Updated on 2025-08-18 GMT+08:00

Overview

What Is Private Domain Resolution?

A private domain name is a domain name that takes effect in a VPC. DNS allows you to map private domain names to private IP addresses and resolves domain names for other cloud services within VPCs.

Private domain names have the following features:

  • You can create any private domain names without registering them.
  • One private domain name can be associated with multiple VPCs and is valid only in VPCs. There is no limit on the number of associated VPCs.

To resolve private domain names, you need to create a private zone and associate it with VPCs as needed.

Private DNS resolution translates domain names like ecs.com and their subdomains used within one or more VPCs to private IP addresses (such as 192.168.1.1). With private domain name resolution, ECSs within a VPC can communicate with each other using private zones. These ECSs can also access cloud services, such as Object Storage Service (OBS) and Simple Message Notification (SMN), over a private network.

Resolution Process

Figure 1 shows the resolution process.

Figure 1 Resolution process

When an ECS in the VPC requests to access a private domain name, the private DNS server directly returns a private IP address mapped to the domain name.

Scenarios

Private domain name resolution is applicable to the scenarios below.

You can plan host names based on the locations, usages, and account information of ECSs, and map the host names to private IP addresses. This helps you manage ECSs more easily.

For example, if you have deployed 20 ECSs in an AZ, 10 used for website A and 10 for website B, you can plan their host names and private zones as follows:

  • ECSs for website A: weba01.region1.az1.com – weba10.region1.az1.com
  • ECSs for website B: webb01.region1.az1.com – webb10.region1.az1.com

After configuring the preceding private zones, you will be able to quickly determine the locations and usages of ECSs during routine management and maintenance.

For detailed operations, see Configuring Private Domain Name Resolution for ECSs.

Related Operations

Table 1 Functions related to private domain name resolution

Category

Operation

Description

Private zones

Creating a Private Zone

Create a private zone for your domain name.

Managing Private Zones

Modify, delete, batch delete, and view private zones.

Constraints

  • The domain name of a created private zone cannot be modified.
  • If a private zone is deleted, all its record sets will also be deleted.

Sharing a Private Zone Across Accounts

Share a private zone across accounts.

Associating a VPC with a Private Zone

Apply a private zone in multiple VPCs.

Constraints

  • You can only associate VPCs that you have created using your own account.
  • Each VPC can be associated only with one private zone. However, a private zone can have more than one VPC associated with it.

Disassociating a VPC from a Private Zone

Disassociate a private zone from a VPC.

  • After the disassociation, private zones will not work in the VPC.
  • If only one VPC is associated with the private zone, the VPC cannot be disassociated.

    In this case, you can delete the private zone to make it invalid in the VPC.

DNS rules

Record Set Types and Configuration Rules

Learn about types, scenarios, and configuration rules of record sets supported by private zones.

Rules for Handling Record Set Conflicts

Learn about record set conflicts of private zones and how to handle the conflicts.

Record sets

Adding Record Sets for a Private Zone

Configure record sets for private zones.

Configuring Recursive Resolution for Subdomains

Set a recursive resolution proxy for subdomains in a private zone.

Managing Record Sets

Modify a record set, delete a record set, batch delete record sets in a single zone, and view record set details.

Disabling or Enabling Record Sets

Disable or enable record sets for a domain name.

SOA and NS record sets are automatically generated and cannot be disabled.