Build OCI DNS zone record configurations for public and private zones.
Last verified: May 2026
Output will appear here...The builder generates OCI DNS zone configurations and record sets: zone properties (name, scope: GLOBAL or PRIVATE, optional view OCID for private zones), records (type, domain, TTL, rdata), and optional steering policy attachments. Output is provided as oci CLI commands, Terraform oci_dns_zone + oci_dns_rrset resources, and BIND zone file format for import.
OCI DNS is a globally distributed, highly available DNS service that supports public and private zones with advanced traffic management capabilities. Building DNS zones involves configuring zone records (A, AAAA, CNAME, MX, TXT, SRV, etc.), setting TTL values, and optionally defining steering policies for geographic or weighted traffic distribution. This tool helps you assemble zone configurations with correct record syntax, validation of record values, and proper TTL settings. It generates configurations for the OCI CLI, Terraform, and bulk zone file imports.
Your team is migrating DNS from a self-hosted BIND server to OCI DNS for a domain with 80 records. The builder lets you import the existing BIND zone file, validates each record against OCI DNS rules, and generates the corresponding Terraform. Errors found and fixed during validation: 3 records had invalid TXT formatting (missing quote escaping), 1 SOA record had stale serial number, 2 MX records had typos in mail server names. Without the validator, those would have caused mail/web outages post-migration.
OCI's ALIAS records work at the zone apex (example.com) where CNAMEs aren't allowed. They behave like CNAMEs but resolve to OCI resource IPs (load balancers, instances) directly. This is the equivalent of Route 53 alias records — use them for any apex pointing to an OCI load balancer.
OCI DNS Traffic Management (steering policies) is significantly cheaper than equivalent products on AWS Route 53 ($0.50/health check vs $0.10-$0.50 on Route 53 Resolver). For multi-region active-active deployments on OCI, traffic steering is genuinely the right answer rather than a cost compromise.
TTL is your friction control between DNS change speed and DNS query costs. For records that change frequently (canary deploys, blue/green): TTL 60s. For stable infrastructure (apex domain pointing at LB): TTL 3600s. The cost difference between TTL 60 and 3600 across a busy domain can be hundreds per month.
OCI DNS supports all standard record types including A, AAAA, CNAME, MX, NS, PTR, SOA, SRV, TXT, and CAA records. It also supports ALIAS records (similar to AWS Route 53 alias records) that resolve to OCI resources like load balancers at the zone apex where CNAME records are not allowed. The maximum number of records per zone is 25,000, and each record can have multiple values for round-robin distribution.
OCI DNS Traffic Management (steering policies) goes beyond basic record resolution by routing traffic based on geographic location, weighted ratios, IP prefix lists, or health check results. You define rules in a steering policy and attach it to a domain. For example, you can route European users to your Frankfurt region and US users to your Ashburn region, with automatic failover to a healthy region if health checks detect an outage.
Was this tool helpful?
Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.