您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

Azure DNS 别名记录概述Azure DNS alias records overview

Azure DNS 别名记录是对 DNS 记录集的限定。Azure DNS alias records are qualifications on a DNS record set. 它们可以引用 DNS 区域中的其他 Azure 资源。They can reference other Azure resources from within your DNS zone. 例如,可以创建引用 Azure 公共 IP 地址而不是 A 记录的别名记录集。For example, you can create an alias record set that references an Azure public IP address instead of an A record. 别名记录集动态指向 Azure 公共 IP 地址服务实例。Your alias record set points to an Azure public IP address service instance dynamically. 因此,别名记录集在 DNS 解析过程中可自行无缝更新。As a result, the alias record set seamlessly updates itself during DNS resolution.

Azure DNS 区域中的以下记录类型支持别名记录集:An alias record set is supported for the following record types in an Azure DNS zone:

  • AA
  • AAAAAAAA
  • CNAMECNAME

备注

如果你打算使用 A 或 AAAA 记录类型的别名记录来指向 Azure 流量管理器配置文件,则必须确保流量管理器配置文件仅具有外部终结点If you intend to use an alias record for the A or AAAA record types to point to an Azure Traffic Manager profile you must make sure that the Traffic Manager profile has only external endpoints. 必须为流量管理器中的外部终结点提供 IPv4 或 IPv6 地址。You must provide the IPv4 or IPv6 address for external endpoints in Traffic Manager. 不能在终结点中使用完全限定的域名 (Fqdn)。You can't use fully-qualified domain names (FQDNs) in endpoints. 最好是使用静态 IP 地址。Ideally, use static IP addresses.

功能Capabilities

  • 从 DNS A/AAAA 记录集指向公共 IP 资源Point to a public IP resource from a DNS A/AAAA record set. 你可以创建/AAAA 记录集, 并将其设置为指向公共 IP 资源 (标准或基本) 的别名记录集。You can create an A/AAAA record set and make it an alias record set to point to a public IP resource (standard or basic). 如果公共 IP 地址更改或被删除, 则 DNS 记录集会自动更改。The DNS record set changes automatically if the public IP address changes or is deleted. 这可以避免出现指向不正确 IP 地址的无关联 DNS 记录。Dangling DNS records that point to incorrect IP addresses are avoided.

    每个资源当前限制为20个别名记录集。There is a current limit of 20 alias records sets per resource.

  • 从 DNS A/AAAA/CNAME 记录集指向流量管理器配置文件Point to a Traffic Manager profile from a DNS A/AAAA/CNAME record set. 你可以创建 A/AAAA 或 CNAME 记录集并使用别名记录来将其指向流量管理器配置文件。You can create an A/AAAA or CNAME record set and use alias records to point it to a Traffic Manager profile. 当你需要在区域顶点上路由流量时, 此方法特别有用, 因为区域顶点不支持传统的 CNAME 记录。It's especially useful when you need to route traffic at a zone apex, as traditional CNAME records aren't supported for a zone apex. 例如,假设流量管理器配置文件为 myprofile.trafficmanager.net 并且业务 DNS 区域为 contoso.com,For example, say your Traffic Manager profile is myprofile.trafficmanager.net and your business DNS zone is contoso.com. 则可以为 contoso.com(区域顶点)创建一个 A/AAAA 类型的别名记录集,并使其指向 myprofile.trafficmanager.net。You can create an alias record set of type A/AAAA for contoso.com (the zone apex) and point to myprofile.trafficmanager.net.

  • 指向 Azure 内容分发网络 (CDN) 终结点Point to an Azure Content Delivery Network (CDN) endpoint. 当你使用 Azure 存储和 Azure CDN 创建静态网站时, 这非常有用。This is useful when you create static websites using Azure storage and Azure CDN.

  • 指向同一区域中的另一 DNS 记录集Point to another DNS record set within the same zone. 别名记录可引用相同类型的其他记录集。Alias records can reference other record sets of the same type. 例如,DNS CNAME 记录集可以是另一个 CNAME 记录集的别名。For example, a DNS CNAME record set can be an alias to another CNAME record set. 如果希望有些记录集是别名,有些记录集不是别名,则这种安排会很有用。This arrangement is useful if you want some record sets to be aliases and some non-aliases.

方案Scenarios

下面是别名记录的几种常见方案。There are a few common scenarios for Alias records.

防止无关联的 DNS 记录Prevent dangling DNS records

传统 DNS 记录的常见问题之一是“无关联记录”。A common problem with traditional DNS records is dangling records. 例如, 尚未更新的 DNS 记录反映对 IP 地址的更改。For example, DNS records that haven't been updated to reflect changes to IP addresses. A/AAAA 或 CNAME 记录类型特别容易出现此问题。The issue occurs especially with A/AAAA or CNAME record types.

对于传统的 DNS 区域记录,如果目标 IP 或 CNAME 不再存在,则必须手动更新与之关联的 DNS 记录。With a traditional DNS zone record, if the target IP or CNAME no longer exists, the DNS record associated with it must be manually updated. 在某些组织中, 手动更新可能不会发生, 因为进程问题或角色与关联的权限级别分离。In some organizations, a manual update might not happen in time because of process issues or the separation of roles and associated permission levels. 例如,某个角色可能有权删除属于应用程序的 CNAME 或 IP 地址,For example, a role might have the authority to delete a CNAME or IP address that belongs to an application. 但它没有足够的权限来更新指向这些目标的 DNS 记录。But it doesn't have sufficient authority to update the DNS record that points to those targets. 更新 DNS 记录时的延迟可能会导致对用户造成服务中断。A delay in updating the DNS record can potentially cause an outage for the users.

别名记录通过将 DNS 记录的生命周期与 Azure 资源紧密耦合来防止出现无关联引用。Alias records prevent dangling references by tightly coupling the life cycle of a DNS record with an Azure resource. 例如,假设某个 DNS 记录限定为别名记录,以指向公共 IP 地址或流量管理器配置文件。For example, consider a DNS record that's qualified as an alias record to point to a public IP address or a Traffic Manager profile. 如果删除这些基础资源, DNS 别名记录将变成空的记录集。If you delete those underlying resources, the DNS alias record becomes an empty record set. 它不再引用已删除的资源。It no longer references the deleted resource.

当应用程序 IP 地址更改时自动更新 DNS 记录集Update DNS record-set automatically when application IP addresses change

此方案类似于前面所述的方案。This scenario is similar to the previous one. 也许应用程序已移动,或基础虚拟机已重启。Perhaps an application is moved, or the underlying virtual machine is restarted. 当基础公共 IP 资源的 IP 地址发生更改时,别名记录将自动更新。An alias record then updates automatically when the IP address changes for the underlying public IP resource. 这避免了将用户定向到分配有旧的公共 IP 地址的另一个应用程序,从而避免了潜在的安全风险。This avoids potential security risks of directing the users to another application that has been assigned the old public IP address.

在区域顶点托管负载均衡应用程序Host load-balanced applications at the zone apex

DNS 协议会阻止在区域顶点分配 CNAME 记录。The DNS protocol prevents the assignment of CNAME records at the zone apex. 例如, 如果域为 contoso.com, 则为;您可以为 somelabel.contoso.com 创建 CNAME 记录;但不能为 contoso.com 本身创建 CNAME。For example if your domain is contoso.com; you can create CNAME records for somelabel.contoso.com; but you can't create CNAME for contoso.com itself. 对于在 Azure 流量管理器后面具有负载均衡应用程序的应用程序所有者,此限制会带来问题。This restriction presents a problem for application owners who have load-balanced applications behind Azure Traffic Manager. 由于使用流量管理器配置文件需要创建 CNAME 记录, 因此无法从区域顶点指向流量管理器配置文件。Since using a Traffic Manager profile requires creation of a CNAME record, it isn't possible to point at the Traffic Manager profile from the zone apex.

使用别名记录可解决此问题。This problem is solved using alias records. 与 CNAME 记录不同, 别名记录是在区域顶点创建的, 应用程序所有者可以将其区域顶点记录指向具有外部终结点的流量管理器配置文件。Unlike CNAME records, alias records are created at the zone apex and application owners can use it to point their zone apex record to a Traffic Manager profile that has external endpoints. 应用程序所有者指向用于其 DNS 区域中的任何其他域的同一流量管理器配置文件。Application owners point to the same Traffic Manager profile that's used for any other domain within their DNS zone.

例如, contoso.com 和 www.contoso.com 可以指向同一流量管理器配置文件。For example, contoso.com and www.contoso.com can point to the same Traffic Manager profile. 若要详细了解如何将别名记录与 Azure 流量管理器配置文件配合使用,请参阅“后续步骤”部分。To learn more about using alias records with Azure Traffic Manager profiles, see the Next steps section.

Azure CDN 终结点的点区顶点Point zone apex to Azure CDN endpoints

与流量管理器配置文件一样, 你还可以使用别名记录将 DNS 区域顶点到 Azure CDN 终结点。Just like a Traffic Manager profile, you can also use alias records to point your DNS zone apex to Azure CDN endpoints. 当你使用 Azure 存储和 Azure CDN 创建静态网站时, 这非常有用。This is useful when you create static websites using Azure storage and Azure CDN. 然后, 你可以访问该网站, 而无需为你的 DNS 名称预先计算 "www"。You can then access the website without prepending "www" to your DNS name.

例如, 如果你的静态网站命名为 www.contoso.com, 则你的用户可以使用 contoso.com 访问你的网站, 而无需在 DNS 名称前面预置 www。For example, if your static website is named www.contoso.com, your users can access your site using contoso.com without the need to prepend www to the DNS name.

如前文所述, 区域顶点不支持 CNAME 记录。As described previously, CNAME records aren't supported at the zone apex. 因此, 不能使用 CNAME 记录将 contoso.com 指向 CDN 终结点。So, you can’t use a CNAME record to point contoso.com to your CDN endpoint. 相反, 你可以使用别名记录将区域顶点直接指向 CDN 终结点。Instead, you can use an alias record to point the zone apex to a CDN endpoint directly.

备注

当前不支持从 Akamai 指向 Azure CDN 的 CDN 终结点的区域顶点。Pointing a zone apex to CDN endpoints for Azure CDN from Akamai is currently not supported.

后续步骤Next steps

若要详细了解别名记录,请参阅以下文章:To learn more about alias records, see the following articles: