You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/private-link/private-endpoint-dns-integration.md
+4-6Lines changed: 4 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,7 @@ services: private-link
5
5
author: abell
6
6
ms.service: azure-private-link
7
7
ms.topic: concept-article
8
-
ms.date: 06/23/2025
8
+
ms.date: 06/25/2025
9
9
ms.author: abell
10
10
ms.custom: fasttrack-edit
11
11
# Customer intent: As a network administrator, I want to configure DNS settings for Azure Private Endpoints, so that I can ensure secure and efficient resolution of private IP addresses required for my applications and services within the virtual network.
@@ -79,13 +79,11 @@ A [DNS forwarder](/windows-server/identity/ad-ds/plan/reviewing-dns-concepts#res
79
79
80
80
> [!NOTE]
81
81
> DNS queries for private endpoints must originate from the virtual network that is linked to the private DNS zone. The DNS forwarder enables this by proxying queries on behalf of on-premises clients.
82
+
> This scenario uses the Azure SQL Database-recommended private DNS zone. For other services, you can adjust the model using the following reference: [Azure services DNS zone configuration](private-endpoint-dns.md).
82
83
83
84
84
85
The following scenario is for an on-premises network that has a DNS forwarder in Azure. This forwarder resolves DNS queries via a server-level forwarder to the Azure provided DNS [168.63.129.16](../virtual-network/what-is-ip-address-168-63-129-16.md).
85
86
86
-
> [!NOTE]
87
-
> This scenario uses the Azure SQL Database-recommended private DNS zone. For other services, you can adjust the model using the following reference: [Azure services DNS zone configuration](private-endpoint-dns.md).
88
-
89
87
To configure properly, you need the following resources:
90
88
91
89
- On-premises network with a custom DNS solution in place
@@ -101,9 +99,9 @@ To configure properly, you need the following resources:
101
99
- Extend this configuration for on-premises networks that already have a custom DNS solution.
102
100
- Configure your on-premises DNS solution with a [conditional forwarder](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server) for the private DNS zone. The conditional forwarder should point to the DNS forwarder deployed in Azure, so DNS queries for private endpoints are correctly resolved.
103
101
104
-
The following diagram illustrates the DNS resolution from an on-premises network. DNS resolution is conditionally forwarded to Azure. The resolution is made by a private DNS zone [linked to a virtual network](../dns/private-dns-virtual-network-links.md):
102
+
The resolution is made by a private DNS zone [linked to a virtual network](../dns/private-dns-virtual-network-links.md):
105
103
106
-
<!--:::image type="content" source="media/private-endpoint-dns/on-premises-forwarding-to-azure.png" alt-text="Diagram of on-premises forwarding to Azure DNS without Azure Private Resolver." lightbox="media/private-endpoint-dns/on-premises-forwarding-to-azure.png":::-->
104
+
:::image type="content" source="media/private-endpoint-dns/on-premises-forwarding-to-azure-no-resolver.png" alt-text="Diagram of on-premises forwarding to Azure DNS without Azure Private Resolver." lightbox="media/private-endpoint-dns/on-premises-forwarding-to-azure-no-resolver.png":::
107
105
108
106
## Azure Private Resolver for on-premises workloads
0 commit comments