domain name that is mapped to an IP address, you can add a CNAME record. CNAME records apply if you use Alibaba Cloud CDN, Alibaba Mail, and Global Traffic Manager (GTM).

    Important

    If you add a CNAME record that contains the default line and add an A record and an AAAA record that contain non-default lines, inaccurate intelligent DNS resolution may occur. For more information, see the Check whether a CNAME record that contains the default line is cached section of the "Solutions to inaccurate intelligent DNS resolution" topic.

    Procedure

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add a CNAME record and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select CNAME.

    • Hostname: Enter the prefix of a subdomain name or an at sign (@) as required. If you want to create a CNAME record for the subdomain name www.cloud-example.com, enter www. If you want to create a CNAME record for the domain name dns-example.com, enter @.

    • DNS Request Source: Select Default. If you want to return different IP addresses for DNS requests from different sources, you can add other DNS request sources, such as Outside mainland China and China Unicom. For more information, see Intelligent DNS resolution.

      Note

      Default must be selected. If you do not select this option, your domain name may be inaccessible to specific users.

    • Record Value: Enter the domain name to which the domain name is mapped. Enter test.cloud-example.com for this example.

    • TTL Period: Enter a TTL value for the CNAME record. Theoretically, a smaller TTL value indicates that record updates take effect more quickly. Select 10 Minutes for this example.

      image.png

    Add an MX record

    Scenarios

    To ensure that your mailbox can receive emails, you must add an MX record for the mailbox. An MX record specifies the mail server that receives emails based on the email address suffix. For example, if a user sends an email to vincen@cloud-example.com, the system resolves the domain name cloud-example.com by using the MX record. The system forwards the email to the email server that corresponds to the resolved email address based on the priority of the MX record.

    Procedure

    An email address that is registered with Alibaba Mail is used in this example. Specify the following parameters:

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add an MX record and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select MX.

    • Hostname: Enter the prefix of the subdomain name or an at sign (@) as required. If the email address is mail.dns-example.com, enter mail. If the email address is dns-example.com, enter @.

    • DNS Request Source: Select Default. If you want to return different IP addresses for DNS requests from different sources, you can add other DNS request sources, such as Outside mainland China and China Unicom. For more information, see Intelligent DNS resolution.

    • Record Value: Enter the MX record value that is obtained from the email service provider. In this example, the MX record value provided by Alibaba Mail is mx1.qiye.aliyun.com.

    • MX Priority: Enter the MX record priority that is obtained from the email service provider. A smaller value indicates a higher priority. The following figure shows how to configure the MX record. For example, the system attempts to forward an email to mx1.qiye.aliyun.com, which has an MX priority of 5. If the attempt fails, the system forwards the email to mx2.qiye.aliyun.com, which has an MX priority of 10.

    • TTL Period: Enter a TTL value for the MX record. A smaller TTL value indicates that record updates take effect more quickly. The default value of the TTL Period parameter is 10 Minutes.

      image.png

      Important

      The preceding example only shows how to add an MX record. To create a mailbox, you must also add CNAME and TXT records. For more information about the required DNS records, contact your email service provider. For more information about how to add DNS records for Alibaba Cloud mailboxes, see Add DNS records for a mailbox.

    Add an AAAA record

    Scenarios

    If you want visitors to access your website by using IPv6 addresses, you can create an AAAA record for the domain name of your website.

    Procedure

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add an AAAA record and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select AAAA.

    • Hostname: Enter the prefix of a subdomain name or an at sign (@) as required. If you want to create an AAAA record for the subdomain name www.cloud-example.com, enter www. If you want to create an AAAA record for the domain name dns-example.com, enter @.

    • DNS Request Source: Select Default. If you want to return different IP addresses for DNS requests from different sources, you can add other DNS request sources, such as Outside mainland China and China Unicom. For more information, see Intelligent DNS resolution.

      Note

      Default must be selected. If you do not select this option, your domain name may be inaccessible to specific users.

    • Record Value: Enter the IPv6 address to which the domain name is mapped.

    • TTL Period: Enter a TTL value for the AAAA record. Theoretically, a smaller TTL value indicates that record updates take effect more quickly. Select 10 Minutes for this example.

      Note

      Alibaba Cloud DNS Free Edition and Alibaba Cloud DNS Personal Edition support the minimum TTL value of 10 minutes. Alibaba Cloud DNS Enterprise Standard Edition supports the minimum TTL value of 1 minute. Alibaba Cloud DNS Enterprise Ultimate Edition supports the minimum TTL value of 1 second.

      image.png

    Add a TXT record

    Scenarios

    To identify and describe a domain name, you can add a TXT record for the domain name. In most cases, a TXT record is used as a digital authentication certificate or a Sender Policy Framework (SPF) record to prevent email spam.

    Procedure

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add a TXT record and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select TXT.

    • Hostname: Enter the prefix of a subdomain name or an at sign (@) as required. If you want to create a TXT record for the subdomain name alidnscheck.dns-example.com, enter alidnscheck. If you want to create a TXT record for the domain name dns-example.com, enter @.

    • DNS Request Source: Select Default. If you do not select this option, your domain name may be inaccessible to specific users.

    • Record Value: In most cases, a TXT record is used for verification. For example, to host a subdomain name, you must add a TXT record. Enter 5d597b2c12464a7a8d0dde6b858ce543 for this example.

    • TTL Period: Enter a TTL value for the TXT record. A smaller TTL value indicates that record updates take effect more quickly. The default value of the TTL Period parameter is 10 Minutes.

      image.png

    Add an explicit or implicit URL forwarding record

    Scenarios

    To redirect requests for a domain name to another domain name of an existing website, you can create a URL forwarding record. After you add a URL forwarding record for a domain name, Alibaba Cloud DNS automatically adds an A record in which your domain name is mapped to the address of the URL forwarding server that Alibaba Cloud DNS provides. In this case, after you run the dig command, the A record and the IP address 203.107.XX.XX are displayed in the output. However, the record value that you specify in the console is a URL. The difference is a common occurrence.

    Usage notes

    A URL forwarding record is used to map your domain name before URL forwarding to the address of an Alibaba Cloud URL forwarding server which forwards the requests for the domain name to the destination URL. The URL forwarding servers of Alibaba Cloud are deployed in the Chinese mainland. Therefore, an Internet Content Provider (ICP) filing must be complete for the domain name used before URL forwarding. You can apply for an ICP filing for the domain name in another filing system other than the Alibaba Cloud ICP Filing system.

    • The record value in a URL forwarding record cannot be an IP address.

    • Domain names used before URL forwarding cannot contain underscores (_).

    • URL forwarding does not support wildcard DNS resolution.

    • Chinese domain names cannot be used as destination domain names.

    • Domain names used before URL forwarding support HTTP but do not support HTTPS. Destination domain names support both HTTP and HTTPS.

    • URL forwarding is a special feature of Alibaba Cloud DNS. Alibaba Cloud DNS does not provide the attack defense service for this feature. URL forwarding becomes unavailable if blackhole filtering is triggered due to DDoS attacks. In this case, you can add an A or CNAME record to point the desired domain name to the destination IP address or the destination domain name. Alternatively, you can implement URL forwarding by using NGINX. For more information, see Create a URL forwarding server by using Nginx.

    Procedure

    Example: Redirect requests for http://example.com to http://www.aliyun.com:80/.

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add an implicit or explicit URL forwarding record and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record.

    4. In the panel that appears, specify the parameters based on your business requirements.

    1. Add an implicit URL forwarding record

    The inline frame (iframe) technology instead of the redirection technology is used.

    Record Type: Select Implicit URL Forwarding.

    Hostname: Enter the prefix of the subdomain name or an at sign (@) as required. If you want to create a URL forwarding record for the subdomain name www.cloud-example.com, enter www. If you want to create a URL forwarding record for the domain name dns-example.com, enter @. Enter @ for this example.

    DNS Request Source: Select Default.

    Record Value: Enter http://www.aliyun.com:80/.

    TTL Period: Use the default value. The default value of the TTL Period parameter is 10 Minutes.

    image.png

    Expected results

    After a user enters http://dns-example.com in the address bar of a browser and presses Enter, the page that corresponds to http://www.aliyun.com:80/ appears but http://dns-example.com is still displayed in the address bar.

    2. Add an explicit URL forwarding record

    Permanent redirects (301 redirects) and temporary redirects (302 redirects) are supported.

    • The HTTP status code 301 indicates that the resources of Address A are permanently removed and can no longer be accessed. Search engines change Address A to Address B when the search engines crawl new content.

    • The HTTP status code 302 indicates that the resources of Address A are still accessible. The redirection from Address A to Address B is only temporary. Search engines crawl new content and retain Address A.

    Record Type: Select Explicit URL Forwarding.

    Hostname: Enter the prefix of a subdomain name or an at sign (@) as required. If you want to create a URL forwarding record for the subdomain name www.cloud-example.com, enter www. If you want to create a URL forwarding record for the domain name dns-example.com, enter @. Enter @ for this example.

    DNS Request Source: Select Default.

    Record Value: Select 302 and enter http://www.aliyun.com:80/ for this example.

    TTL Period: Use the default value. The default value of the TTL Period parameter is 10 Minutes.

    image.png

    Expected results

    After a user enters http://dns-example.com in the address bar of a browser and presses Enter, the page that corresponds to http://www.aliyun.com:80/ appears and http://www.aliyun.com:80/ is displayed in the address bar.

    Add an NS record

    Scenarios

    To delegate a subdomain name to another DNS service provider, you can add an NS record for the subdomain name. For more information about how to host subdomain names, see Manage subdomains.

    Procedure

    For example, Alibaba Cloud DNS is used to resolve dns-example.com. If you want to delegate the subdomain name www.dns-example.com from Alibaba Cloud DNS to Tencent Cloud DNSPod, specify the following parameters to add an NS record:

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add an NS record and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select NS.

    • Hostname: Enter the prefix of a subdomain name. If the subdomain name is www.dns-example.com and you want to delegate the subdomain name to Tencent Cloud DNSPod, enter www.

      Important

      You cannot set the hostname to an at sign (@) for an NS record. If you want to delegate your primary domain name to another DNS service provider, change the DNS server at your domain name registrar.

    • DNS Request Source: Select Default. If you do not select this option, your domain name may be inaccessible to specific users.

    • Record Value: Enter the domain name of the DNS server to which you want to delegate the subdomain name. For example, the domain name of the DNS server that is provided by Tencent Cloud DNSPod is ns3.dnspod.net.

    • TTL Period: Enter a TTL value for the NS record. A smaller TTL value indicates that record updates take effect more quickly. The default value of the TTL Period parameter is 10 Minutes.

    image.png

    Add an SRV record

    Scenarios

    An SRV record is used to specify a server that hosts a specific service. SRV records are commonly used in directory management for Microsoft operating systems.

    Procedure

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add an SRV record and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select SRV.

    • Hostname: Enter a hostname in the format of Service name.Protocol type.

      Example: _sip._tcp.

    • DNS Request Source: Select Default. If you do not select this option, your domain name may be inaccessible to specific users.

    • Record Value: Enter a record value in the format of Priority Weight Port Destination domain name. Separate the items with spaces.

      Example: 0 5 5060 www.cloud-example.com.

    • TTL Period: Enter a TTL value for the SRV record. A smaller TTL value indicates that record updates take effect more quickly. The default value of the TTL Period parameter is 10 Minutes.

    image.png

    Add a CAA record

    Scenarios

    CAA stands for Certificate Authority Authorization. You can add a CAA record for a domain name to authorize a specified certification authority (CA) to issue certificates for the domain name. An unauthorized third-party CA will be rejected if the CA attempts to issue a Secure Sockets Layer (SSL) or Transport Layer Security (TLS) certificate for the domain name.

    When you add a CAA record for the domain name of your website, you can authorize a specific CA to issue certificates for the domain name. This prevents HTTPS certificates from being issued by unauthorized CAs and improves website security.

    CAA record format

    A CAA record is in the format of [flag] [tag] [value]. A CAA record consists of a flag ([flag]) and a tag-value pair ([tag] [value]) that is referred to as a property. You can add multiple CAA records for a domain name.

    Parameter

    Description

    flag

    An unsigned integer that is used to identify the CA. Valid values: 0 and 128. We recommend that you set the value to 0. The value 0 indicates that the flag is ignored if the CA does not recognize the flag.

    tag

    Valid values: issue, issuewild, and iodef.

    • issue: A CA is authorized to issue a certificate of all types.

    • issuewild: A CA is authorized to issue a wildcard certificate for the hostname.

    • iodef: The authorized CA sends the URL of an invalid certificate request to an email address.

    value

    The domain name of the CA or the email address that is used to receive notifications of invalid certificate requests.

    Procedure

    Add the CAA record described in the following table.

    Hostname

    Record value

    @

    0 issue "ca.cloud-example.com"

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add a CAA record and click DNS Settings in the Actions column.

    3. On the DNS Settings page, click Add DNS Record.image.png

    Add a PTR record

    Reverse DNS lookup is a process of mapping an IP address to a domain name. To use this feature, contact your data center or server provider.

    If your servers are provided by Alibaba Cloud, you can submit a ticket. The after-sales support engineers of Alibaba Cloud can help you add PTR records.

    Add an SVCB record

    Scenarios

    SVCB records are designed to improve service discovery and to inform clients about additional parameters of services, such as supported protocols and details of service endpoints, before the clients attempt to access the services. SVCB records can be used for different transfer protocols and are closely related to HTTPS records.

    SVCB records enable DNS systems to provide more flexible and detailed configuration information, and allow clients to make more informed decisions about service requests before the clients establish connections with services. This not only improves performance and security, but also optimizes user experience.

    Procedure

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add an SVCB record, and then click DNS Settings in the Actions column.

    3. On the DNS Settings tab of the page that appears, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select SVCB.

    • Hostname: Enter the prefix of a subdomain name or an at sign (@) as required. If you want to create an SVCB record for the subdomain name www.dns-example.com, enter www. If you want to create an SVCB record for the domain name dns-example.com, enter @.

    • DNS Request Source: Select Default. If you do not select this option, your domain name may be inaccessible to specific users.

    • Priority: Enter an integer ranging from 0 to 65535. The service instance corresponding to the SVCB record with the highest priority is selected by clients first. A smaller value indicates a higher priority. If a service has more than one SVCB record, clients sort the SVCB records by priority and attempt to access the service instance corresponding to the SVCB record with the highest priority (the lowest value). The Priority parameter for SVCB records is similar to the Priority parameter for MX records in email services.

      Note

      • If the Priority parameter is set to 0 for an SVCB record, the SVCB record is in alias mode and you cannot specify service parameters. In this case, the SVCB record is similar to a CNAME record, which can point to the name of the service instance that clients attempt to access.

      • If the Priority parameter is not set to 0 for an SVCB record, the SVCB record is in service mode and you can specify service parameters.

    • Destination Domain Name: Enter the domain name of a server to which clients need to connect.

      In an SVCB record in alias mode, the Destination Domain Name parameter specifies the name of the service instance that clients need to access.

      In an SVCB record in service mode, the Destination Domain Name parameter specifies the hostname of a service. In this case, clients initiate DNS requests to the specified domain name to obtain the IP address of the service instance. Example: www.example.top.

    • Service Parameters: a set of key-value pairs that define service configurations and required features. These parameters can provide various information. For example, the information includes the desired protocol version, application-layer protocols such as Application-Layer Protocol Negotiation (ALPN), transport-layer security requirements such as the desired TLS version, transport parameters, and IP address prompts.

      Service parameters allow service providers to provide clients with detailed guidelines for accessing their services, and provide clients with pre-connection information. This optimizes the performance and security of connections. Example: alpn="h2" ipv4hint="223.5.XX.XX" port="443".

      Note

      Common service parameters:

      • alpn="h3,h2": indicates that HTTP/2 and HTTP/3 are supported.

      • ipv4hint="223.5.XX.XX": specifies the IPv4 address of the destination domain name.

      • ipv6hint="2400:3200::XX": specifies the IPv6 address of the destination domain name.

      • port="443": specifies the port number.

      • echconfig="MTIzNDU2Nzg=": specifies a Base64-encoded string that indicates the configuration information of Encrypted Client Hello (ECH).

      Multiple key-value pairs must be separated with spaces and can be up to 1024 characters in length.

    • TTL: Enter a TTL value for the SVCB record. A smaller value indicates a shorter period of time to apply record updates. The default value is 10 minutes.image

    Add an HTTPS record

    Scenarios

    The HTTPS record is a special version of the SVCB record. HTTPS records are used to describe HTTPS services. HTTPS records contain key-value pair parameters of the same type as key-value pair parameters in SVCB records. The key-value pair parameters in HTTPS records are interpreted and processed by assuming that the service protocol is HTTPS.

    HTTPS records allow website operators to provide more detailed information about their HTTPS services, including which IP addresses are available and which protocols or service parameters are supported. This ensures that the most appropriate configurations can be selected when clients access services for the first time. In this way, handshake latency and the probability of connection failures are reduced, and the protection of user privacy is enhanced.

    Procedure

    1. Log on to the Alibaba Cloud DNS console.

    2. On the Authoritative Domain Names tab of the Domain Name Resolution page, find the domain name for which you want to add an HTTPS record, and then click DNS Settings in the Actions column.

    3. On the DNS Settings tab of the page that appears, click Add DNS Record.

    4. In the panel that appears, specify the following parameters:

    • Record Type: Select HTTPS.

    • Hostname: Enter the prefix of a subdomain name or an at sign (@) as required. If you want to create an HTTPS record for the subdomain name www.dns-example.com, enter www. If you want to create an HTTPS record for the domain name dns-example.com, enter @.

    • DNS Request Source: Select Default. If you do not select this option, your domain name may be inaccessible to specific users.

    • Priority: Enter an integer ranging from 0 to 65535. The service instance corresponding to the HTTPS record with the highest priority is selected by clients first. A smaller value indicates a higher priority. If a service has more than one HTTPS record, clients sort the HTTPS records by priority and attempt to access the service instance corresponding to the HTTPS record with the highest priority (the lowest value). The Priority parameter for HTTPS records is similar to the Priority parameter for MX records in email services.

      Note

      • If the Priority parameter is set to 0 for an HTTPS record, the HTTPS record is in alias mode and you cannot specify service parameters. In this case, the HTTPS record is similar to a CNAME record, which can point to the name of the service instance that clients attempt to access.

      • If the Priority parameter is not set to 0 for an HTTPS record, the HTTPS record is in service mode and you can specify service parameters.

    • Destination Domain Name: Enter the domain name of a server to which a client needs to connect.

      In an HTTPS record in alias mode, the Destination Domain Name parameter specifies the name of the service instance that clients need to access.

      In an HTTPS record in service mode, the Destination Domain Name parameter specifies the hostname of a service. In this case, clients initiate DNS requests to the specified domain name to obtain the IP address of the service instance. Example: www.example.top.

    • Service parameters: : a set of key-value pairs that define service configurations and required features. These parameters can provide various information. For example, the information includes the desired protocol version, application-layer protocols such as ALPN, transport-layer security requirements such as the desired TLS version, transport parameters, and IP address prompts.

      Service parameters allow service providers to provide clients with detailed guidelines for accessing their services, and provide clients with pre-connection information. This optimizes the performance and security of connections. Example: alpn="h2" ipv4hint="223.5.XX.XX" port="443".

      Note

      Common service parameters:

      • alpn="h3,h2": indicates that HTTP/2 and HTTP/3 are supported.

      • ipv4hint="223. XX.XX": specifies the IPv4 address of the destination domain name.

      • ipv6hint="2400:3200::XX": specifies the IPv6 address of the destination domain name.

      • port="443": specifies the port number.

      Multiple key-value pairs must be separated with spaces and can be up to 1024 characters in length.

    • TTL: Enter a TTL value for the HTTPS record. A smaller value indicates a shorter period of time to apply record updates. The default value is 10 minutes.image

    FAQ

    The following topics are provided to help you troubleshoot issues that you may encounter when you add DNS records: