NavigationContentFooter
Jump toSuggest an edit

Understanding Scaleway DNS for VPC and Private Networks

Reviewed on 31 December 2024Published on 31 December 2024

Scaleway VPC and Private Networks integrate managed DNS, for the effective resolution of hostnames to IP addresses. Read on to find out more.

What is DNS?

The Domain Name System (DNS) is a naming system for devices connected to the internet or any network. Most prominently, DNS servers translate text-based domain names (e.g. www.scaleway.com) to numerical IP addresses (e.g. 51.158.66.220). This allows traffic to find its destination by resolving a human-readable text-based name, to the numerical IP addresses used by networks and servers.

Scaleway DNS overview

Scaleway Private Networks benefit from managed internal DNS. This allows the resolution of resources’ hostnames on the Private Network, into their private IP addresses. This managed DNS service is automatically exposed in each Private Network and no user configuration is required.

Note

When a Private Network is attached to a legacy Public Gateway, the gateway’s DNS takes priority over that of the Private Network.

Hostname format

A resource’s hostname is equivalent to the name you gave the resource when creating it. The full format for internal addressing is <hostname>.<private-network-name>.internal. For example, if you have an Instance with the name instance123 attached to a Private Network named prodpn, its address on that network is instance123.prodpn.internal.

Tip
  • If you update the resource’s name after creating it, and thus its hostname changes, it will not be automatically updated on our DNS records unless you detach and reattach the resource to the Private Network.

  • If you created the resource via the API, and it has dots in its name, these dots should be replaced by dashes for the purposes of DNS resolution (my.instance —> my-instance). We generally recommend avoiding using dots in your resource names to avoid issues.

DNS resolution details

The managed DNS resolver service is exposed on each Private Network through the following IP addresses:

  • IPv4: 169.254.169.254
  • IPv6: fe80::200:22ff:fe05:ca1e

The service resolves both regular public records, as well as internal VPC records.

Tip

The .internal at the end of internal addresses is important in enabling the resolver to distinguish between internal and external/public DNS. For this reason, you should always add .internal when addressing resources within your VPC.

The DNS service resolves the following formats:

<resource_name>.<private-network_name>.internal
<resource_name>.<private-network_uuid>.internal
<resource_uuid>.<private-network_uuid>.internal
Tip

The resource_uuid does not generally correspond to the ID of the principal resource (e.g. Instance, Elastic Metal server, Public Gateway), but rather to the ID of the sub-resource that facilitates the attachment to the Private Network. For example:

  • Instances: resource_uuid corresponds to the Private NIC ID
  • Elastic Metal: resource_uuid corresponds to the ID of the Server-to-Private Network mapping
  • Public Gateways: resource_uuid corresponds to the GatewayNetwork ID.

DNS cannot resolve or forward queries between different VPCs. It can only resolve hostnames for resources within the same VPC, though they may be on different Private Networks within that VPC.

Rate limiting

Currently, DNS requests are rate-limited to 50 requests per second per resource. Watch this space as we work to be able to increase this limit to accommodate higher traffic volumes.

Troubleshooting

If you experience problems with DNS, try the following steps:

  1. Detach and reattach the affected resources from/to the Private Network. This is effective in solving many issues for older resources, or resources whose name you have changed.

  2. Check resource hostname. Issues can arise if your resource has a dot in its name. Rename it if necessary to eliminate the dot, and detach/reattach it from the Private Network.

  3. Check Private Network name. Issues can arise with Private Networks who share a name with a TLD. See our dedicated document for more help.

  4. Check whether you are using Network Manager: DNS does not work out of the box for Linux distributions using Network Managed, such as RockyLinux. Find out how to resolve this problem on our troubleshooting page

If you are still having problems reaching a resource attached to a Private Network via its hostname, open a support ticket.

Was this page helpful?
API DocsScaleway consoleDedibox consoleScaleway LearningScaleway.comPricingBlogCareers
© 2023-2025 – Scaleway