This page describes special configurations for DNS.
DNS outbound forwarding for multiple VPC networks
If you want more than one Virtual Private Cloud (VPC) network to query an on-premises DNS server, you must create a forwarding zone in one of the networks that points to the on-premises environment. Then, in each of the other projects, create a peering zone that points to the VPC network designated to query the forwarding zone.
For example, you have VPC networks A, B, and C connected to
on-premises through VPN tunnels and/or VLAN attachments. You can create a
forwarding zone in VPC network A that forwards requests to the
on-premises DNS server. You can then create peering zones for VPC
networks B and C that point to the forwarding zone. As a result, queries for
example.com. resolve according to the
VPC name resolution order
of VPC network A.
- Suppose that your domain
company.comhas several VPC networks in the Google Cloud Console that may or may not be DNS peered.
- All the VPC networks need to reach the same set of
on-premises DNS servers for records in the DNS zone
- Ensure that the VPC networks do not have overlapping CIDR ranges.
- Designate a single VPC network for outbound DNS forwarding
to on-premises name servers. Name this
core-vpc, for example.
- Configure one or more VPN tunnels or VLAN attachments between
core-vpcand your on-premises environment.
- Create an outbound forwarding zone in the project that contains
core-vpcfor the DNS name
corp.company.com.. Configure the IP addresses of the on-premises name servers as the targets of the zone. Authorize
core-vpcto query the forwarding zone.
- For every other VPC network,
create a DNS peering zone
for the DNS name
corp.company.com.that points to
- To find solutions for common issues that you might encounter when using Cloud DNS, see Troubleshooting.
- To get an overview of Cloud DNS, see Cloud DNS overview.