We are planning to add Infoblox to our GCP environment. So far I have found some gotchas and wanted to run it past the community to see if anyone else has seen these architecture issues.


First, we are a large organization, to that end we can easily run into the VPC peering limits really fast. To get around this limitation we use the hub and spoke architecture for our networking.


More info here:


The problem with this design is I am thinking it would require an Infoblox appliance in every hub to accommodate the spokes. Am I correct in this assumption?


Second, there is a small footnote in the GCP DNS documentation that states DNS traffic can not be transitive between regions:


I interpret that to mean I would also need an Infoblox appliance for each region we use and each hub connected to that region. At this rate, the number of Infoblox appliances is getting prohibitively expensive and complex. 


Has anyone else gone down this path?

