Troubleshooting

This page describes the errors you might encounter using Google Cloud DNS, and tells you how to handle them.

Managed Zones

This section lists errors relating to managed zones.

invalidFieldValue

Invalid value for 'entity.managedZone.name'

The managed zone creation operation can fail with this error if the managed zone name does not begin with a letter, end with a letter or digit, and contain only lowercase letters, digits, or dashes.

managedZoneDnsNameNotAvailable

The specified managed zone is not available to be created.

The managed zone creation operation can fail with this error for the following reasons:

  • The DNS name of the proposed zone is reserved, for example, dot (.), .com, or .co.uk.
  • There are no more name servers available to host the DNS name of the zone. Google Cloud DNS uses a pool of name servers, and that pool is finite. A DNS query at any name server must map unambiguously to one managed zone.

Recommended action: If you are the registered owner of the DNS name in question, check for overlapping zones. To set up DNS for a domain and its subdomains, we recommend creating a single root zone and adding records for each subdomain in that zone.

verifyManagedZoneDnsNameOwnership

Please verify ownership of the 'example.com' domain (or a parent) at http://www.google.com/webmasters/verification/ and try again.

Recommended action: When you receive this error, you must verify domain ownership and try again.

Records

The errors in this section relate to records.

containerNotEmpty

The specified resource cannot be deleted because it is not empty.

Recommended action: If you want to delete the resource, you must empty it first.

invalidZoneApex

The specified resource record set is invalid because a zone must contain exactly one resource record set of a certain type at the apex.

"Apex" in the DNS context just means the DNS name with the fewest number of labels that are allowed in the zone. The apex of a zone is the DNS name equal to ManagedZone.dnsName.

This error means that you tried to make a change that would violate a DNS rule of the zone apex. The following actions can cause this error:

  • You tried to delete the required NS resource record set at the apex.
  • You tried to delete the required SOA resource record set at the apex.
  • You tried to create a resource record set of type SOA not at the apex.

Recommended action: If you get this error, you are trying to do something that isn’t allowed under the rules of DNS. Check your request for mistakes. There is no need to delete these required resource record sets.

invalidRecordCount

The resource record set 'entity.change.additions[XX]' is only permitted to have one record because it is of type '<SOA_OR_CNAME>'.

The rules of DNS say that certain resource record sets can only consist of one resource record. Currently, this type can be either SOA or CNAME. You get this error if you try to create a change that would break those rules. For example:

{
  kind: "dns#rrset"
  name: "blog.foo.com.",
  type: "CNAME",
  rrdata: [ "www.foo.com.", "www2.foo.com." ],
  ...
}

Recommended action: If you get this error, check your request. You are trying to do something that isn’t allowed.

cnameResourceRecordSetConflict

The resource record set 'entity.change.additions[XX]' is invalid because the DNS name 'example.com' may have either one CNAME resource record set or resource record sets of other types, but not both.

This error can occur when you create two types of resource record sets, such as both an A record and a CNAME record for the same DNS name. A common cause of this error is trying to create a CNAME record at the zone apex. This is not possible because it would conflict with the required SOA and NS records of the same name.

Recommended action: Pick one or the other.

wildcardNotAllowed

The specified resource record set has the wrong type to be a wildcard.

In DNS, a wildcard is a special type of resource record set that matches requests for non-existent domain names. One limitation of Cloud DNS is that you cannot create a wildcard resource record set of type NS.

Recommended action: Wildcard NS resource record sets are not supported at this time. Contact support or email cloud-dns-discuss and share what you are trying to accomplish.

invalidValue

This is a generic error that means something about your request was invalid, independent of the server’s state. The error message includes the path to the problematic part of the request, as well as the invalid value. This error could be triggered by many different things, such as:

  • You specified a resource record set with an invalid name. For example, “foo..bar” is not a valid DNS name (empty middle label).
  • You specified a resource record set with an invalid type. For example A and CNAME are valid types, but “XXX” is not a valid type.
  • You specified a resource record set with no records in it.
  • You specified resource record data that is invalid. For example “1.1.1.1” is valid resource record data for type A. “XXX” is invalid resource record data for type A.
  • You specified a resource record set with an invalid TTL. The TTL must be a non-negative integer.
  • You specified a resource name that is too long.

Recommended action: Fix your request.

General Errors

This section describes general errors.

alreadyExists

The specified resource already exists; you cannot create a duplicate.

Recommended action: When creating a resource, use the appropriate get/list API to discover what resources already exist.

accessNotConfigured

Access not configured

To resolve this error, you must enable the Cloud DNS API for your project.

inactiveBillingState

Project EXAMPLE_PROJECT cannot accept requests while in an inactive billing state. Billing state may take several minutes to update.

Recommended action: Enabling billing for your project in the Settings section of your project in the Cloud Platform Console.

preconditionFailed

This is a generic error that means that something about the request is not compatible with the current state of the server resource. The client must do something to fix it and then try again. This can happen if you send a create change request that tries to delete a resource record set that doesn’t match the one that already exists (same name and type).

Re-read the current state of the zone and decide what you want to delete. It may have changed since you last looked at it.

The error message includes the path to the problematic part of your request. For example, entity.change.deletions[6] refers to the 7th element in the “deletions” array of the change object in the POST body of you request.

Recommended action: Fix the part of the request that is flagged as problematic.

required

This is a generic error that means some required part of the request is missing. For example, the managed zone create request requires a name, a DNS name, and a description. If any of these pieces is missing, the request will fail with this error.

Recommended action: Fill in the required parameter and try again.

notFound

The specified resource does not exist.

Recommended action: Make sure you are using the name of an existing resource.

quotaExceeded

You get this error when an impending change would exceed your current quota. For example, you are only allowed a certain number of resource record sets in each zone. The quota is associated with the project. If you need a quota increase, you must request it from Google customer service. New projects have a default quota. See the Projects.get operation for all the different dimensions that DNS limits.

Recommended action: Check your project to understand why you are already using so much of that resource. If your usage is what you expect and desire, use the Cloud DNS Quota Increase Request form to request a quota increase.

Send feedback about...

Cloud DNS Documentation