Overview
To check whether Domain Name System (DNS) results are accurately returned to clients such as personal computers (PCs) and mobile phones, you can use the DNS traffic analysis feature to query corresponding DNS response details logs. These logs help you view the IP addresses of DNS request sources and check whether DNS resolution inaccuracy exists based on the regional Internet service providers (ISPs) of the IP addresses.
Note
You can query DNS response details logs of domain names for which the DNS traffic analysis feature is enabled, regardless of whether the domain names are bound to free or paid Alibaba Cloud DNS instances. To view the DNS response details logs of your domain names, enable the DNS traffic analysis feature for these domain names first. For more information, see Enable or disable the DNS traffic analysis feature for domain names.
Procedure
Log on to the Alibaba Cloud DNS console.
On the Authoritative Domain Names tab of the Authoritative DNS Resolution page, find the desired domain name and click the line chart icon in the DNS Traffic Analysis column.
On the DNS Traffic Analysis tab, click DNS Response Details Logs.
Parameters
Responded At: indicates the time when the authoritative DNS server responds to a DNS request.
Resolution Latency: indicates the time it takes for the authoritative DNS server to receive a DNS request and return a DNS result. It is not equivalent to the time it takes for a client to send a DNS request and receive a DNS result.
Source IP Address: indicates the egress IP address of the client that initiates a DNS request to the authoritative DNS server. In most cases, the source IP address is the egress IP address of the local DNS server for the ISP.
IP Address Carried in ECS: indicates the source IP address of the client carried in the EDNS Client-Subnet (ECS) extension. The local DNS server that supports ECS converts the source IP address of the client and carries it in the ECS extension. This way, the authoritative DNS server can perform more accurate DNS resolution based on the source IP address carried in the ECS extension.
Domain Name: indicates the domain name for which the DNS request is sent.
Record Type: indicates the DNS record type, such as A, AAAA, CNAME, TXT, and MX.
DNS Results: indicates the DNS result.
Status: indicates the status of the DNS response.
State | Description |
NOERROR | The DNS request was responded to, which indicates that the DNS resolution was successful. |
NXDOMAIN (Non-Existent Domain) | The requested domain name does not exist. |
SERVFAIL (Server Failure) | This request cannot be processed due to an error on the destination DNS server. |
REFUSED | The DNS server refused to perform the specified operation due to policy reasons. For example, the DNS server may not want to respond to the requests from the specified clients or may not want to perform a specific operation (such as cross-region transmission) on the specified data. |
FormErr (Format Error) | The DNS server failed to identify the request. |
NotImp (Not Implemented) | The DNS server does not support the request type. |
Drop | The DNS server drops specific requests due to policy reasons, such as malformed packet requests. |
DNS Server IP Address: indicates the IP address of the authoritative DNS server that responds to the DNS request.
Query data based on specific criteria
Query data by time range
You can select Last Hour, Last 12 Hours, Today, Yesterday, 7 Days, or 15 Days from the drop-down list to query data within the selected time range. You can also query data in a custom time range within the last 90 days.
Query data by keyword
You can filter data based on Source IP Address, Domain Name, Record Type, DNS Results, Status, and DNS Server IP Address.
Elastic Compute Service (ECS)
Lingma
