Updated on 2024-02-01 GMT+08:00

How Do I Modify DNS Record on Huawei Cloud DNS?

If your website can be accessible directly through a client (such as a browser) before you add the website domain name to WAF, after the domain name is added to WAF, point the domain name to the WAF CNAME using your DNS platform. In this way, the traffic destined for your website goes to WAF first. WAF then checks the traffic, blocks attacks, and forwards only normal traffic to the origin server.

This topic uses Huawei Cloud DNS as an example to describe how to modify DNS record. The methods to modify DNS record on other platform are similar.

Prerequisites

  • You have selected Cloud - CNAME for Protection when adding the website domain name to WAF.
  • To ensure that WAF forwards requests properly, verify WAF and domain name connection locally before modifying the DNS configuration by referring to Testing WAF.

Constraints

  • The CNAME record must be unique for the same host record. You need to change the existing CNAME record of your domain name to WAF CNAME record.
  • Record sets of different types in the same zone may conflict with each other. For example, for the same host record, the CNAME record conflicts with other records such as A record, MX record, and TXT record. If the record type cannot be directly changed, you can delete the conflicting records and add a CNAME record. Deleting other records and adding a CNAME record should be completed in as short time as possible. If no CNAME record is added after the A record is deleted, domain resolution may fail. For details, see Why Is a Message Indicating Conflict with an Existing Record When I Add a Record Set?
  • To prevent other users from configuring your domain name on WAF before you add it to WAF (this will interfere with WAF protection for your domain name), add the subdomain name and TXT record on your DNS management platform. This helps WAF identify real domain name ownership. For details about the configuration method, see What Are Impacts If No Subdomain Name and TXT Record Are Configured?
  • A modified record set takes effect when the cache duration specified by the TTL of the original record set expires. If the carrier sets a longer cache duration, the record set will take effect after this period of time elapses.

Procedure

Go to the Website Settings page on the WAF console and click in the Access Status column in the domain row to copy the CNAME record.

Perform the following steps to modify DNS record:

  1. Access the DNS resolution page, as shown in Figure 1.
    Figure 1 DNS page
  2. In the Operation column of the target domain name, click Modify. The Modify Record Set page is displayed.
  3. In the displayed Modify Record Set dialog box, change the record.
    • Name: Domain name configured in WAF
    • Type: Select CNAME - Map one domain to another.
    • Line: Default
    • TTL (s): The recommended value is 5 min. A larger TTL value will make it slower for synchronization and update of DNS records.
    • Value: Change it to the copied CNAME value from WAF.
    • Keep other settings unchanged.

    About modifying the resolution record:

    • The CNAME record must be unique for the same host record. The existing CNAME record must be changed to the WAF CNAME record.
    • Record sets of different types in the same zone may conflict with each other. For example, for the same host record, the CNAME record conflicts with another record, such as the A record, MX record, or TXT record. If the record type cannot be changed, you can delete the conflicting records and add a CNAME record. Deleting other records and adding a CNAME record should be completed in as short time as possible. If no CNAME record is added after the A record is deleted, domain resolution may fail.

    For details about the restrictions on domain name resolution types, see Why Is a Message Indicating Conflict with an Existing Record Set Displayed When I Add a Record Set?

    Figure 2 Modifying a record set
  4. Click OK.

Domain Name Resolution FAQs

more