Routing Traffic Within VPCs

Scenarios

If you have deployed ECSs and other cloud services, you can configure private domain names for the ECSs so that they can communicate with each other or access the cloud services over a private network.

You can create any private zones that are unique within VPCs. You do not need to register the domain names.

The following are operations for you to create a private zone and add an A record set to it.

Prerequisites

You have created an ECS and obtained its VPC name and private IP address.

Procedure

Figure 1 shows the process for configuring a private zone for a domain name.

**Figure 1** Process for configuring a private zone

Figure 1 Process for configuring a private zone

Note

To ensure that the private domain name can be resolved in a VPC, verify that the DNS server addresses for the VPC subnet are those provided by the DNS service. For DNS server addresses in each region, see What Are the Private DNS Servers Provided by the DNS Service? If the DNS server addresses are not those provided by the DNS service, change them.

You can view or change the DNS server addresses for the VPC subnet by performing the operations in Step 3. (Optional) Configure DNS Server Addresses for the VPC Subnet.

Step 1. Create a Private Zone

Create a private zone to allow access to your ECS using a private domain name.

  1. Log in to the management console.

  2. In the service list, choose Network > Domain Name Service.

    The DNS console is displayed.

  3. In the navigation pane, choose Private Zones.

    The Private Zones page is displayed.

  4. Click image1 in the upper left corner and select the desired region and project.

  5. Click Create Private Zone.

  6. Set Name to example.com and select the VPC where the ECS resides.

    For details about more parameters, see Creating a Private Zone.

  7. Click OK.

  8. Switch back to the Private Zones page.

    View the created private zone.

    Note

    Click the zone name to view zone details. You can view SOA and NS record sets automatically generated by the system.

    • The SOA record set defines the DNS server that is the authoritative information source for a particular domain name.

    • The NS record set defines authoritative DNS servers for a domain name.

Step 2. Add an A Record Set

To access the ECS using example.com, add an A record set.

  1. On the Private Zones page, click the name of the private zone you created.

    The Record Sets page is displayed.

  2. Click Add Record Set.

  3. Configure the parameters as follows:

    • Name: Leave this parameter blank. The system automatically considers example.com to be the name, and requests are routed to example.com.

    • Type: Set it to A - Map domains to IPv4 addresses.

    • Value: Enter the private IP address of the ECS.

    Retain the default settings for other parameters. For details, see Adding an A Record Set.

  4. Click OK.

  5. Switch back to the Record Sets page.

    View the added record set in the record set list of the zone and ensure that the status of the record set is Normal.

Step 3. (Optional) Configure DNS Server Addresses for the VPC Subnet

To ensure that the private domain name can be resolved in a VPC, verify that the DNS server addresses for the VPC subnet are those provided by the DNS service. For DNS server addresses in each region, see What Are the Private DNS Servers Provided by the DNS Service? If the DNS server addresses are not those provided by the DNS service, change them.

Query the private DNS server addresses provided by the DNS service.

  1. Log in to the management console.

  2. In the service list, choose Network > Domain Name Service.

    The DNS console is displayed.

  3. In the navigation pane, choose Private Zones.

    The Private Zones page is displayed.

  4. Click image2 in the upper left corner and select the desired region and project.

  5. In the private zone list, click the name of the zone and view the DNS server addresses.

Change the DNS server addresses.

  1. Go to the private zone list.

  2. Click the VPC name under Associated VPC.

    On the VPC console, change the DNS server addresses for the VPC subnet.

    For details, see Modifying a Subnet.