Managing Endpoint Rules

Scenarios

To allow cloud servers to access an on-premises domain name, you need to create an outbound endpoint and configure endpoint rules to specify the on-premises domain name to be accessed and the IP addresses of the on-premises DNS servers. Huawei Cloud private DNS then forwards the DNS queries for the on-premises domain name to the on-premises DNS servers based on the endpoint rules.

An endpoint rule can have more than one VPC associated. After a VPC is associated with an endpoint rule, DNS queries for the on-premises domain name from the cloud servers in the VPC will be forwarded to the on-premises DNS servers.

Constraints

The domain name of the private zone you want to create and the VPCs associated with the private zone cannot conflict with the domain names configured in and VPCs associated with the DNS Resolver endpoint rules.

For example, if the example.com domain name is configured in an endpoint rule and VPC A is associated with the endpoint rule, you cannot create a private zone for example.com and associate VPC A with the private zone.

Adding an Endpoint Rule

Before adding endpoint rule, you need to create an outbound endpoint. For details, see Creating an Outbound Endpoint.

1. Go to the Resolvers page.
2. Click on the upper left and select the desired region and project.
3. Click the Endpoint Rules tab.
4. Click Add Rule.
5. Configure the parameters based on Table 1.
   Figure 1 Adding an endpoint rule
   

   Table 1 Parameters for adding an endpoint rule

   Parameter	Description
   Name	Name of the endpoint rule added to an outbound endpoint.
   Domain Name	Domain name used by on-premises servers.
   Type	By default, Resolver is selected.
   Outbound Endpoint	Select the outbound endpoint that you want to add this endpoint rule to.
   Associate VPC	Choose whether to associate VPCs with the endpoint rule. If this option is selected, you need to select one or more VPCs.
   Region	Region that the VPCs belong to. This parameter is displayed after Associate VPC is selected.
   VPC	Select the VPCs to be associated with the endpoint rule. This parameter is displayed after Associate VPC is selected.
   IP Addresses	IP address of a DNS server in the on-premises data center. You can add one or more IP addresses.

   

   After an endpoint rule is added, the domain name, type, and outbound endpoint cannot be changed.

6. Click OK.

Viewing an Endpoint Rule

1. Go to the Resolvers page.
2. Click on the upper left and select the desired region and project.
3. Click the Endpoint Rules tab to view the endpoint rule list.

   You can view the endpoint rules you created or other users shared with you.

4. Click the name of the endpoint rule to view its details, such as basic configuration, VPCs, and IP addresses.

Modifying an Endpoint Rule

1. Go to the Resolvers page.
2. Click on the upper left and select the desired region and project.
3. Click the Endpoint Rules tab to view the endpoint rule list.
4. Locate the endpoint rule and click Modify in the Operation column.

   You can change the rule name, associate other VPCs, disassociate VPCs, and add, delete, or change IP addresses.

   

   If only one IP address is configured for the endpoint rule, the IP address cannot be deleted.

Deleting an Endpoint Rule

1. Go to the Resolvers page.
2. Click on the upper left and select the desired region and project.
3. Click the Endpoint Rules tab to view the endpoint rule list.
4. Locate the endpoint rule and choose More > Delete in the Operation column.
5. Confirm the endpoint rule and click OK.

Disassociating a VPC from an Endpoint Rule

1. Go to the Resolvers page.
2. Click on the upper left and select the desired region and project.
3. Click the Endpoint Rules tab to view the endpoint rule list.
4. Locate the endpoint rule and click in the VPCs column.

   

5. In the Disassociate VPC box, click OK.