Google Cloud Professional Cloud Network Engineer — Question 231
You are configuring the final elements of a migration effort where resources have been moved from on-premises to Google Cloud. While reviewing the deployed architecture, you noticed that DNS resolution is failing when queries are being sent to the on-premises environment. You login to a Compute Engine instance, try to resolve an on-premises hostname, and the query fails. DNS queries are not arriving at the on-premises DNS server. You need to use managed services to reconfigure Cloud DNS to resolve the DNS error. What should you do?
Answer options
- A. Ensure that the operating systems of the Compute Engine instances are configured to send DNS queries to the on-premises DNS servers directly.
- B. Validate that there is network connectivity to the on-premises environment and that the Compute Engine instances can reach other on-premises resources. If errors persist, remove the VPC Network Peerings and recreate the peerings after validating the routes.
- C. Validate that the Compute Engine instances are using the Metadata Service IP address as their resolver. Configure an outbound forwarding zone for the on-premises domain pointing to the on-premises DNS server. Configure Cloud Router to advertise the Cloud DNS proxy range to the on-premises network.
- D. Review the existing Cloud DNS zones, and validate that there is a route in the VPC directing traffic destined to the IP address of the DNS servers. Recreate the existing DNS forwarding zones for . to forward all queries to the on-premises DNS servers.
Correct answer: C
Explanation
Option C is the correct answer because it ensures that Compute Engine instances use the correct DNS resolver and properly forwards DNS queries to the on-premises DNS server, facilitating the resolution of on-premises hostnames. Option A incorrectly suggests configuring the OS to send queries directly, which may not leverage Cloud DNS capabilities. Option B focuses on network connectivity but fails to address DNS configuration specifically. Option D checks for routing but does not ensure that DNS queries are correctly forwarded to the on-premises server.