Google Cloud DNS – Overview and Use Cases
DNS Terms and Overview
Zone Files, A Records, CName Records
Cloud DNS - Records versus Record Sets
- Cloud DNS directs incoming traffic according to its record sets.
- As with most other DNS services, each record is composed of a DNS name, a record type, a TTL, and record-type specific configuration.
- Rather than managing records individually, Cloud DNS allows users to manage records at the record set level, through the use of transactions.
- By managing record set changes using a transactional model, either all changes are applied or none are. This way, there is no risk of record sets being left in a partially changed state, which could otherwise cause unintended downtime.
Public versus Private Zones - Cloud DNS
A public zone is visible to the public internet, while a private zone is visible only from one or more Virtual Private Cloud (VPC) networks that you specify.
Private Hosted Zone (for Hybrid Environments) Use Case
Say you want to run your dev sandbox environments in the cloud and have this sandbox environment reachable on from the private on premises corporate network.
Public Hosted Zone (for Hybrid Environments) Use Case
Publicly hosted web app.
Backup DNS Resolution for on premises DNS - DNS Forwarding - Inbound (on prem forwards domain resolution to GCP) or Outbound (GCP Forwards Domain Resolution to On Prem or elsewhere - but NOT to another VPC - use DNS Peering for that)
DNSSEC and Cloud DNS
Google Cloud DNS has built-in support for DNSSEC, which provides an additional layer of security for users through the strong authentication of domain lookups. This helps us to avoid certain types of attacks such as DNS spoofing. Note that when creating a new managed zone, DNSSEC is disabled by default.
Summary
This post is meant to be a quick recap of Cloud DNS in GCP. It highlights some common use cases for private hosted zones and public hosted zones for cloud dns.
Leave a Reply