Common Private DNS Issues
Troubleshoot common issues with private DNS.
- If a resolver rule matches the set conditions then the action is applied regardless of result. Later rules are not applied. For example, if the target destination of a forward rule is unreachable, the traffic is forwarded and no further rule actions are taken.
- When creating a resolver endpoint, ensure the subnet has enough available IP addresses. Listening resolver endpoints require one. Forwarding resolver endpoints require two.
- If compute instances want to resolve private DNS views and rules using the 169.254.169.254 resolver and they're using custom DHCP settings, 169.254.169.254 must appear in the DHCP nameserver list, otherwise 169.254.169.254 only resolves queries to the internet.
-
The private DNS system evaluates DNS requests in the following sequence:
- Private views (zones )
- Rules
- Internet
For example, if there were a rule to forward any name matching
onprem.example.com
to an on-premises system, but there was a zone in a private view defined asexample.com
. The private view would answer the lookup foronprem.example.com
and the forwarding rule would never be reached.