Google Professional Cloud Network Engineer
Get started today
Ultimate access to all questions.
You have deployed infrastructure on Google Cloud and need to configure DNS to meet these requirements:
• On-premises resources must resolve Google Cloud DNS zones.
• Google Cloud resources must resolve on-premises DNS zones.
• The solution must support resolving ".internal" zones provisioned by Google Cloud.
What is the correct configuration approach?
Exam-Like
A
Configure an outbound server policy, and set your alternative name server to be your on-premises DNS resolver. Configure your on-premises DNS resolver to forward Google Cloud zone queries to Google's public DNS 8.8.8.8.
B
Configure both an inbound server policy and outbound DNS forwarding zones with the target as the on-premises DNS resolver. Configure your on-premises DNS resolver to forward Google Cloud zone queries to Google Cloud's DNS resolver.
C
Configure an outbound DNS server policy, and set your alternative name server to be your on-premises DNS resolver. Configure your on-premises DNS resolver to forward Google Cloud zone queries to Google Cloud's DNS resolver.
D
Configure Cloud DNS to DNS peer with your on-premises DNS resolver. Configure your on-premises DNS resolver to forward Google Cloud zone queries to Google's public DNS 8.8.8.8.
Explanation:
The requirements involve bidirectional DNS resolution between Google Cloud and on-premises resources, including resolving Google's .internal zones. To achieve this:
- Inbound Server Policy: Allows on-premises DNS resolvers to query Cloud DNS, enabling on-premises resources to resolve Google Cloud zones (including .internal).
- Outbound DNS Forwarding Zones: Configures Cloud DNS to forward queries for on-premises zones to the on-premises DNS resolver, enabling Google Cloud resources to resolve on-premises zones.
- On-premises Configuration: The on-premises DNS resolver must forward Google Cloud zone queries to Cloud DNS's resolver (e.g., via the inbound policy), ensuring proper resolution of private .internal zones.
Option B correctly implements both inbound and outbound policies, ensuring bidirectional resolution. Other options either use public DNS (incorrect for .internal zones) or lack necessary policies.
Comments
Loading comments...