Help Center/ Domain Name Service/ User Guide/ Resolver/ Managing Endpoint Rules
Updated on 2025-10-13 GMT+08:00

Managing Endpoint Rules

Scenarios

To allow cloud servers to access an on-premises domain name, you need to create an outbound endpoint and configure endpoint rules to specify the on-premises domain name to be accessed and the IP addresses of the on-premises DNS servers. Huawei Cloud private DNS then forwards the DNS queries for the on-premises domain name to the on-premises DNS servers based on the endpoint rules.

An endpoint rule can have more than one VPC associated. After a VPC is associated with an endpoint rule, DNS queries for the on-premises domain name from the cloud servers in the VPC will be forwarded to the on-premises DNS servers.

Constraints

The domain name of the private zone you want to create and the VPCs associated with the private zone cannot conflict with the domain names configured in and VPCs associated with the DNS Resolver endpoint rules.

For example, if the example.com domain name is configured in an endpoint rule and VPC A is associated with the endpoint rule, you cannot create a private zone for example.com and associate VPC A with the private zone.

Adding an Endpoint Rule

Before adding endpoint rule, you need to create an outbound endpoint. For details, see Creating an Outbound Endpoint.

  1. Go to the Resolvers page.
  2. Click in the upper left corner and select the desired region and project.
  3. Click the Endpoint Rules tab.
  4. Click Add Endpoint Rule.
  5. Configure the parameters based on Table 1.
    Table 1 Parameters for adding an endpoint rule

    Parameter

    Description

    Name

    Name of the endpoint rule added to an outbound endpoint.

    Domain Name

    Domain name used by on-premises servers.

    Type

    By default, Resolver is selected.

    Outbound Endpoint

    Select the outbound endpoint that you want to add this endpoint rule to.

    Associate VPC

    Choose whether to associate VPCs with the endpoint rule.

    If this option is selected, you need to select one or more VPCs.

    Region

    Region that the VPCs belong to.

    This parameter is displayed after Associate VPC is selected.

    VPC

    Select the VPCs to be associated with the endpoint rule.

    This parameter is displayed after Associate VPC is selected.

    IP Addresses

    IP address of a DNS server in the on-premises data center.

    You can add one or more IP addresses.

    NOTE:
    • When you add multiple IP addresses, the servers are polled in sequence by default to ensure that requests are evenly distributed to each server.
    • Port 53 is the default port used by DNS servers. It cannot be customized.

    After an endpoint rule is added, the domain name, type, and outbound endpoint cannot be changed.

  6. Click OK.

Viewing an Endpoint Rule

  1. Go to the Resolvers page.
  2. Click in the upper left corner and select the desired region and project.
  3. Click the Endpoint Rules tab to view the endpoint rule list.

    You can view the endpoint rules you created or other users shared with you.

  4. Click the name of the endpoint rule to view its details, such as basic configuration, VPCs, and IP addresses.

Modifying an Endpoint Rule

  1. Go to the Resolvers page.
  2. Click in the upper left corner and select the desired region and project.
  3. Click the Endpoint Rules tab to view the endpoint rule list.
  4. Locate the endpoint rule and click Modify in the Operation column.

    You can change the rule name, associate other VPCs, disassociate VPCs, and add, delete, or change IP addresses.

    If only one IP address is configured for the endpoint rule, the IP address cannot be deleted.

Deleting an Endpoint Rule

  1. Go to the Resolvers page.
  2. Click in the upper left corner and select the desired region and project.
  3. Click the Endpoint Rules tab to view the endpoint rule list.
  4. Locate the endpoint rule and choose More > Delete in the Operation column.
  5. Confirm the endpoint rule and click OK.

Disassociating a VPC from an Endpoint Rule

  1. Go to the Resolvers page.
  2. Click in the upper left corner and select the desired region and project.
  3. Click the Endpoint Rules tab to view the endpoint rule list.
  4. Locate the endpoint rule and click in the VPCs column.

  5. In the Disassociate VPC dialog box, click OK.