Console

1. In the Google Cloud console, go to theCreate a DNS zone page.

   Go to Create a DNS zone

2. For theZone type, selectPrivate.

3. Enter aZone name such asmy-new-zone.

4. Enter aDNS name suffix for the zone. The suffixmust end within-addr.arpa to be a reverse zone. This DNS name must matchthe reverse lookup name of the non-RFC 1918 PTR records that you aretrying to resolve through Cloud DNS.For example, if you are trying to match the PTR record for20.20.1.2,you must create a reverse lookup zone with the DNS name of2.1.20.20.in-addr.arpa.

   Note: Cloud DNS also supports matching of any child zone. Forexample, if you create a managed reverse lookup zone with the DNS name20.in-addr.arpa., the zone matches any VPC-ownedaddress20. * . * . *.

5. Optional: Add a description.

6. UnderOptions, selectManaged reverse lookup zone.

7. Select the networks to which the private zone must be visible.

8. ClickCreate.

gcloud

Run thedns managed-zones createcommand:

gcloud dns managed-zones createNAME \    --description=DESCRIPTION \    --dns-name=DNS_SUFFIX \    --networks=VPC_NETWORK_LIST \    --visibility=private \    --managed-reverse-lookup

Replace the following:

• NAME: a name for your zone
• DESCRIPTION: a description for your zone
• DNS_SUFFIX: the DNS suffix for your reverse zone thatmust end in.in-addr.arpa; typically, reverse zones take the form${ip_block_in_reverse}.in-addr.arpa
• VPC_NETWORK_LIST: a comma-delimited list ofVPC networks that contain the Google Cloud resourcesto whichPTR records resolve

Terraform

resource "google_dns_managed_zone" "default" {  name           = "my-new-zone"  description    = "Example DNS reverse lookup"  provider       = google-beta  visibility     = "private"  dns_name       = "2.2.20.20.in-addr.arpa."  reverse_lookup = "true"}