Introduction
Recursive Gateway provides rate limiting protection for enterprise domain name queries made through Alibaba Cloud Public DNS (223.5.5.5/223.6.6.6). This service ensures the stability of recursive resolution. It also prevents rate limiting that is triggered by internal web crawlers or malicious requests from affecting normal domain name resolution.
Features
Feature | Description | Key parameters |
Recursive resolution | The Recursive Gateway service can replace carrier recursive DNS. It provides public recursive resolution for terminals in environments such as office networks and data centers (IDCs). The service resolves domain names to IP addresses. | |
Effective immediately | The Recursive Gateway service does not alter the TTL of DNS records. This helps DNS records take effect quickly. | |
Linked refresh | For domain names hosted on the Alibaba Cloud DNS authoritative service, changes to authoritative records can trigger a linked refresh of the cached records in Recursive Gateway. This process makes the updated records take effect faster for clients. | Linked refresh takes effect in seconds. |
Rate limiting protection | The Recursive Gateway service provides rate limiting protection for customers who have bound their source IP addresses. When Alibaba Cloud Public DNS is under a large-scale network attack, the service prioritizes DNS queries from the source IPs bound in the Recursive Gateway to ensure normal resolution (but this does not guarantee that rate limiting will never be applied). |
Benefits
Benefit | Description |
Extensive node coverage | Recursive Gateway is deployed on over 160 nodes worldwide. It covers the three major carriers in first-tier cities across the Chinese mainland. Outside the Chinese mainland, more than 18 cluster nodes are deployed. These nodes provide comprehensive coverage across major continents, especially in Southeast Asia, Europe, and the Americas. The service uses Anycast IP to connect clients to the nearest node, which improves resolution speed. |
Stable and reliable service | The service is built on proprietary, high-performance DNS software that can handle large-scale, high-concurrency query requests. Compared to free public DNS or carrier DNS services, it offers superior stability. Resolution failures are less likely to occur in high-concurrency scenarios. |
Scenarios
Application Scenario | Scenario description |
Public domain name recursion for data centers or office networks | Public domain name recursion from data centers (IDCs) or office networks often requires high-performance recursive DNS that supports low latency, high concurrency, and minimal packet loss. Standard carrier DNS and free public DNS services often impose rate limits. This can lead to packet loss and resolution failures when query concurrency is high. The Recursive Gateway service is ideal for these scenarios. With over 160 nodes worldwide, Recursive Gateway provides low-latency access. Its proprietary, high-performance DNS software handles high-concurrency query requests to ensure business stability. |
Global cluster distribution
Tier-1 DNS cluster nodes:
China (Hangzhou), China (Shanghai), China (Chengdu), China (Shenzhen), China (Beijing), China (Qingdao), China East 5 (Nanjing - local region - decommissioning), Dalian, Xi'an, Wuhan, Taiyuan, Zhengzhou, Tianjin, Jinan, Shijiazhuang, China (Hong Kong), US (Silicon Valley), US (Virginia), US (Atlanta), Mexico, Singapore, Germany (Frankfurt), Japan (Tokyo), UK (London), Indonesia (Jakarta), Philippines (Manila), Malaysia (Kuala Lumpur), South Korea (Seoul), Thailand (Bangkok), UAE (Dubai), and SAU (Riyadh - Partner Region).
Over 160 tier-2 DNS recursive nodes cover major tier-1 and tier-2 cities and the three major carriers in the Chinese mainland, delivering faster and more accurate resolution.
Global multi-cluster deployment provides low-latency, highly reliable resolution regardless of location.
Cluster node information is for reference only, does not constitute a service commitment, and is subject to change as infrastructure evolves.
System architecture
Recursive Gateway consists of two parts: a control layer and a resolution layer:
-
Control layer: Manages DNS data, configuration, and logs through the console and OpenAPI. Located in China (Zhangjiakou) and China (Hangzhou).
-
Resolution layer: Retrieves DNS records from the control layer and responds to queries through globally deployed server clusters across major continents and regions.