Create a managed reverse lookup zone

This page provides instructions about how to create a managed reverse lookup zone. For detailed background information, see Managed reverse lookup zones.

A managed reverse lookup zone is a private zone with a special attribute that instructs Cloud DNS to perform a PTR lookup against Compute Engine DNS data. You must set up managed reverse lookup zones for Cloud DNS to correctly resolve non-RFC 1918 PTR records for your virtual machine (VM) instances.

To create a new managed reverse lookup private zone, complete the following steps.

Console

  1. In the Google Cloud console, go to the Create a DNS zone page.

    Go to Create a DNS zone

  2. For the Zone type, select Private.

  3. Enter a Zone name such as my-new-zone.

  4. Enter a DNS name suffix for the zone. The suffix must end with in-addr.arpa to be a reverse zone. This DNS name must match the reverse lookup name of the non-RFC 1918 PTR records that you are trying to resolve through Cloud DNS. For example, if you are trying to match the PTR record for 20.20.1.2, you must create a reverse lookup zone with the DNS name of 2.1.20.20.in-addr.arpa.

  5. Optional: Add a description.

  6. Under Options, select Managed reverse lookup zone.

  7. Select the networks to which the private zone must be visible.

  8. Click Create.

gcloud

Run the dns managed-zones create command:

gcloud dns managed-zones create NAME \
    --description=DESCRIPTION \
    --dns-name=DNS_SUFFIX \
    --networks=VPC_NETWORK_LIST \
    --visibility=private \
    --managed-reverse-lookup

Replace the following:

  • NAME: a name for your zone
  • DESCRIPTION: a description for your zone
  • DNS_SUFFIX: the DNS suffix for your reverse zone that must end in .in-addr.arpa; typically, reverse zones take the form ${ip_block_in_reverse}.in-addr.arpa
  • VPC_NETWORK_LIST: a comma-delimited list of VPC networks that contain the Google Cloud resources to which PTR records resolve

Terraform

resource "google_dns_managed_zone" "default" {
  name           = "my-new-zone"
  description    = "Example DNS reverse lookup"
  provider       = google-beta
  visibility     = "private"
  dns_name       = "2.2.20.20.in-addr.arpa."
  reverse_lookup = "true"
}

What's next