Access VMs using internal DNS


VMs in the same Virtual Private Cloud network can access each other by using internal DNS names instead of IP addresses.

Before you begin

  • If you haven't already, then set up authentication. Authentication is the process by which your identity is verified for access to Google Cloud services and APIs. To run code or samples from a local development environment, you can authenticate to Compute Engine by selecting one of the following options:

    Select the tab for how you plan to use the samples on this page:

    Console

    When you use the Google Cloud console to access Google Cloud services and APIs, you don't need to set up authentication.

    gcloud

    1. Install the Google Cloud CLI, then initialize it by running the following command:

      gcloud init
    2. Set a default region and zone.

    REST

    To use the REST API samples on this page in a local development environment, you use the credentials you provide to the gcloud CLI.

      Install the Google Cloud CLI, then initialize it by running the following command:

      gcloud init

    For more information, see Authenticate for using REST in the Google Cloud authentication documentation.

Determine the internal DNS name for a VM

Use the following procedure to read the internal DNS name assigned to a VM instance. You can get the internal DNS name by querying the hostname metadata entry.

  1. Connect to the VM.
  2. Query the hostname metadata:

    Linux VMs

    curl "http://metadata.google.internal/computeMetadata/v1/instance/hostname" \
      -H "Metadata-Flavor: Google"
    

    Windows VMs

    Invoke-RestMethod `
      -Headers @{"Metadata-Flavor" = "Google"} `
      -Uri "http://metadata.google.internal/computeMetadata/v1/instance/hostname"
    

The metadata server returns the VM's hostname in one of the following formats, which shows the type of internal DNS name that the VM uses:

  • Zonal DNS: VM_NAME.ZONE.c.PROJECT_ID.internal
  • Global DNS: VM_NAME.c.PROJECT_ID.internal

In the output:

  • VM_NAME: the name of the VM
  • ZONE: the zone where the VM is located
  • PROJECT_ID: the project to which the VM belongs

Access VMs by internal DNS name

To access the VM, use the internal DNS name in place of the IP address.

The following example uses ping to contact a VM that uses zonal DNS. This method works, provided that you have created a firewall rule that allows incoming ICMP traffic to the instance.

$ ping VM_NAME.ZONE.c.PROJECT_ID.internal -c 1

PING VM_NAME.ZONE.c.PROJECT_ID.internal (10.240.0.17) 56(84) bytes of data.
64 bytes from VM_NAME.ZONE.c.PROJECT_ID.internal (10.240.0.17): icmp_seq=1 ttl=64 time=0.136 ms

Replace the following:

  • VM_NAME: the name of the VM
  • ZONE: the zone where the VM is located
  • PROJECT_ID: the project to which the VM belongs

What's next