Alibaba Cloud DNS:Benefits

Encryption and anti-hijacking

Public DNS performs secure recursive DNS resolution because Public DNS supports DNS over HTTPS (DoH) and DNS over TLS (DoT). The protocols ensure that all DNS requests are encrypted during transmission. When clients access Public DNS, the DNS requests bypass the local DNS servers of Internet service providers (ISPs). This efficiently prevents the DNS requests from being redirected to abnormal sites during DNS resolution.

Multiple access methods

Public DNS supports multiple access methods to meet different business requirements.

• Protocol-based access: You can access Public DNS by using traditional UDP or TCP protocols over Port 53. You can also access Public DNS by using new protocols such as DoH or DoT, which ensure that data is encrypted and transmitted in a secure and stable way.

• SDK integration: Public DNS provides SDK integration methods suitable for various operating systems including Android, iOS, and HarmonyOS. This enables quick access.

• API-based access: You can flexibly access Public DNS by using the native JSON API to meet your different business requirements.

• Wide application scenarios: Public DNS can provide services not only for mobile devices and IoT devices but also for apps and browsers.

Public DNS provides comprehensive access methods to meet different business requirements. This delivers the optimal user experience and network performance.

Global deployment of multiple clusters

Public DNS has deployed 27 level-1 DNS cluster nodes around the world and more than 160 level-2 DNS recursive nodes in the first-tier and second-tier cities and the data centers of three major ISPs in China. The ISPs include China Mobile, China Telecom, and China Unicom. The nodes can provide users with fast and stable DNS resolution services and ensure nearby access and the lowest latency.

Level-1 DNS cluster nodes are deployed in the following regions in the world:

China (Hangzhou), China (Shanghai), China (Chengdu), China (Shenzhen), China (Beijing), China (Qingdao) China (Nanjing - Local Region), China (Dalian - Local Region), China (Xi'an - Local Region), China (Taiyuan - Local Region), China (Zhengzhou - Local Region), China (Tianjin - Local Region), China (Jinan - Local Region), China (Hong Kong), US (Silicon Valley), US (Virginia), Singapore, Germany (Frankfurt), Japan (Tokyo), UK (London), Indonesia (Jakarta), Philippines (Manila), Malaysia (Kuala Lumpur), South Korea (Seoul), Thailand (Bangkok), UAE (Dubai), and SAU (Riyadh - Partner Region)

Besides the level-1 DNS cluster nodes, we deploy more than 160 level-2 DNS recursive nodes in the major first-tier and second-tier cities and the data centers of three major ISPs in China. This large-scale node network can provide users with more quick and precise DNS resolution services. This significantly improves the network access experience.

Public DNS ensures that you can enjoy low-latency and reliable DNS resolution services by using global nodes regardless of where you are.

Quick resolution

You can use SDKs to access Public DNS and cache the DNS records of frequently accessed domain names on clients in advance. This can reduce the latency of DNS resolution to nearly zero milliseconds to provide clients that access Public DNS with good DNS resolution services.

In addition, the globally deployed nodes of Public DNS not only provide quicker DNS resolution services for global users but also significantly reduce the rate of DNS resolution failures caused by poor network quality. This benefit makes Public DNS suitable for global business and provides a more quick and stable network access experience for global users.

Protection against DNS DDoS attacks

With more than 10 Tbit/s bandwidth and multiple large traffic scrubbing centers around the world, Public DNS can defend against over 100 million DNS DDoS attacks per second. The globally deployed nodes serve as backups for each other. This effectively prevents services from being interrupted when one of the nodes fails.

The self-developed high-performance DNS resolution software enables a DNS server to handle more than 10 million concurrent DNS requests per second and to support dynamic scale-out. This ensures the high availability and auto scaling of the resolution service. Public DNS handles hundreds of billions of DNS requests from the entire network every day, which serves as one of the public DNS services that resolve the largest number of DNS requests in the world.

Precise DNS scheduling

Public DNS supports EDNS Client Subnet (ECS). When clients initiate DNS requests, the source IP addresses of the clients can be carried in the ECS extensions. This achieves more precise DNS scheduling. This benefit is suitable for domain names configured with resolution rules based on different regional and ISP lines. Public DNS helps enterprises optimize the network access paths for users on the entire network by achieving more precise DNS scheduling. This ensures the optimal service access experience.

Quick update of DNS record changes

In most cases, Public DNS does not automatically modify the time to live (TTL) values of DNS records obtained from authoritative DNS servers. Public DNS supports the updates of DNS record changes within seconds. This ensures that DNS records that are modified at the authoritative DNS servers can quickly take effect for Public DNS users on the entire network.

In addition, Public DNS can work with Public Authoritative DNS to synchronize record changes in real time. When the DNS records of domain names that are hosted by Public Authoritative DNS and associated with paid Public Authoritative DNS instances are modified, Public DNS automatically refreshes the cached DNS records to ensure that the latest DNS records take effect in real time. This benefit provides more precise and timely DNS resolution services for users and is suitable for scenarios where changed DNS records need to quickly take effect, such as fault recovery and disaster recovery scenarios.