Use Case - OCI VCN Custom DNS

Many times I received the question if the OCI VCN can support the custom DNS configuration. That is related to the ability of defining the Customer own domain name to the OCI VMs. By default, the custom DNS is not supported by the VCN, since all VCNs will have the domain name ending with *.oraclevcn.com:

However, there is a configuration we can use to accomplish the usage of a custom domain name inside the VCN. The configuration will imply the OCI Private DNS and Private Views. Using the confguration, the On-premises hosts will be able to perform DNS resolution using the custom domain used for VMs on OCI.

Prerequisites:

Private DNS Implementation

OCI Private DNS - Common Scenarios

Private DNS and Private View Configuration

1. Private View definition

Navigate to Networking -> DNS Management -> Private Views and create the Private View:

The zone customer-domain.com was added to the Private View. The zone contains an A entry for the OCI VM at the IP address 10.100.18.197:

Don't forget to publish the changes once the entry is added. Any VM that uses the custom domain needs to have an A or AAAA (if IPv6 is used) entry.

2. Navigate to the VCN and open the DNS Resolver (top right side) to associate the Private View we created at the preceding step:

3. Click on Endpoints and define a Listener:

The subnet where the Listener is defined needs to be reachable from On-premises via FC or IPSec VPN and the DNS queries from On-premises needs to be allowed.

4. Configure the On-premises DNS server to forward all DNS requests for *.customer-domain.com to the IP address of the listener at 10.100.22.249.

DNS test from On-premise to OCI VM using the custom domain

Let's use the dig command from a host located On-premises:

As we can conclude, even if the configuration will not change the VCN domain name, we still can use the desired domain name using a combination of Private DNS and Private Views.