Oracle Cloud Infrastructure Documentation

Creating a Public DNS Zone

Create a public DNS zone to hold the trusted DNS records that reside on Oracle Cloud Infrastructure's nameservers.

You can create primary public zones with publicly available domain names reachable on the internet. For more information, see Public DNS.

You can also create a secondary zone, which pulls records for the zone from an external primary server.

  • The OCI DNS service is limited to 1000 zones per account and 25,000 records per zone. Customers with zone and record size needs exceeding these values are encouraged to contact support at support.oracle.com.

  • Zone file uploads are limited to 1 megabyte (MB) in size per zone file. If a zone file is larger than 1 MB, you need to split the zone file into smaller batches to upload all the zone information. For more information and a workaround for this limitation, see Zone File Limitations and Considerations.

  • Public DNS zones are only supported in the OC1 commercial realm. For more information and to check if a region is included in OC1, see Regions and Availability Domains.
    1. Open the navigation menu and click Networking. Under DNS management, click Zones.
    2. Select a compartment, and then in the Public zones tab, click Create zone.
    3. On the Create public zone panel, choose the method to use to create the zone, Manual or Import.
    4. If you chose the manual method, enter the zone information:
      • Zone type: Select Primary.
      • Zone name: Enter the domain name for the zone. For example, mydomain.com. Avoid entering confidential information.
      • Create in compartment: Specify the compartment to create the zone in. Be sure you have permission to work in the compartment.
    5. If you chose the import method, then drag, select, or paste a valid zone file into the panel.

      The zone is imported as a primary zone.

    6. (Optional) Configure one or more secondary servers to receive zone transfers.
      1. Click Add additional server IP.
      2. Enter a valid IPv4 or IPv6 address.
      3. Select a TSIG key.
      For more information, see Secondary DNS and Adding Downstream Servers to a Primary DNS Zone.
    7. (Optional) To apply tags to the zone, click Show Advanced Options.
      If you have permissions to create a resource, then you also have permissions to apply free-form tags to that resource. To apply a defined tag, you must have permissions to use the tag namespace. For more information about tagging, see Resource Tags. If you're not sure whether to apply tags, skip this option or ask an administrator. You can apply tags later.
    8. (Optional) Click Show Advanced Options: to enable DNSSEC.
      Note

      You can't enable DNSSEC if you plan to use downstream servers with the zone. DNSSEC requires updates to the DS records on the zone. See DNSSEC for more information.
    9. Click Create.

      The zone is created and published with the necessary SOA and NS records, and its details page is displayed.

      Next:

      If you have problems, see Troubleshooting DNS.

  • Use the zone create command and required parameters to create a public primary zone:

    oci dns zone create --compartment-id compartment_id --name "zone_name" --zone-type PRIMARY --scope GLOBAL... [OPTIONS]

    For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.

    The system creates and publishes the zone, complete with the necessary SOA and NS records. The details for the zone appear. For information on adding a record to your zone, see Adding a Record to a DNS Zone.

  • Run the CreateZone operation to create a public primary zone. Specify the zone type as PRIMARY and zone scope as GLOBAL.

    The system creates and publishes the zone, complete with the necessary SOA and NS records. The details for the zone appear. For information on adding a record to your zone, see Adding a Record to a DNS Zone.