Help Center/ Domain Name Service/ Getting Started/ Configuring Private Domain Name Resolution for ECSs
Updated on 2025-08-27 GMT+08:00
View PDF
Share

Configuring Private Domain Name Resolution for ECSs

Scenarios

If you have deployed ECSs and other cloud services in a VPC, you can configure private domain names for the ECSs so that they can communicate with each other or access the cloud services over a private network.

This section uses ECSs as an example to describe how to create a private zone and add a record set to it.

Video Tutorial

This video shows how to configure private domain names for ECSs in a VPC to communicate with each other.

Preparations

This section uses a Huawei Cloud ECS as an example. Before configuring private domain name resolution, log in to the ECS console to check the private IP address of your ECS.

Step 1: Create a Private Zone

Before using a private domain name (for example, example.com) to access an ECS, you need to create a private zone.

  1. Go to the Private Zones page.
  2. Click in the upper left corner and select the desired region and project.
  3. In the upper right corner of the page, click Create Private Zone.
  4. On the Create Private Zone page, set parameters as instructed.

  5. Click OK.

Step 2: Add an A Record Set

Add an A record set for the created private zone.

  1. In the private zone list, click Manage Record Sets in the Operation column of the target private zone.

  2. On the Record Sets tab, click Add Record Set.
  3. Configure the parameters as follows:
    • Name: Leave it blank.
    • Type: Select A – Map domains to IPv4 addresses.
    • Value: Enter the private IP address of the ECS.

    Retain the default values of other parameters.

  4. Click OK.
  5. Switch back to the Record Sets tab.

    The added record set is in the Normal state.

Step 3: Change the DNS Servers for the VPC Subnet

To make the private zone and its record sets take effect in a VPC, ensure that the VPC subnets associated with the ECS use the private DNS server addresses provided by the DNS service.

  1. View the DNS server addresses for the VPC subnet associated with the ECS.
    1. Go to the ECS list page.
    2. In the ECS list, click the name of the target ECS.
    3. On the Summary tab of the ECS details page, click the name of the VPC subnet associated with the ECS NIC.

    4. In the Gateway and DNS Information area, view the DNS server addresses used by the ECS.

  2. View the private DNS server addresses provided by the DNS service.
    • Method 1 (recommended): View the private DNS server addresses on the management console.
      1. Go to the Private Zones page.
      2. Click in the upper left corner and select the desired region and project.
      3. In the private zone list, locate the private zone and click the domain name.

        View the private DNS server addresses on the top of the record set list.

    • Method 2: View the private DNS server addresses for each region by referring to What Are Huawei Cloud Private DNS Server Addresses?

    Check whether the private DNS server addresses are the same as the DNS server addresses for the VPC subnet obtained in 1. If they are different, go to 3.

  1. Change the DNS server addresses for the VPC subnet.

    Return to the VPC subnet summary page in 1.d and click next to DNS Server Address.

    Change the DNS server address of the VPC subnet to the private DNS server address of Huawei Cloud as instructed.

Step 4: Check Whether the Record Set Takes Effect

Log in to the ECS and run nslookup domain name.

Example: nslookup example.com

As shown in the following figure, when the displayed IP address is the same as the IP address configured in the A record set, the record set has taken effect.