Stay organized with collections
Save and categorize content based on your preferences.
This page provides instructions about how to create a managed reverse lookup
zone. For detailed background information, see
Managed reverse lookup
zones.
A managed reverse lookup zone is a private zone with a special attribute that
instructs Cloud DNS to perform a PTR lookup against Compute Engine
DNS data. You must set up managed reverse lookup zones for Cloud DNS
to correctly resolve non-RFC 1918 PTR records for your virtual machine (VM)
instances.
To create a new managed reverse lookup private zone, complete the following steps.
Console
In the Google Cloud console, go to the Create a DNS zone page.
Enter a DNS name suffix for the zone. The suffix must end with
in-addr.arpa to be a reverse zone. This DNS name must match
the reverse lookup name of the non-RFC 1918 PTR records that you are
trying to resolve through Cloud DNS.
For example, if you are trying to match the PTR record for 20.20.1.2,
you must create a reverse lookup zone with the DNS name of
2.1.20.20.in-addr.arpa.
Optional: Add a description.
Under Options, select Managed reverse lookup zone.
Select the networks to which the private zone must be visible.
gcloud dns managed-zones create NAME \
--description=DESCRIPTION \
--dns-name=DNS_SUFFIX \
--networks=VPC_NETWORK_LIST \
--visibility=private \
--managed-reverse-lookup
Replace the following:
NAME: a name for your zone
DESCRIPTION: a description for your zone
DNS_SUFFIX: the DNS suffix for your reverse zone that
must end in .in-addr.arpa; typically, reverse zones take the form
${ip_block_in_reverse}.in-addr.arpa
VPC_NETWORK_LIST: a comma-delimited list of
VPC networks that contain the Google Cloud resources
to which PTR records resolve
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-21 UTC."],[[["\u003cp\u003eThis guide provides instructions for creating a managed reverse lookup zone, which is a private zone that performs PTR lookups against Compute Engine DNS data.\u003c/p\u003e\n"],["\u003cp\u003eSetting up managed reverse lookup zones is necessary for Cloud DNS to correctly resolve non-RFC 1918 PTR records for virtual machine (VM) instances.\u003c/p\u003e\n"],["\u003cp\u003eWhen creating the zone, the DNS name suffix must end with \u003ccode\u003ein-addr.arpa\u003c/code\u003e and match the reverse lookup name of the non-RFC 1918 PTR records you intend to resolve.\u003c/p\u003e\n"],["\u003cp\u003eManaged reverse lookup zones can be created using the Google Cloud console, the \u003ccode\u003egcloud\u003c/code\u003e command-line tool, or Terraform, and the data for the zone is populated directly by the Compute Engine IP address data.\u003c/p\u003e\n"],["\u003cp\u003eA managed reverse lookup zone can be set to match any child zone, for example, a zone named \u003ccode\u003e20.in-addr.arpa\u003c/code\u003e would match any VPC-owned address beginning with \u003ccode\u003e20. * . * . *\u003c/code\u003e.\u003c/p\u003e\n"]]],[],null,[]]