Skip to main content

General information about private DNS

Last update:

Private DNS is a service that allows you to manage domain names on private networks of a cloud platform and address cloud servers on private networks by domain names instead of IP addresses.

If you need public DNS, use DNS hosting.

Private DNS can also be used for dedicated servers, read more in the instructions Configure DNS on the private network of a dedicated server.

You can work with the service via API and Terraform.

The service supports user types and roles.

Records of internal DNS operations are stored in audit logs.

Principle of operation

You create a zone for the private network, then connect the private network to a private DNS resolver, a service server that handles domain name resolution requests. This automatically creates two DNS resolver service ports on each subnet on that network. DNS Resolver port IP addresses must be specified on each server on the network.

Networks that are connected to a DNS resolver have access to all private zone records within their pool and project. Connecting a network to a DNS resolver does not give automatic access to servers on another network by domain name - the networks must be interconnected at the L3 level, for example through a global router.

You can manage resource records (DNS records) in zones manually. For A- and AAAA records, you can configure automatic creation and update by connecting a network to the zone. A network can only be connected to one zone.

DNS service operates independently of the subnet's DHCP settings.

Available resource record types

AAssociates a domain name with the IP address of a server on an IPv4 network
AAAAAssociates a domain name with the IP address of a server on an IPv6 network
MXIndicates the server to receive incoming mail for the domain. If the domain has multiple mail servers, an MX record must be created for each server, indicating the priority for load balancing
TXTContains any text information to be added to the domain settings. For example, it can store the DKIM key for outgoing mailings
CNAMEBinds the additional domain to the primary (canonical) domain so that both lead to the IP address of the primary domain. A CNAME record cannot be added for a second-level domain. A domain with a CNAME record cannot have other resource records

Limits

Within a single pool in a project, you can:

  • connect no more than 10 networks to a private DNS resolver;
  • to create no more than 100 zones.

The maximum number of resource records in a zone is 1000.

Cost

It pays to connect each network to a private DNS resolver.

Connection prices can be viewed at selectel.ru.