Your organization employs a hub-and-spoke architecture with critical Compute Engine instances in Virtual Private Clouds (VPCs). As the Cloud DNS designer in Google Cloud, you must ensure private zone resolution from your on-premises data center and enable on-premises name resolution within the hub-and-spoke VPC setup. What steps should you take?