All Products
Search
Document Center

Alibaba Cloud DNS:Common issues with DNS settings_public authoritative resolution

Last Updated:Dec 03, 2024

This topic provides answers to some frequently asked questions about domain name system (DNS) settings.

Can after-sales support engineers configure DNS settings for me?

No, after-sales support engineers are not allowed to log on with user accounts to configure DNS settings due to security concerns. You need to log on to the Alibaba Cloud DNS console to configure DNS settings by yourself. For more information, see Get started with Alibaba Cloud DNS.

What preparations need to be made before I configure DNS settings?

DNS resolves domain names to server IP addresses, so you need to prepare domain names and server IP addresses. For more information, see What do I need to prepare before I configure a DNS record? .

Does Alibaba Cloud DNS provide a website building service?

No, Alibaba Cloud DNS does not provide a website building service. Alibaba Cloud DNS provides a domain name resolution service, which resolves a domain name to the IP address of a website server. For more information, see What do I need to prepare before I configure a DNS record?.

How do I map a domain name to another domain name of a website?

You can map a domain name to another domain name of a website by adding a canonical name (CNAME) record or URL forwarding record.

  • For more information about how to add a CNAME record, see Add a DNS record.  

  • If a CNAME record conflicts with another DNS record, or if the software on the server of the destination domain name prevents access by other domain names, see DNS record conflict rules.  

What are a hostname and a record value?

A hostname is a prefix that is added for a domain name to create a subdomain. For example, assume that a primary domain is example.com. If you want visitors to use www.example.com for access, you must add www as the hostname. A record value is the address to which the subdomain is mapped. The address can be a server IP address or a domain name. For more information, see Add a DNS record.

Can I add MX records for enterprise mailbox?

You can add MX records for enterprise mailbox. For more information, see Add DNS records for a mailbox.

How can I configure DNS settings with a mailbox not registered with Alibaba Cloud?

The following content describes the solution to different scenarios:

  • Add DNS records for mailbox in the Alibaba Cloud DNS console with a domain registered through Alibaba CLoud and email services not provided by Alibaba Cloud.

    Contact your email service provider to obtain the DNS records that you need to add for your mailbox. For more information, see Add DNS records for a mailbox.

  • Add DNS records for mailbox in the server of a third-party DNS service provider with a domain registered through Alibaba CLoud and email services not provided by Alibaba Cloud.

    Contact your email service provider to obtain the DNS records that you need to add for your mailbox. Then, contact your DNS service provider to configure DNS settings.

  • Add DNS records for mailbox in the Alibaba Cloud DNS console with a domain not registered through Alibaba CLoud and email services not provided by Alibaba Cloud.

    Contact your email service provider to obtain the DNS records that you need to add for your mailbox. For more information, see Add DNS records for a mailbox.

Why does the system display a message indicating a conflict between a mail exchanger (MX) record and a CNAME record when I add a record?

The priorities of DNS records that are used during DNS resolution vary based on the types of DNS records. Some types of DNS records that have the same hostname and resolution line cannot be used at the same time. If these types of DNS records are used at the same time, DNS configuration risks may occur and services may become unavailable. For more information, see DNS record conflict rules.

Why does the system display a message indicating a conflict between an A record and a CNAME record when I add a record?

An A record and a CNAME record that have the same hostname and resolution line cannot be used at the same time. We recommend that you use different subdomains to create an A record and a CNAME record. For more information, see DNS record conflict rules.

Can I resolve the CNAME records to a specific path?

CNAME records are designed to point one domain name to another domain name, not to a specific file path or directory.

I cannot configure CNAME records to navigate to Baidu homepage from Alibaba Cloud. Why?

Most large websites, including Baidu, do not allow external domain names to point to their domain names via configuring CNAME records for security and abuse prevention reasons. We recommend that you use URL redirection (301 or 302) instead of CNAME records to direct traffic to Baidu homepage.

Why does the system display a message indicating a URL filing exception when I add a URL forwarding record?

Adding a URL forwarding record is to resolve a domain name to the Alibaba Cloud forwarding server before URL forwarding. In this way, forwarding proxy is performed on the forwarding server. Alibaba Cloud URL forwarding servers are deployed in the Chinese mainland. You must obtained an ICP filing for the domain name used before URL forwarding. You can apply for an ICP filing for the domain name in another filing system other than the Alibaba Cloud ICP Filing system.

Can I specify a URL that includes path parameters when I configure URL forwarding?

No, you cannot specify a URL that includes path parameters when you configure explicit or implicit URL forwarding.

How many URL forwarding records can be set?

The number of URL forwarding records varies based on the version of Alibaba Cloud DNS. For more information, see Edition comparison.

How do I configure a subdomain?

You can configure a subdomain by adding a DNS record. When adding the DNS record, enter a domain name prefix as the hostname, and enter your server IP address as the record value. For more information, see Configure a subdomain.

Does intelligent DNS resolution support nearby access if I have two servers hosted by China Mobile and China Unicom?

Yes, intelligent DNS resolution supports nearby access. Intelligent DNS resolution allows China Mobile users to access the server IP address provided by China Mobile and China Unicom users to access the server IP address provided by China Unicom. For more information, see Intelligent DNS resolution.

How do I set a second-level domain?

Assume that a primary domain is example.com and a second-level domain www.example.com needs to be set. You can specifywww as the hostname. If you need to set a third-level domain a.www.example.com, you can specifya.www as the hostname. For more information, see Configure a subdomain.

Why is there a text (TXT) record in my DNS records?

If you purchase Alibaba Cloud SSL Certificates Service and select automatic DNS verification, the system automatically adds a TXT record. For more information, see Which domain name verification method should I choose?

How do I direct users in and outside the Chinese mainland from the same domain name to different addresses?

You can configure different resolution lines for users in and outside the Chinese mainland. For example, you can select the default line for users in the Chinese mainland and a line outside the Chinese mainland for users outside the Chinese mainland. For more information, see Intelligent DNS resolution.

Why is the DNS server status of a domain name displayed as "Running exception" after the domain name passes the real-name verification?

Generally, a domain name can be resolved properly two to three days after it passes the real-name verification. We recommend that you perform a DNS resolution test later.

Can DNS load balancing be implemented by resolving a domain name to the IP addresses of multiple servers?

Yes, you can set the weight ratio to 1:1 to implement DNS load balancing. For more information, see Set weights.

Does the change of the DNS server for a domain name affect the resolution of the domain name?

Whether the change of the DNS server for a domain name affects the resolution of the domain name depends on the data preparation. Smooth domain name migration can be implemented when you change the DNS server for a domain name. For more information, see Smooth domain name imgration to Alibaba Cloud DNS.

Why is the Resolution Settings button unavailable?

If you are using Alibaba Cloud DNS of a paid edition, the button is unavailable because your DNS service has expired. In this case, renew the service and refresh the page. Then, you can use the service again.

How do I switch user request traffic to a functioning server by using intelligent DNS resolution when a server fails?

Intelligent DNS resolution does not support the removal of abnormal IP addresses or automatic failover. If you need these features, we recommend that you see What is GTM?

How do I call an API operation to add a DNS record that matches requests for a subdomain?

Alibaba Cloud DNS supports OpenAPI Explorer to allow you to add, delete, modify, or query DNS records by calling API operations. For more information about how to add a DNS record by calling an API operation, see Adding a DNS record.

How do I configure DNS resolution for a domain name to prevent access from users outside the Chinese mainland?

You can use intelligent DNS resolution to prevent access from users outside the Chinese mainland. Specifically, you can set the resolution line to a line outside the Chinese mainland and point the domain name to the IP address 127.0.0.1.

Is reverse DNS lookup (PTR) free of charge? How do I configure it?

Because Alibaba Cloud DNS does not support pointer (PTR) records, reverse DNS lookup must be configured on the server side. If your server IP address is provided by a third-party service provider, you must contact the service provider for the configuration of reverse DNS lookup. If your server IP address is provided by Alibaba Cloud, reverse DNS lookup is free of charge. You only need to submit a ticket, and after-sales support engineers will help you configure reverse DNS lookup.

Should I add a dot (.) at the end of a domain name when adding a DNS record?

No, you do not need to add a dot (.) at the end of a domain name. The dot (.) at the end of a domain name represents the root domain. Alibaba Cloud DNS automatically adds a dot (.) at the end of a domain name, so you do not need to add it.

Do domain names involved in URL forwarding support HTTPS?

Domain names used before URL forwarding support HTTP but do not support HTTPS. Destination domain names support both HTTP and HTTPS.

Can two or more domain names be resolved to the IP address of one ECS instance?

Yes, two or more domain names can be resolved to the IP address of one ECS instance, that is, different subdomains can be resolved to the same IP address.

What is the purpose of setting priorities for MX records?

If there is only one MX record, it is meaningless to set a priority for the MX record. If there are multiple MX records, the email server of the sender preferentially sends an email to the server corresponding to the smallest MX priority value. If this server fails and cannot receive the email, the email server of the sender automatically sends the email to the server corresponding to the second smallest priority value. The process continues until the email is sent successfully or all servers fail to receive the email.

What do I do if the system displays a message, indicating that a domain name is not registered by using the current Alibaba Cloud account, when I add the domain name?

This message means that the domain name is registered with Alibaba Cloud by using another Alibaba Cloud account. If you want to transfer this domain name to the current Alibaba Cloud account, log on to the Domains console with the account used to register the domain name. In the left-side navigation pane, click Domain Names. On the All tab of the Domain Name List page, click the domain name to open the domain name details page. Click Transfer between Accounts in the left-side navigation pane.

What do I do if I cannot add a domain name?

When you add a domain name in the Alibaba Cloud DNS console, if the system displays a message indicating that the domain name has been added by using another account, you can retrieve the domain name to the current account. For more information, see Domain Management.  

Why am I unable to delete a primary domain?

If your domain name is registered with Alibaba Cloud, it cannot be deleted in the Alibaba Cloud DNS console.

Can I configure multiple CNAME records that have the same hostname and resolution line?

Yes, you can configure multiple CNAME records that have the same hostname and resolution line. For more information about how to configure CNAME records, see Add a DNS record.

How does Alibaba Cloud DNS respond to DNS requests if multiple CNAME records that have the same hostname and resolution line are configured?

If multiple CNAME records that have the same hostname and resolution line are configured, Alibaba Cloud DNS automatically enables the default weight ratio 1:1 for the CNAME records. You can change the weight ratio by setting weights for the CNAME records. For more information about weight settings, see Set weights.

Why am I unable to set regional lines in the Chinese mainland?

You can set regional lines in the Chinese mainland. The regions include East China, North China, Central China, South China, Southwest China, Northwest China, and Northeast China. For more information, see Intelligent DNS resolution. The regional lines in the Chinese mainland are supported by Alibaba Cloud DNS Standard Edition and Ultimate Edition. For more information about how to set regional lines, see Switch lines.

Are there any limits on the quantities of hosted domain names and DNS records?

Alibaba Cloud DNS does not limit the quantity of hosted primary domains. For each subdomain, the free edition of Alibaba Cloud DNS supports a maximum of 10 DNS records that have the same hostname and resolution line. A paid edition of Alibaba Cloud DNS supports a maximum of 100 DNS records that have the same hostname and resolution line.

How do I import DNS records into Alibaba Cloud DNS?

Alibaba Cloud DNS allows XLS, XLSX, and ZONE files to be imported. DNS service providers generally support the export of these files. For more information about how to import DNS records, see Import DNS records.

What types of DNS records does Alibaba Cloud DNS support?

Alibaba Cloud DNS supports the following types of DNS records:

  • A record, which is used to map a domain name to an IP address

  • CNAME record, which is used to map a domain name to another domain name

  • MX record, which is used to specify the email server that receives emails based on the email address suffix of the recipient

  • AAAA record, which is used to map a domain name to an IPv6 address

  • TXT record, which is used to identify and describe a domain name

  • Name server (NS) record, which is used to delegate a subdomain to a different DNS service provider

  • Service (SRV) record, which is used to identify a server that uses a specific service

  • Certification authority authorization (CAA) record, which is used to specify a certification authority that is authorized to issue certificates for a domain name

  • Implicit or explicit URL forwarding record, which is used to map a domain name to another domain name of an existing website

More types of DNS records will be available in the future. For more information about how to add a DNS record, see Add a DNS record.

Does Alibaba Cloud DNS support IPv6 addresses?

Yes. Alibaba Cloud DNS supports AAAA records, which enable users to access websites by using IPv6 addresses, and Alibaba Cloud DNS can be used through IPv6 addresses. For more information, see IPv6.

Does Alibaba Cloud DNS support wildcard DNS records? If yes, for what types of DNS records does Alibaba Cloud DNS support wildcard DNS records?

Yes, Alibaba Cloud DNS support wildcard DNS records. When you add a DNS record, you can use the asterisk (*) as a wildcard to point all subdomains of a domain name to the same record value. This is also known as wildcard DNS. For example, you can add a DNS record for the domain name *.example.com. This way, all subdomains of example.com such as www.example.com and subdomain.example.com can be matched in DNS queries. Alibaba Cloud DNS supports wildcard DNS records for all types of DNS records except SRV records and URL forwarding records.

What is the default TTL period of DNS records? Can I change the TTL period?

A time-to-live (TTL) period is the period of time that a DNS record can be cached on a DNS server. When a DNS server receives a DNS request, the DNS server sends resolution requests to the name servers specified for the requested domain name and obtains resolution results. The resolution results are cached as a DNS record on the DNS server for a period of time. During this period of time, if the DNS server receives DNS requests for the same domain name, the DNS server directly returns the cached resolution results, instead of sending resolution requests to the specified name servers. This period of time is the TTL period. The default TTL period is 600 seconds, which equals 10 minutes, in Alibaba Cloud DNS. The TTL period can be changed. The value range of the TTL period varies based on the edition of Alibaba Cloud DNS. For more information, see Editions.

Can I map a subdomain to multiple IP addresses?

Yes, you can map a subdomain to multiple IP addresses. This way, requests for the subdomain can be evenly distributed to the servers that host your website to reduce the load on each server. For example, you can add an A record in Alibaba Cloud DNS to map a domain name to multiple IP addresses. When a visitor sends a DNS request for the domain name, Alibaba Cloud DNS returns a list of all the specified IP addresses to the local DNS server of the visitor. Then, the local DNS server determines which IP address will be returned to the visitor.

How fast can the modification of a DNS record be synchronized to DNS servers around the world?

After you modify a DNS record, Alibaba Cloud DNS can synchronize the modified DNS record to DNS servers around the world within 10 seconds. Note that local DNS servers are beyond the control of Alibaba Cloud DNS. DNS records are cached on a local DNS server based on the TTL period that you specify.

Does Alibaba Cloud DNS support weighted round-robin?

Yes, Alibaba Cloud DNS supports weighted round-robin. If a domain name is mapped to multiple IP addresses, you can use weighted round-robin to set a weight for each IP address. This way, access traffic is forwarded to different IP addresses by weight. During A/B testing, you can use this feature to forward a small portion of traffic to a server on which the software is updated. For example, the domain name www.example.com is mapped to two IP addresses in which one has a weight of 3 and the other has a weight of 1. In this case, Alibaba Cloud DNS returns the IP address with a weight of 3 for 75% of the time, and the IP address with a weight of 1 for 25% of the time. A weight can be set to a number in the range of 0 to 100. For more information, see Set weights.

What is the intelligent DNS resolution feature of Alibaba Cloud DNS?

During intelligent DNS resolution, DNS servers return IP addresses based on the sources of visitors. This enables visitors to obtain an IP address specified for a website when they access the website. For more information, see Intelligent DNS resolution.

How does intelligent DNS resolution determine the geographical location of a visitor?

Intelligent DNS resolution determines the geographic location of a visitor based on the outbound IP address of the visitor's local DNS server.

How is the intelligent DNS resolution feature billed?

The intelligent DNS resolution feature is not separately billed. The fee of this feature is included in the fees you pay when you purchase an edition of Alibaba Cloud DNS. In addition, the supported resolution lines vary based on the edition of Alibaba Cloud DNS. For more information, see Pricing and Edition comparison.

Can I point a domain name to multiple server IP addresses by using intelligent DNS resolution, and select overlapping geographic locations for resolution lines? If yes, how does Alibaba Cloud DNS respond to DNS requests?

Yes, you can point a domain name to multiple server IP addresses and select overlapping geographic locations for resolution lines. For example, assume that you select Outside mainland China, Asia, and Singapore for resolution lines. If a visitor is in Singapore, Alibaba Cloud DNS returns the IP address specified for the Singapore line. If a visitor is in Asia but not in Singapore, Alibaba Cloud DNS returns the IP address specified for the Asia line. If a visitor is in a continent other than Asia, Alibaba Cloud DNS returns the IP address specified for the line outside the Chinese mainland.

Can I enter an IP address outside the Chinese mainland as the record value when adding a DNS record?

Yes, you can enter an IP address outside the Chinese mainland as the record value. Alibaba Cloud DNS allows domain names to be mapped to IP addresses both in and outside the Chinese mainland.  

Are there any limitations on the type of IP address that can be set as a DNS record value?

No, there is no limitation on the type of IP address for a DNS record value. When you add a DNS record, you can enter a public IP address or a private IP address as the record value. In actual business scenarios, private IP address is provided only for testing.

What can I do if someone else's domain name is resolved to the IP address of our company's website?

You can perform the following operations to solve this issue:

(1) Use DNS query tools, such as nslookup or dig, to verify whether unauthorized domain names are resolved to the IP address of your server.

(2) Check the configurations of your web server to confirm whether additional sites or domain names are bound to your server, ensuring that your server configurations have not been maliciously tampered with.

(3) Contact the domain name registrant to inform him of this incorrect configuration and ask them to correct DNS records. You can obtain the domain registrant's contact information through Whois Domain Lookup.

(4) If you cannot contact the domain registrant or the issue cannot be resolved immediately, you can configure the server to block traffic from that domain name. The specific method depends on the web server software you are using.

(5) Configure monitoring rules to inspect whether new unauthorized domain names are resolved to the IP address of your server. You need to record the details of this event, including the time, domain names, and solutions, for subsequent tracking or providing evidence.

(6) If the above measures are ineffective and this issue may severely affect your websites or servers, you can seek legal advice from professionals. Before that, you need to collect necessary evidence, such as resolution records and access logs.

Does Alibaba Cloud DNS support DNSSEC?

Alibaba Cloud DNS supports Domain Name System Security Extensions (DNSSEC). DNSSEC is a DNS security authentication mechanism provided by the Internet Engineering Task Force (IETF). DNSSEC enhances DNS verification by using public-key-encrypted digital signatures, providing security protection for the infrastructure of Alibaba Cloud DNS. This feature helps ensure that visitors are directed to your web server and avoid DNS hijacking and pollution.

Does Alibaba Cloud DNS support dynamic DNS (DDNS)?

No, Alibaba Cloud DNS does not support DDNS.  

Does Alibaba Cloud DNS allow a domain name to be mapped to a port?

This depends on the type of DNS record that you add. When you add an A or AAAA record, Alibaba Cloud DNS does not allow you to enter the record value in the format of Domain name:Port number to map a domain name to a port. When you add a URL forwarding record, you can enter the record value in the format of Domain name:Port number to map a domain name to a port.

Can I delegate a subdomain to Alibaba Cloud DNS for DNS resolution?

Yes, you can delegate a subdomain to Alibaba Cloud DNS. For more information, see Subdomain management.  

Does Alibaba Cloud DNS support anycast?

Yes, Alibaba Cloud DNS supports anycast. Alibaba Cloud DNS responds to DNS requests on DNS servers closest to visitors by using anycast based on DNS servers deployed all over the world. This way, Alibaba Cloud DNS is capable of delivering query performance with a lower latency, and synchronizing DNS record changes to DNS servers around the world within seconds.

Can I use Alibaba Cloud DNS to host subdomains if the primary domain is hosted by a third-party DNS service provider?

Yes, you can use Alibaba Cloud DNS to host subdomains if the primary domain is hosted by a third-party DNS service provider. For more information about how to add a subdomain, see Subdomain management.

Why is the number of DNS records of a subdomain displayed as 0 on the DNS Settings page after I add the subdomain for a primary domain hosted by Alibaba Cloud DNS?

After you add a subdomain, DNS records of the primary domain that match this subdomain are synchronized to this subdomain. These operations are performed asynchronously. We recommend that you wait a few minutes and refresh the page.

Why is the DNS server status of a subdomain displayed as "Running exception" on the DNS Settings page after I add the subdomain for a primary domain hosted by Alibaba Cloud DNS?

This is because Alibaba Cloud DNS does not find the DNS server information of the subdomain. This state may appear because no DNS server is configured for the subdomain. In this case, you can go to the DNS Settings page of the subdomain and obtain the names of DNS servers assigned by Alibaba Cloud DNS. Then, add two NS records for the primary domain to point the subdomain to each DNS server assigned by Alibaba Cloud DNS.

Note: After NS records are added for the primary domain, the DNS server status of the subdomain may still be displayed as "Running exception". This is because the DNS server status is detected on a regular basis but not in real time. We recommend that you wait a few minutes and refresh the page.

Why are the names of DNS servers assigned by Alibaba Cloud DNS not displayed on the DNS Settings page after I add a subdomain?

After you add a subdomain, Alibaba Cloud DNS assigns DNS servers to the subdomain. These operations are performed asynchronously. We recommend that you wait a few minutes and refresh the page. Then, go to the DNS Settings page of the subdomain and view the names of DNS servers assigned by Alibaba Cloud DNS in the upper part of the page.

Can I use the free edition of Alibaba Cloud DNS to host subdomains if the primary domain is hosted by a paid edition of Alibaba Cloud DNS?

A: No, you cannot. You must make sure that the primary domain and subdomains are hosted by the same edition if they are both hosted by Alibaba Cloud DNS. If the primary domain is hosted by a paid edition of Alibaba Cloud DNS, subdomains must be hosted by the same paid edition of Alibaba Cloud DNS.

Is the DNS resolution of subdomains affected if the subdomains are hosted by Alibaba Cloud DNS and I change the DNS service provider of the primary domain from a third-party DNS service provider to Alibaba Cloud DNS?

You can perform the following steps to change the DNS service provider of the primary domain without affecting the DNS resolution of the subdomains (the following steps are related to the subdomains; for the migration of the primary domain, see Smooth domain name imgration to Alibaba Cloud DNS):

(1) If the primary domain is not registered with Alibaba Cloud, add the primary domain in Alibaba Cloud DNS. If the primary domain is registered with Alibaba Cloud, skip this step.

(2) Add NS records for subdomains under the primary domain to delegate the subdomains to Alibaba Cloud DNS.

(3) Go to the website of the domain name registrar to change the DNS server of the primary domain.

(4) Retain the NS records of the primary domain on the website of the original DNS service provider for at least 48 hours after the DNS server is changed.

What do I do if an NS record that I want to add for a primary domain conflicts with a subdomain?

You can remove the subdomain from the primary domain and add the NS record again. However, this operation may affect the DNS resolution of the subdomain. For more information, see DNS record conflict rules.

What do I do if both the primary domain and subdomains are hosted by Alibaba Cloud DNS and I want to change the DNS service provider of the primary domain to a third-party DNS service provider without affecting the DNS resolution of the subdomains?

You can perform the following steps to change the DNS service provider of the primary domain without affecting the DNS resolution of the subdomains (the following steps are related to the subdomains; for the migration of the primary domain, see Smooth domain name imgration to Alibaba Cloud DNS):

(1) On the website of a third-party DNS service provider, add NS records for the subdomains under the primary domain to delegate the subdomains to Alibaba Cloud DNS.

(2) Go to the website of the domain name registrar to change the DNS server of the primary domain.

(3) Retain the NS records of the primary domain in the Alibaba Cloud DNS console for at least 48 hours after the DNS server is changed.