Each device in a network requires an IP address to facilitate TCP/IP communication. Traditionally, IP addresses were assigned manually. However, Dynamic Host Configuration Protocol (DHCP) servers can dynamically assign IP addresses using the DHCP protocol. In virtual private clouds (VPCs) in Alibaba Cloud, the DHCP options sets provide consistent configuration for resources such as Elastic Compute Service (ECS) instances, thus simplifying network setup.
Overview
DHCP options sets
DHCP is a network protocol that enables servers to dynamically assign IP addresses and configuration information to clients, thus facilitating communication and access to network resources. It streamlines network management by automating the assignment of IP addresses to devices in a TCP/IP network.
A DHCP options set is a feature available in Alibaba Cloud that defines and centrally manages network parameters, allowing users to uniformly configure key settings such as DNS servers and domain names. When a VPC is associated with a DHCP options set, ECS instances in the VPC access network configurations such as domain names and DNS servers from the options set through the DHCP server. This ensures consistent and customized network configurations for all ECS instances in the VPC without the need for manual configuration.
Types of DHCP options sets
There are two types of DHCP options sets: default and custom.
Default: Includes a private domain name and default DNS server, which cannot be modified. The default set does not consume the resource quota.
A default DHCP options set is automatically created and associated with a VPC when the DNS hostname feature is enabled for the first time in a region. ECS instances in the VPC are then uniformly configured with the specified private domain name, allowing resource access through the private domain name and hostname. If you disable the DNS hostname feature, the system will automatically dissociate the default DHCP options set but will not delete it. If other VPCs in the region enable this feature, the system will reassociate the default DHCP options set with the new VPC.
You can manually dissociate the default DHCP options set from the VPC. After dissociation, ECS instances in the VPC will no longer be able to access resources through the hostname.
Custom: You can customize domain names and DNS servers. By associating this options set with a VPC, you enable the instances in the VPC to automatically receive information about custom configurations.
Scenario
Unified network configuration: By configuring a custom DNS server and combing it with a DHCP options set in a VPC, businesses can provide uniform configurations to ECS instances. This enhances efficiency by simplifying the setup of development and testing environments and streamlining network configurations during promotional events.
Limits
Supported regions
Quotas
Scenario
A company has a VPC in the China (Beijing) region with multiple ECS instances for various business operations. This example takes two ECS instances for reference. In addition, the company has a set of custom DNS servers to provide private domain name resolution for internal systems, enabling seamless and secure connections between ECS instances.
To enhance management efficiency and simplify processes, the company plans to use the DHCP options set feature to uniformly configure private domain names and custom DNS servers for all ECS instances in the VPC, eliminating the need for individual ECS instance configurations.
The process is as follows:
No. | Description |
1 | After an ECS instance is created in the VPC, the instance communicates with the DHCP server to retrieve information such as IP addresses. |
2 | When attached to the VPC, the DHCP options set provides ECS instances with configuration details, such as custom domain names and custom DNS servers. |
3 | After receiving the DHCP options set configurations, the ECS instance sends a query request to the DNS server to obtain the mapping between domain names and IP addresses. The DNS server returns the resolution results to the ECS instance and enables the ECS instance to use the custom domain name for internal communication. |
Prerequisites
A VPC has been created in the China (Beijing) region with two ECS instances, ECS01 and ECS02. You have a custom DNS server in the region, with private domain names and their corresponding private IP address mappings configured for ECS01 and ECS02 on the server.
Download the file dns-server.zip.
Log on to Alibaba Cloud Shell, and upload the file to Cloud Shell.
Run the following commands in sequence to unzip the package, enter the root directory, initialize the script, and then create resources.
unzip dns-server.zip cd dns-server terraform init terraform apply -auto-approveIf the following result is returned, the resources have been created.
Apply complete! Resources: 8 added, 0 changed, 0 destroyed.
Procedure
Step 1: Create and associate a DHCP options set
Log on to the VPC console.
In the left-side navigation pane, click DHCP Options Sets.
In the top navigation bar, select the region where you want to create the DHCP options set.
NoteThe region of the DHCP options set must be the same as that of the VPC.
- On the DHCP Options Sets page, click Create DHCP Options Set.
On the Create DHCP Options Set page, configure the parameters set based on the following information, and then click OK.
Parameter
Description
Domain Name
Enter the hostname suffix. In this example, we use example.com.
NoteWhen you specify the hostname suffix as example.com, the
/etc/resolv.conffile of the ECS instances in the VPC will automatically includesearch example.comas the search domain after the DHCP option set is associated with the VPC. You can access other ECS instances in the VPC using only the hostname, and the system will automatically complete the hostname suffix. For example, when you enter the hostnameWeb01, the system will attempt to resolveWeb01.example.com. If there is a corresponding DNS record, the access will be successful without the need to remember the full domain name.This topic uses an ECS instance running the Linux CentOS 7.9 operating system as an example. For information on how to view the search domain on Windows, see your operating system manual.
DNS Server IP Address
In this example, click Custom Server IP, and enter 192.168.1.197.
You can specify up to four custom DNS server IPs.
ImportantWhen specifying a custom DNS server IP, take note of the following limits:
The system automatically fills in the default private network DNS server addresses in the VPC, which are 100.100.2.136 and 100.100.2.138. If you delete them, you may not be able to access the basic cloud services on Alibaba Cloud. Proceed with caution.
You need to add rules that allow access to the custom DNS server IPs in security groups and network ACLs (if any). Otherwise, private services may not be resolved.
Adding IPv6 DNS server IPs is not supported.
On the Create DHCP Options Set page, click Associate VPC.
In the Associate VPC dialog box, select the VPC where the ECS is located, and then click OK.
NoteA DHCP options set can be associated with multiple VPCs in the same region, but a VPC can only be associated with one DHCP options set in a given region.
After the DHCP options set is associated with the VPC, the following will happen:
Existing ECS instances in the VPC will use the configuration in the DHCP options set after restarting ECS instances, the DHCP process in ECS instances, or the network service.
New ECS instances in the VPC will automatically use the configuration in the DHCP options set.
If the associated VPC has the VPC sharing feature enabled, the DHCP options set will apply to ECS instances in the shared VPC.
Step 2: Test connectivity
Restart ECS01 and ECS02.
(Optional) Log on to ECS01 and ECS02, and run the
cat /etc/resolv.confcommand.If the following result is returned, the configuration in the associated DHCP options set has taken effect.
Test connectivity
Log on to the ECS01 instance, and run the following commands to test whether ECS01 can access ECS02 using the hostname and private domain name.
ping Web02 ping Web02.example.comIf the following results are returned, ECS01 can access ECS02 using the hostname.
If the following results are returned, ECS01 can access ECS02 using the private domain name.
Related steps
Dissociate a DHCP options set
After dissociating the VPC from the DHCP options set, the following will happen:
Existing ECS instances in the VPC will continue to use the configuration of the DHCP options set until you restart the ECS instances, the DHCP process in ECS instances, or the network service.
New ECS instances in the VPC will not use the configuration of the DHCP options set, including the domain name and custom DNS server. They will use the default DNS server instead.
You can dissociate the DHCP options set from the VPC in the following ways:
On the VPC page, click the target instance ID. Dissociate by following the steps in the figure.
On the DHCP Options Set page, click the target instance ID. Follow the steps in the figure to dissociate.
Modify a DHCP options set
After modifying the DHCP options set, the following will happen:
Existing ECS instances in the VPC will continue to use the configuration of the DHCP options set until you restart the ECS instances, the DHCP process in the ECS instance, or the network service.
New ECS instances in the VPC will use the new configuration.
On the DHCP Options Set page, click the instance ID. Follow the steps in the figure to modify the DHCP options set.
FAQs
1. How do I achieve mutual access between ECS instances in a VPC using private domain names if I use the default DNS server of Alibaba Cloud?
You can use the following two methods:
Use internal DNS resolution to add intranet DNS records for ECS instances to achieve mutual access. For more information, see Generate intranet DNS records for ECS hostnames.
Enable DNS hostnames and configure private DNS resolution for ECS instances. For more information, see Enable DNS hostname for ECS private domain name access in VPC.
2. How do I restart the network service after a DHCP options set is associated with a VPC to which the existing ECS instances belong?
The command to restart the network service varies depending on the specific Linux operating system used.
Operating system | Version | Command to restart network service |
CentOS | 6 | service network restart |
7 | systemctl restart network | |
8 | systemctl restart NetworkManager | |
Debian | 8 | systemctl restart networking |
9 | systemctl restart networking | |
10 | systemctl restart networking | |
Ubuntu | 14 | service networking restart |
16 | systemctl restart networking | |
18 | systemctl restart systemd-networkd | |
20 | systemctl restart systemd-networkd | |
Alibaba Cloud Linux 2 | 2 | systemctl restart network |
Alibaba Cloud Linux 3 | 3 | systemctl restart NetworkManager |
References
For more information on how to enable DNS hostnames when using the default DNS server to achieve mutual access between ECS instances using private domain names, see Enable DNS hostnames.
For a detailed introduction to internal DNS resolution (PrivateZone), see Introduction to internal DNS resolution.
CreateDhcpOptionsSet: Create a DHCP options set.
AttachDhcpOptionsSetToVpc: Associate a DHCP options set with a VPC.
DetachDhcpOptionsSetFromVpc: Dissociate a DHCP options set from a VPC.
UpdateDhcpOptionsSetAttribute: Modify DHCP options set configuration information.