Contact UsGet started

DHCP settings for working with a corporate DNS server

Written by
Updated at May 13, 2025

If you want your VMs to resolve names in a private corporate DNS zone, use the DHCP options in the subnet configuration. For example, you can specify a DNS suffix and DNS server for subnet nodes.

To run this scenario, make sure you have a corporate DNS server deployed that is available for the VMs in the cloud. You can also Deploy Active Directory to create an infrastructure with a DNS server:

  • Cloud network named ad-network with subnets in different availability zones:
    • ad-subnet-a (10.1.0.0/16)
    • ad-subnet-b (10.2.0.0/16)
    • ad-subnet-d (10.3.0.0/16)
  • Domain controllers and a bastion host:
    • ad-vm-a (10.1.0.3)
    • ad-vm-b (10.2.0.3)
    • jump-server-vm (10.3.0.x)

In this tutorial, you will add a new subnet, 10.128.0.0/24, with the DNS suffix and DNS server specified, create a VM, and test the network.

To add a subnet with DHCP settings:

If you no longer need the infrastructure, delete the created resources.

Prepare your cloud environment

Sign up in Yandex Cloud and create a billing account:

  1. Navigate to the management console and log in to Yandex Cloud or register a new account.
  2. On the Yandex Cloud Billing page, make sure you have a billing account linked and it has the ACTIVE or TRIAL_ACTIVE status. If you do not have a billing account, create one and link a cloud to it.

If you have an active billing account, you can navigate to the cloud page to create or select a folder for your infrastructure to operate in.

Learn more about clouds and folders.

To pass this scenario in full, deploy Active Directory. If you use your own DNS servers that are available for cloud VMs, specify your own DNS suffix and IP address values in the scenario.

The infrastructure support cost includes:

Create a subnet

To create a new subnet with DHCP settings, follow these steps:

To create a subnet:

  1. Open the Virtual Private Cloud section in the folder where you want to create a subnet.
  2. Click the ad-network name.
  3. Click Add subnet.
  4. Fill out the form:
    • Enter the subnet name: test-subnet-1. Select the availability zone: ru-central1-a.
    • Enter the subnet CIDR: 10.128.0.0/24. For more information about subnet IP address ranges, see Cloud networks and subnets.
  5. Specify DHCP settings:
    • In the Domain name field, specify the DNS suffix: yantoso.net.
    • In the Domain name servers field, click Add DNS server and specify the DNS server address: 10.1.0.3. Repeat the steps for the 10.2.0.3 address.
  6. Click Create subnet.

If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.

Run this command:

yc vpc subnet create --name test-subnet-1 \
  --description "My test subnet" \
  --folder-id <folder_ID> \
  --network-name ad-network \
  --zone ru-central1-a \
  --range 10.128.0.0/24 \
  --domain-name yantoso.net \
  --domain-name-server 10.1.0.3,10.2.0.3

Where <folder_ID> is the ID of the folder to create resources in. If the folder is specified in the CLI profile, this parameter can be omitted.

Result:

id: e2ldy0b1prtj********
folder_id: b1gbvco8fejm********
created_at: "2021-07-12T13:28:54Z"
name: test-subnet-1
description: My test subnet
network_id: enpl0t90hept********
zone_id: ru-central1-a
v4_cidr_blocks:
- 10.128.0.0/24
dhcp_options:
  domain_name_servers:
  - 10.1.0.3
  - 10.2.0.3
  domain_name: yantoso.net

Test the network

To check the configuration, create a VM and connect to it via RDP:

  1. Create a VM:

    1. On the folder page in the management console, click Create resource and select Virtual machine instance.

    2. Under Boot disk image, go to the Custom tab and select the Windows Server image. For more information on how to upload your own image for Microsoft products, see the Importing required image section.

    3. Under Location, select the ru-central1-a availability zone to create your VM in.

    4. Under Disks and file storages, enter 50 GB as your boot disk size.

    5. Under Computing resources, navigate to the Custom tab and specify the platform, number of vCPUs, and the amount of RAM:

      • Platform: Intel Cascade Lake
      • vCPU: 2
      • Guaranteed vCPU performance: 100%
      • RAM: 4 GB
      • Make your VM preemptible, if required.

    6. Under Network settings, select ad-network and test-subnet-1.

    7. Under General information, specify the VM name: vm-for-tests-in-subnet.

    8. Click Create VM.

    9. Wait for the VM status to change to Running and reset the password:

      1. Select the VM.
      2. Click Reset password.
      3. Specify the Username to reset the password for. If there is no user with that name on the VM, this user will be created with administrator access.
      4. Click Generate password.
      5. Save the New password. It will become unavailable once you close the window.

    If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.

    To set a password for the VM, create the metadata.yaml file with the following contents:

    #ps1
net user administrator '<password>'

    To create a VM, run the command:

    yc compute instance create \
  --name vm-for-tests-in-subnet \
  --metadata-from-file user-data=metadata.yaml \
  --zone ru-central1-a \
  --cores 2 \
  --memory 4 \
  --network-interface subnet-name=test-subnet-1,nat-ip-version=ipv4 \
  --create-boot-disk image-id=<image_ID>

    Where <image_ID> is the ID of your Windows Server image used for creating the VM.

    Note

    The commands yc compute instance create | create-with-container | update | add-metadata support substitution of environment variable values into VM metadata. When you execute a Yandex Cloud CLI command, these values, specified in the user-data key in $<variable_name> format, will be substituted into the VM metadata from the environment variables of the environment the command is executed in.

    To change such behavior, i.e. to provide a variable name to the VM metadata in $<variable_name> format rather than take the variable value from the CLI command runtime environment, use the two-dollar syntax, e.g., $$<variable_name>.

    For more information, see Specifics of providing environment variables in metadata via the CLI.

    If the command is successful, save the IP address from the one_to_one_nat field. The address is used in the next step to create an RDP connection:

    ...
status: RUNNING
...
primary_v4_address:
  address: 10.128.0.26
...
one_to_one_nat:
  address: 130.193.40.112
  ip_version: IPV4
...

  2. Wait a few minutes and connect to the VM over RDP.

  3. Run PowerShell on the VM.

  4. To view the Windows network configuration, run the command:

    ipconfig /all

    Result:

    Windows IP Configuration

  Host Name . . . . . . . . . . . . : epdpjtg********
  Primary Dns Suffix  . . . . . . . :
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  DNS Suffix Search List. . . . . . : yantoso.net

Ethernet adapter Ethernet 2:

  Connection-specific DNS Suffix  . : yantoso.net
  Description . . . . . . . . . . . : Red Hat VirtIO Ethernet Adapter #2
  Physical Address. . . . . . . . . : D0-0D-19-9F-60-C2
  DHCP Enabled. . . . . . . . . . . : Yes
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::1f0:5a1e:76ea:3ded%3(Preferred)
  IPv4 Address. . . . . . . . . . . : 10.128.0.11(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.0
  Lease Obtained. . . . . . . . . . : Wednesday, July 14, 2021 11:00:09 AM
  Lease Expires . . . . . . . . . . : Saturday, August 20, 2157 5:33:50 PM
  Default Gateway . . . . . . . . . : 10.128.0.1
  DHCP Server . . . . . . . . . . . : 10.128.0.2
  DHCPv6 IAID . . . . . . . . . . . : 114298137
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-28-80-7B-90-D0-0D-19-9F-60-C2
  DNS Servers . . . . . . . . . . . : 10.1.0.3
                                      10.2.0.3
  NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.yantoso.net:

  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix  . : yantoso.net
  Description . . . . . . . . . . . : Microsoft ISATAP Adapter
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes

  5. Check if there is a connection to the yantoso.net domain controller.

    To do this, run this command:

    ping ad-vm-a

    If connected, the output should look as follows:

    PS C:\Users\Administrator> ping ad-vm-a

Pinging ad-vm-a.yantoso.net [10.1.0.3] with 32 bytes of data:
Reply from 10.1.0.3: bytes=32 time=1ms TTL=127
Reply from 10.1.0.3: bytes=32 time<1ms TTL=127
Reply from 10.1.0.3: bytes=32 time<1ms TTL=127
Reply from 10.1.0.3: bytes=32 time<1ms TTL=127

Ping statistics for 10.1.0.3:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms

How to delete the resources you created

Some resources are not free of charge. To avoid paying for them, delete the resources you no longer need:

  1. Delete the vm-for-tests-in-subnet VM.

    1. Select the folder that the VM belongs to.
    2. On the folder dashboard, go to Compute Cloud.
    3. Select the VM → click → select Delete.
    4. Confirm the deletion.

    If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.

    The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

    To delete the VM, run:

    yc compute instance delete vm-for-tests-in-subnet

  2. Delete test-subnet-1.

    1. Open the Virtual Private Cloud section in the folder you want to delete a subnet from.
    2. Click the name of the subnet's cloud network: ad-network.
    3. Click in the test-subnet-1 row.
    4. In the menu that opens, click Delete.
    5. Confirm the deletion and click Delete.

    If you do not have the Yandex Cloud (CLI) command line interface yet, install and initialize it.

    The folder specified when creating the CLI profile is used by default. To change the default folder, use the yc config set folder-id <folder_ID> command. You can specify a different folder using the --folder-name or --folder-id parameter.

    To delete the subnet, run:

    yc vpc subnet delete --name test-subnet-1
Previous
Architecture and protection of a basic internet service
Next
Overview