Skip to main content

Configure DNS on the private network of a dedicated server

Last update:

You can configure DNS on private networks of dedicated servers. This will allow servers on the private network to be addressed by domain names instead of IP addresses.

The Private DNS service is used for configuration. The service works on the basis of cloud platform networks, communication with the networks of dedicated servers is carried out through a global router.

Private DNS is configured via API, and the IAM token for the project is used to authenticate requests. For a complete list of API methods for working with the service, see Private DNS API.

  1. Configure private DNS on the cloud platform network.
  2. Link your dedicated server network and cloud platform network through a global router.
  3. Specify the IP addresses of the DNS servers on the dedicated servers.

1. Configure private DNS on the cloud platform network

  1. If you do not already have a private network in your cloud platform, create a private network. The network must be in the same project as the dedicated servers for which you want to use private DNS.

  2. Add a service user with the role member.

  3. For the added service user, get an IAM token for the project.

  4. Open the CLI.

  5. Create a private zone with records, do this by executing an API request:

    curl -X POST \
      <endpoint>/zones \
      -H "X-Auth-Token: <token>" \
      -H "Content-Type: application/json" \
      -d '{
        "name": "<zone_name>",
        "ttl": <ttl>,
        "domain": "<zone_domain_name>.",
        "records": [
          {
            "type": "<record_type>",
            "domain": "<subdomain>.<zone_domain_name>.",
            "ttl": <record_ttl>,
            "values": [
              <value1>,<value2>
            ]
          }
        ]
      }'

    Specify:

    • <endpoint> - URL to access the private DNS API in the desired pool. The list of URLs can be found in the instructions List of URLs;

    • <token> - The IAM token for the project you received in step 3;

    • <zone_name> - zone name;

    • <ttl> - TTL of the zone in seconds, default is 3600. TTL is the time during which the zone resource record in the DNS server cache is considered up-to-date and does not need to be re-cached;

    • <zone_domain_name> - zone domain name, e.g. example. Can contain numbers, Latin letters and hyphens;

    • optional: add a "records" block with information about resource records in the zone. The records can be created and modified at any time after the zone is created. Records are specified in groups by type, for each group specify:

      • <record_type> - record type: A, AAAA, MX, TXT, CNAME;
      • <subdomain> - domain name of the port, e.g. first. Can contain numbers, Latin letters and hyphens;
      • <record_ttl> - TTL of the record in seconds, default is 3600. To have the record inherit the TTL of the zone, specify -1;
      • <value1>, <value2> - record values.

  6. Connect the private network to the DNS resolver by making an API request:

    curl -X POST \
      <endpoint>/services \
      -H "X-Auth-Token: <token>" \
      -H "Content-Type: application/json" \
      -d '{
        "network_id": "<network_id>"
      }'

    Specify:

    • <endpoint> - URL to access the private DNS API in the desired pool. The list of URLs can be found in the instructions List of URLs;
    • <token> - The IAM token for the project you received in step 3;
    • <network_id> - Network ID, can be copied from the control panel: in the top menu, click ProductsCloud ServersNetwork → tab Private Networks → in the network card, click .

2. Link the dedicated server network and the cloud platform network through a global router

Link the dedicated server network and the cloud platform network through a global router, use the instructions Link products and services through a global router.

3. Specify IP addresses of DNS servers on dedicated servers

On each of the dedicated servers on the network that you have linked to the cloud platform network, you must specify private DNS servers-the DNS resolver IP addresses from the cloud network.

  1. Connect to the server via SSH or via KVM console.

  2. Open the netplan utility configuration file with the vi text editor:

    vi /etc/netplan/<netcfg>.yaml

    Specify <netcfg> is the name of the netplan utility configuration file, such as 50-cloud-init.yaml or 01-netcfg.yaml.

  3. Specify DNS servers for the network interface of the private network that you linked to the cloud platform network. To do this, in the desired interface block, add a nameservers block with the DNS resolver IP addresses. For example:

    id1:
      addresses:
        - 192.168.0.3/24
      routes:
        - to: 172.16.0.0/24
          via: 192.168.0.1
      nameservers:
        addresses: 
          - <dns_server_ip_address_1>
          - <dns_server_ip_address_2>

    Specify <dns_server_ip_address_1> and <dns_server_ip_address_2> as the IP addresses of the DNS resolver. You can view the addresses in the control panel: in the top menu, click ProductsCloud ServersNetworkPrivate Networks tab → open the Network page → Ports tab → in the port card labeled DNS Resolver, view the IP addresses.

  4. Press ESC.

  5. Exit the vi text editor with your changes saved:

    :wq

  6. Apply the configuration:

    netplan apply

  7. Optional: reboot the server.