How to access a private zone via DNS peering

internal-dns dns-zone google-cloud-platform vpc-peering

I understand that your goal is to reach an instance in VPC-A from VPC-B by its internal (to VPC-A) DNS name by dns-peering VPC-B to VPC-A.

If my understanding is correct, it is not only possible, it's the idea of dns peering. I just created a lab, where I:

  • Created VPC-A in Project A
  • Created VPC-B in Project B
  • Created an internal DNS zone (vpc-a.internal) in VPC-A with one A record pointing to the instance in the same VPC (ip=172.16.1.209, name=instance-1)
  • Created a peering DNS zone in VPC-B and pointed it to VPC-A (peering in unidirectional relationship, no need to do the same in VPC-A)
  • Created an instance in VPC-B (test-instance) and dig'ed that previously created A record:
username@test-instance:~$ dig +short instance-1.vpc-a.internal
172.16.1.209

As you can see the resolution works. Please note, that DNS Peering is about being able to resolve names, and not about being able to access. If you need to access instance-1 in VPC-A from VPC-B then you need to establish VPC peering as well.

Related

vsftpd on ubuntu gives FAIL UPLOAD
Is it possible to mine cryptocurrency on a VM? [closed]
DNS over TLS / DoT as a private Service (authentication) possible?
apache: bypass authentication for a specific ip
Using Lighttpd: apache proxy or direct connection?
How to recover an SSD (Samsung) after deleting all the namespaces?
Restrict Viewer Access to Cloud Storage Objects via ACL
Do I need to tune my DMARC settings (SPF align failure at final delivery)?
Ensuring Redirects on a Proxied Server work correctly
Nginx & Django & Gunicorn - Redirecting subdomain to app
Can't lock vz with proxmox
Samba DC - NT_STATUS_OBJECT_NAME_NOT_FOUND