Troubleshooting DNS Forwarding Between GCP Projects

Google Cloud Compute Infrastructure
,
1

Let’s say I have two projects: Project A and Project B. In Project A, we have a private DNS server that handles DNS requests.
We have a requirement to use the private DNS server in Project A from instances in Project B.
To achieve this, we created a forwarding zone in Project B and set the private DNS server from Project A as the destination DNS server.

Current Setup

    Project A: Hosts private DNS server handling DNS requests

    Project B: Has instances that need to use Project A's DNS server

    Configuration: Forwarding zone created in Project B pointing to Project A's private DNS server

When I tried an nslookup from an instance created in Project B,
I received the following error and DNS resolution doesn’t work.

Server: 169.254.169.254
Address: 169.254.169.254#53

** server can't find subdomain.abc.com: SERVFAIL

However, with tcpdump on the private name server, I can confirm that it receives the request and responds with the correct IP.

Also, if we specify the private DNS server directly with nslookup, it works perfectly and returns the correct IPs.

I KIndly need help troubleshooting this and identifying the root cause of the issue.

2

Hi @SamSamsLah ,

Welcome to Google Cloud Community!

Cloud DNS Forwarding should be selected when enabling Google Cloud Platform resources to resolve domain names managed by DNS infrastructure external to Cloud DNS, such as on-premises systems. For your case requiring name resolution between distinct GCP Virtual Private Clouds (VPCs), Cloud DNS Peering is the appropriate mechanism, providing a native and integrated solution for resolving names within private zones hosted in separate VPCs.

You can use this links for your reference in Google DNS:

Was this helpful? If so, please accept this answer as “Solution”. If you need additional assistance, reply here within 2 business days and I’ll be happy to help.