You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/application-gateway/application-gateway-dns-resolution.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,13 +15,13 @@ An Application Gateway is a dedicated deployment within your Virtual Network. Th
15
15
## Need for name resolution
16
16
Application Gateway performs DNS resolution for the Fully Qualified Domain Names (FQDN) of
17
17
18
-
1)**Customer-provided FQDNs**, such as
19
-
* Domain name-based backend server
20
-
* Key vault endpoint for listener certificate
21
-
* Custom error page URL
22
-
* Online Certificate Status Protocol (OCSP) verification URL
18
+
***Customer-provided FQDNs**, such as
19
+
* Domain name-based backend server
20
+
* Key vault endpoint for listener certificate
21
+
* Custom error page URL
22
+
* Online Certificate Status Protocol (OCSP) verification URL
23
23
24
-
2)**Management FQDNs** that are utilized for various Azure infrastructure endpoints (control plane). These are the building blocks that form a complete Application Gateway resource. For example, communication with monitoring endpoints enable flow of Logs and Metrics. Thus, it's important for application gateways to internally communicate with other Azure services' endpoints having suffixes like `.windows.net`, `.azure.net`, etc.
24
+
***Management FQDNs** that are utilized for various Azure infrastructure endpoints (control plane). These are the building blocks that form a complete Application Gateway resource. For example, communication with monitoring endpoints enable flow of Logs and Metrics. Thus, it's important for application gateways to internally communicate with other Azure services' endpoints having suffixes like `.windows.net`, `.azure.net`, etc.
25
25
26
26
> [!IMPORTANT]
27
27
> The management endpoint domain names that an Application Gateway resource interacts with are listed here. Depending on the type of application gateway deployment (detailed in this article), any name resolution issue for these Azure domain names may lead to either partial or complete loss of resource functionality.
@@ -53,7 +53,7 @@ Flows:
53
53
* After performing successful DNS resolutions for these FQDNs, the instance can communicate with the Key Vault and backend server endpoints.
54
54
55
55
Considerations:
56
-
* Don't create and link private DNS zones for top-level Azure domain names. You must create DNS zone for a subdomain as specific as possible. For example, having a private DNS zone for `privatelink.vaultcore.azure.net` for a key vault’s private endpoint works in all cases than having a zone for `vaultcore.azure.net` or `azure.net`.
56
+
* Don't create and link private DNS zones for top-level Azure domain names. You must create DNS zone for a subdomain as specific as possible. For example, having a private DNS zone for `privatelink.vaultcore.azure.net` for a key vault’s private endpoint works better in all cases than having a zone for `vaultcore.azure.net` or `azure.net`.
57
57
* For communication with backend servers or any service using a Private Endpoint, ensure the private link DNS zone is linked to your application gateway’s virtual network.
0 commit comments