Create a zone with an Internationalized Domain Name

This page describes how to use an Internationalized Domain Name (IDN) with Cloud DNS.

Create a new managed zone with an IDN suffix

You can create both public and private zones with IDN suffixes.

  • When using the Google Cloud console, Cloud DNS automatically encodes internationalized domain names when you create a DNS zone. You can use both IDN-encoded and unencoded names.

  • When using the Google Cloud CLI or an API, create a domain name by using Punycode, which some applications can recognize and render in an international language-specific script.

    For example, for the domain name to appear as example.ελ, use the IDN representation of ελ for the suffix, which is .xn--qxam. All records in the zone share this suffix.

To see how your domain name visually converts from Unicode characters to the equivalent ASCII-Compatible Encoding (ACE) form, use the IDN converter tool.

To create a new managed public zone with an IDN suffix, complete the following steps.

Console

  1. In the Google Cloud console, go to the Create a DNS zone page.

    Go to Create a DNS zone

  2. For the Zone type, select Public.

  3. Enter a Zone name, such as my-new-zone.

  4. Enter a DNS name suffix for the zone by using a domain name that you own.

  5. Under DNSSEC, select Off, On, or Transfer. For more information, see Enabling DNSSEC for existing managed zones.

  6. Click Create. The Zone details page is displayed.

gcloud

Run the dns managed-zones create command:

gcloud dns managed-zones create NAME \
    --description=DESCRIPTION \
    --dns-name=DNS_SUFFIX \
    --visibility=public \
    --dnssec-state=DNSSEC_STATE

Replace the following:

  • NAME: a name for your zone
  • DESCRIPTION: a description for your zone

  • DNS_SUFFIX: the DNS suffix in the Punycode format for your zone using a domain name that you own

  • DNSSEC_STATE: how DNS authenticates responses to domain name lookups for this managed zone

    • off: disable DNSSEC for the managed zone
    • on: enable DNSSEC for the managed zone
    • transfer: enable DNSSEC and allow transferring a signed zone in or out

API

Send a POST request using the managedZones.create method:

POST https://dns.googleapis.com/dns/v1/projects/PROJECT_ID/managedZones
{
  "name": "NAME",
  "description": "DESCRIPTION",
  "dnsName": "DNS_NAME",
  "visibility": "public"
}

Replace the following:

  • PROJECT_ID: the ID of the project where the managed zone is created
  • NAME: a name for your zone
  • DESCRIPTION: a description for your zone
  • DNS_NAME: the DNS suffix in the Punycode format for your zone using a domain name that you own

What's next