Reputation: 952
In Google Cloud Platform, how do I set up private DNS Peering between two VPCs that are connected with VPC Peering, but reside in the same project?
I have one project my-project
and two VPC networks blue
and pink
. The two VPCs are peered. I want VMs on blue
to be able to reach VMs on pink
by their internal name, such as pink-vm.us-west1-b.c.my-project.internal
, and vice versa.
If I set up 1 private DNS Peering zone for my-project.internal
on the pink
network and peer it to the blue
network, I can reach instances on blue
by name from pink
. Success! But I still cannot reach instances on pink
from blue
.
Now, if I set up a second DNS Peering zone on the blue
network (also set to my-project.internal
), nothing works anymore. I get the following error when I try to ping:
me@blue-vm$ ping pink-vm.us-west1-b.c.my-project.internal
ping: pink-vm.us-west1-b.c.my-project.internal: Temporary failure in name resolution
It seems like the 2 reciprocal DNS Peering zones can't work together. They are peering blue
to pink
and pink
to blue
each under the domain my-project.internal
. How can I make it so that my peered VPCs in the same project can resolve names in each other's network?
Upvotes: 1
Views: 5438
Reputation: 38
There are some limitations to Cloud DNS peering, such as it’s a one-way relationship and allows Google Cloud resources in the DNS consumer network (i.e., the VPC network authorized to use the peering zone) to look up records in the peering zone's namespace as if the Google Cloud resources were in the DNS producer network (i.e., the VPC network where the DNS peering zone performs lookups). However, I’ve found this thread, where some options are mentioned as workarounds. I think option 1 (which is not very efficient, though), that is to manually create IP records in each other's host files of your two VPCs, could be helpful for you, but will probably require much manual work and maintenance.
Upvotes: 1