Configuration Recommendations for Self-Built DNS Servers
Note:
Evaluate whether the Private DNS product meets requirements first. Preventing Intermediate Node Determination Issues for Association with CLB
When a self-built DNS server is used on Cloud Virtual Machine (CVM) instances, two groups of CVM instances are recommended if CVM instances are associated with Cloud Load Balancer (CLB) instances. Apply for 2 CLB instances and associate each of them with a group of CVM instances, without overlapping.
Intermediate node determination issues occur if CVM instances in the same group are associated with multiple CLB instances as real servers (RSs) or if the same client accesses RSs both via CLB instance VIP addresses and through CLB bypassing. This may result in resolution timeouts.
Compatibility with Internal Domain Names of Tencent Cloud
Tencent Cloud CVM instances rely on the DNS servers of Virtual Private Cloud (VPC) networks for resolution by default. Operations, such as access to NTP/YUM repositories and monitoring data reporting, rely on the default VPC DNS servers. If the custom DNS servers of customers cannot resolve these domain names, the corresponding basic services are unavailable.
In addition, PaaS services such as Cloud Object Storage (COS) also require domain names for access by default. They also rely on the VPC DNS servers.
Therefore, self-built DNS servers of customers need to forward the following domain names to the VPC DNS servers of Tencent Cloud for resolution.
*.tencentcloudapi.com
*.tencentyun.com
*.myqcloud.com
*.tencentcos.cn
List of Tencent Cloud VPC DNS servers:
nameserver 183.60.82.98
nameserver 183.60.83.19
Configuring a Self-Built DNS Server for CVM Instances
Configuring a Self-Built DNS Server for a Single Linux CVM Instance
When CVM instances are created, the default DNS server is used. You do not need to configure a DNS server. If you determine that the corresponding VPC DNS server cannot meet your business requirements, you can configure a DNS server manually. Configuring a custom DNS server for Linux instances can prevent DNS configurations in the custom resolv.conf file from being overwritten by DHCP or cloud-init. For details, see Customizing DNS Configurations on a Linux Instance. Configuring a Self-Built DNS Server for an Entire VPC Network
The default DNS server addresses of Tencent Cloud are 183.60.83.19 and 183.60.82.98. To configure a self-built DNS server for an entire VPC network, you can configure it on the VPC network. For details, see Modifying VPC DNS. Note:
After the configurations are modified, they take effect for all CVM instances on this VPC network.
Newly created CVM instances: The configurations take effect immediately.
Existing CVM instances: The configurations take effect after a CVM instance or network service restart.
Notes for Self-Built DNS Servers
Potential Frequency Limits
VPC DNS servers of Tencent Cloud have usage limits for recursive resolution. Self-built DNS servers can cache recursive resolution results based on business needs to avoid passing large amounts of duplicate recursive resolution requests directly to the backend VPC DNS server. For specific limits, see Use Limits of Private DNS. CVM Instance Specifications and Key Metrics
Tencent Cloud CVM instances have instance specification limits, including but not limited to the number of connections, bandwidth in bps, and packets per second (PPS). If instance specifications reach the upper limits, it is recommended to upgrade the instance specifications or horizontally scale out nodes for self-built DNS servers. For details, see Instance Specifications. It is recommended to configure subscription alarms on Tencent Cloud Observability Platform (TCOP). For example, trigger an alarm when the quota utilization reaches 80% or when the instance is unreachable through ping tests. For details, see Creating Alarm Policy. Client DNS Cache