Oracle Cloud Infrastructure - General

Get Involved. Join the Conversation.

Topic

    sneharaj rajendran
    DNS resolution on OCI
    Topic posted November 18, 2019 by sneharaj rajendranGreen Ribbon: 100+ Points, tagged Compute, Engineered Systems, Virtual Cloud Network 
    40 Views, 2 Comments
    Title:
    DNS resolution on OCI
    Summary:
    Custom DNS in OCI
    Content:

    Hi Team, 

    We are in the process of migrating on-premises environment to OCI. currently, we are facing a challenge in terms of name resolution, we have migrated active directory to OCI however when we are trying to leverage AD for name resolution .oraclevcn.com getting upended duet to this our member server is not able to login to active directory. 

    For example database1.privatesubnet1.abccorpvcn1.oraclevcn.com.  as per OCI

    on primes database1.google.local 

    how can I set up the custom DNS like on-premises <current OCI provided  DNS is Address:  169.254.169.254 AD DNS is 10.10.10.21 

    Please advise. 

     

    Comment

     

    • Jon-Eric Eliker

      Hi Sneharaj.

      You have encountered a commonly frustrating circumstance. That is, you must choose the "VCN and Internet" DNS option to properly provision your Database System but desire to use on-prem. DNS resolution for purposes like Active Directory. Fortunately, this has been partially addressed in a recent update to the Oracle Cloud Infrastructure service!  As of early November, you can now select to use "Custom DNS" for Subnets that contain database systems Before that, you could fool the system by having VCN and Internet only DNS during Database System provisioning then switch to Custom after. Now we can officially have this Custom setting. See here for details:

      Network Setup for DB Systems > Custom DNS Resolver

      Note there are some caveats related to this configuration mentioned in the documentation link above (for example this is only valid for non-RAC configurations).

      If you have not had opportunity to explore the two choices for DNS resolution (VCN/Internet or Custom) see here for an overview of each:

      DHCP Options > Overview

      A third option is to consider a "hybrid" approach by which you retain the automatic resolution of "oraclevcn.com" host names while introducing your own DNS servers to manage non-OCI name resolution.  It's a more complex configuration but offers great flexibility when implemented. In brief, this solution involves hosting a DNS "proxy" in OCI that forwards requests to the OCI internal DNS when appropriate and to your DNS servers (i.e. your Active Directory controller) when appropriate.  You need to take caution to avoid delays/lag in the DNS requests which is described in this blog post I shared on the subject:

      Prevent Latency in OCI-Hosted DNS Solutions (Mythics.com)

      Note there are three Oracle-hosted blogs referenced at the top of my blog post that cover the basics of configuring this Hybrid DNS model.

      I hope you find this input useful.

      Jon-Eric
      Mythics, Inc.

    • Roshan Parab

      You can create a custom DNS and you must configure to use those specific nameservers so that your custom DNS is being used for resolution