Each DNS zone in your SDDC network represents a piece of the DNS namespace that you manage yourself.

DNS zones in the SDDC fall into two categories:
  • Default zones, where the servers listen for DNS queries from all SDDC VMs on a subnet in the zone.
  • FQDN zones, where the servers listen for DNS requests forwarded from a default zone.
The compute and management gateways are each configured with a single default DNS zone. You can add up to four more zones of either type to either gateway to provide the flexibility of having multiple DNS servers and subdomains. See Add a DNS Zone in the NSX Data Center Administration Guide for more information about how NSX implements DNS zones.

Procedure

  1. Log in to VMware Cloud Services at https://vmc.vmware.com.
  2. Click Inventory > SDDCs, then pick an SDDC card and click VIEW DETAILS.
  3. Click OPEN NSX MANAGER and log in with the NSX Manager Admin User Account shown on the SDDC Settings page. See SDDC Network Administration with NSX Manager.
    You can also use the VMware Cloud Console Networking & Security tab for this workflow.
  4. Open the DNS page.
  5. Click DNS Zones to open the DNS Zones page.
  6. To add a default zone, select ADD DNS ZONE > Add Default Zone
    You can add or modify IP addresses for the Management Gateway and Compute Gateway DNS forwarders in the default DNS zone. DNS queries from VMs in the default zone are sent to these IP addresses by default if they don't match the criteria for any FQDN zone.
    1. Enter a name and optionally a description. You use this Name if you create DNS firewall rules that apply to traffic in this zone.
    2. Enter the IP addresses of up to three DNS servers. All of the DNS servers you specify must be configured identically.
    3. (Optional) Enter an IP address in the Source IP field.
  7. To add an FQDN zone, select ADD DNS ZONE > Add FQDN Zone
    Specify one or more FQDNs to enable DNS forwarding. A DNS forwarder is associated with a default DNS zone and up to five FQDN DNS zones. When it receives a DNS query from a VM in the zone, the DNS forwarder compares the domain name in the query with the domain names in the FQDN DNS zones. If a match is found, the query is forwarded to the DNS servers specified in the FQDN DNS zone. Otherwise the query is forwarded to the DNS servers specified in the default DNS zone.
    1. Enter a name and optionally a description. You use this Name if you create DNS firewall rules that apply to traffic in this zone.
    2. Enter a FQDN for the domain. This must be a fully qualified domain name, such as example.com.
    3. Enter the IP address of up to three DNS servers.
    4. (Optional) Enter an IP address in the Source IP field.
  8. (Optional) Tag the DNS zone.

    See Add Tags to an Object in the NSX Data Center Administration Guide for more information about tagging NSX objects.

  9. Click SAVE.