Merge pull request #273221 from rcdun/1523023_remove_domain_delegation

1523023 Remove domain delegation from Communications Gateway

Author: prmerger-automator[bot]

articles/communications-gateway/connect-teams-direct-routing.md

@@ -71,11 +71,6 @@ Microsoft Teams only sends traffic to domains that you confirm that you own. You
 
 You need to register the base domain for Azure Communications Gateway in your tenant and verify it. Registering and verifying the base domain proves that you control the domain.
 
-> [!TIP]
-> If the base domain name is a subdomain of a domain already registered and verified in this tenant:
-> - You must register Azure Communications Gateway's base domain name.
-> - Microsoft 365 automatically verifies the base domain name.
-
 Follow the instructions [to add a domain to your tenant](/microsoftteams/direct-routing-sbc-multiple-tenants#add-a-base-domain-to-the-tenant-and-verify-it). Use the base domain name that you found in [Find your Azure Communication Gateway's domain names for connecting to Microsoft Teams Direct Routing](#find-your-azure-communication-gateways-domain-names-for-connecting-to-microsoft-teams-direct-routing).
 
 If Microsoft 365 prompts you to verify the domain name:
@@ -97,9 +92,6 @@ If you don't already have an onboarding team, contact azcog-enablement@microsoft
 
 ## Finish verifying the base domain name in Microsoft 365
 
-> [!NOTE]
-> If Microsoft 365 did not prompt you to verify the domain in [Register the base domain name in your tenant](#register-the-base-domain-name-in-your-tenant), skip this step.
-
 After your onboarding team confirms that the DNS records have been set up, finish verifying the base domain name in the Microsoft 365 admin center.
 
 1. Sign into the Microsoft 365 admin center as a Global Administrator.

articles/communications-gateway/connectivity.md

@@ -79,17 +79,13 @@ Azure Communications Gateway (ACG) deployments require multiple IP addresses and
 
 Each site in your network must send traffic to its local Azure Communications Gateway service region by default, and fail over to the other region if the local region is unavailable. For example, site A must route traffic to region 1, and, if it detects that region 1 is unavailable, reroute traffic to region 2. For more information on the call routing requirements, see [Call routing requirements](reliability-communications-gateway.md#call-routing-requirements).
 
-## Autogenerated domain names and domain delegation
+## Autogenerated domain names
 
 Azure Communications Gateway provides multiple FQDNs:
 
-* A _base domain_ for your deployment. This domain provides the Provisioning API. It's item 13 in [IP addresses and domain names](#ip-addresses-and-domain-names).
+* A `<deployment-id>.commsgw.azure.com`  _base domain_ for your deployment, where `<deployment-id>` is autogenerated and unique to the deployment. This domain provides the Provisioning API. It's item 13 in [IP addresses and domain names](#ip-addresses-and-domain-names).
 * _Per-region domain names_ that resolve to the signaling IP addresses to which your network should route signaling traffic. These domain names are subdomains of the base domain. They're items 7 and 10 in [IP addresses and domain names](#ip-addresses-and-domain-names).
 
-You must decide whether you want these FQDNs to be `*.commsgw.azure.com` domain names or subdomains of a domain you already own, using [domain delegation with Azure DNS](../dns/dns-domain-delegation.md).
-
-Domain delegation provides topology hiding and might increase customer trust, but requires giving us full control over the subdomain that you delegate. For Microsoft Teams Direct Routing, choose domain delegation if you don't want customers to see a `*.commsgw.azure.com` address in their Microsoft 365 admin centers.
-
 ## Related content
 
 - Learn how to [route calls to Azure Communications Gateway](reliability-communications-gateway.md#call-routing-requirements).

articles/communications-gateway/deploy.md

@@ -113,19 +113,6 @@ When your resource has been provisioned, you can connect Azure Communications Ga
     - With MAPS Voice, BFD must bring up the BGP peer for each Private Network Interface (PNI).
 1. Meet any other requirements for your communications platform (for example, the *Network Connectivity Specification* for Operator Connect or Teams Phone Mobile). If you need access to Operator Connect or Teams Phone Mobile specifications, contact your onboarding team.
 
-## Configure domain delegation with Azure DNS
-
-> [!NOTE]
-> If you decided to use an automatically allocated `*.commsgw.azure.com` domain name for Azure Communications Gateway, skip this step.
-
-If you chose to delegate a subdomain when you created Azure Communications Gateway, you must update the name server (NS) records for this subdomain to point to name servers created for you in your Azure Communications Gateway deployment.
-
-1. Sign in to the [Azure portal](https://azure.microsoft.com/).
-1. In the search bar at the top of the page, search for your Communications Gateway resource.
-1. On the **Overview** page for your Azure Communications Gateway resource, find the four name servers that have been created for you.
-1. Note down the names of these name servers, including the trailing `.` at the end of the address.
-1. Follow [Delegate the domain](../dns/dns-delegate-domain-azure-dns.md#delegate-the-domain) and [Verify the delegation](../dns/dns-delegate-domain-azure-dns.md#verify-the-delegation) to configure all four name servers in your NS records. We recommend configuring a time-to-live (TTL) of two days.
-
 ## Configure alerts for upgrades, maintenance and resource health
 
 Azure Communications Gateway is integrated with Azure Service Health and Azure Resource Health.

articles/communications-gateway/interoperability-teams-direct-routing.md

@@ -51,9 +51,6 @@ An Azure Communications Gateway deployment is designed to support Direct Routing
 
 Your Azure Communications Gateway deployment always receives an FQDN (fully qualified domain name) when it's created. You use this FQDN as the _base domain_ for your carrier tenant.
 
-> [!TIP]
-> You can provide your own base domain to use with Azure Communications Gateway, or use the domain name that Azure automatically allocates. For more information, see [Topology hiding with domain delegation](#topology-hiding-with-domain-delegation).
-
 Azure Communications Gateway also receives two per-region subdomains of the base domain (one per region).
 
 Each of your customers needs _customer subdomains_ of these per-region domains. Azure Communications Gateway includes one of these subdomains in the Contact header of each message it sends to the Microsoft Phone System: the presence of the subdomain allows the Microsoft Phone System to identify the customer tenant for each message. For more information, see [Identifying the customer tenant for Microsoft Phone System](#identifying-the-customer-tenant-for-microsoft-phone-system).
@@ -157,12 +154,6 @@ Azure Communications Gateway has Preview support for Direct Routing media bypass
 
 If you believe that media bypass support (preview) would be useful for your deployment, discuss your requirements with a Microsoft representative.
 
-## Topology hiding with domain delegation
-
-The domain for your Azure Communications Gateway deployment is visible to customer administrators in their Microsoft 365 admin center. By default, each Azure Communications Gateway deployment receives an automatically generated domain name in the form `<deployment-id>.commsgw.azure.com`, where `<deployment-id>` is autogenerated and unique to the deployment. For example, the domain name might be `a1b2c3d4e5f6g7h8.commsgw.azure.com`.
-
-To hide the details of your deployment, you can configure Azure Communications Gateway to use a subdomain of your own base domain. Customer administrators see subdomains of this domain in their Microsoft 365 admin center. This process uses [DNS delegation with Azure DNS](../dns/dns-domain-delegation.md). You must configure DNS delegation as part of deploying Azure Communications Gateway.
-
 ## Next steps
 
 - Learn about [monitoring Azure Communications Gateway](monitor-azure-communications-gateway.md).

articles/communications-gateway/prepare-to-deploy.md

@@ -50,12 +50,7 @@ Access to Azure Communications Gateway is restricted. When you've completed the
 
 ## Create a network design
 
-Decide how Azure Communications Gateway should connect to your network. You must choose:
-
-- The type of connection you want to use: for example, Microsoft Azure Peering Service Voice (recommended; sometimes called MAPS Voice).
-- The form of domain names Azure Communications Gateway uses towards your network: an autogenerated `*.commsgw.azure.com` domain name or a subdomain of a domain you already own (using [domain delegation with Azure DNS](../dns/dns-domain-delegation.md)).
-
-For more information about your options, see [Connectivity for Azure Communications Gateway](connectivity.md).
+Decide how Azure Communications Gateway should connect to your network. We recommend Microsoft Azure Peering Service Voice (sometimes called MAPS Voice). For more information about your options, see [Connectivity for Azure Communications Gateway](connectivity.md).
 
 For Teams Phone Mobile and Azure Operator Call Protection Preview, you must decide how your network should determine whether a call involves a relevant subscriber and therefore route the call correctly. You can:
 
@@ -98,9 +93,7 @@ Configure connections between your network and Azure:
  |The voice codecs to use between Azure Communications Gateway and your network. We recommend that you only specify any codecs if you have a strong reason to restrict codecs (for example, licensing of specific codecs) and you can't configure your network or endpoints not to offer specific codecs. Restricting codecs can reduce the overall voice quality due to lower-fidelity codecs being selected. |**Call Handling: Supported codecs**|
  |Whether your Azure Communications Gateway resource should handle emergency calls as standard calls or directly route them to the Emergency Routing Service Provider (US only; only for Operator Connect or Teams Phone Mobile). |**Call Handling: Emergency call handling**|
  |A comma-separated list of dial strings used for emergency calls. For Microsoft Teams, specify dial strings as the standard emergency number (for example `999`). For Zoom, specify dial strings in the format `+<country-code><emergency-number>` (for example `+44999`). (Only for Operator Connect, Teams Phone Mobile and Zoom Phone Cloud Peering).|**Call Handling: Emergency dial strings**|
- |Whether to use an autogenerated `*.commsgw.azure.com` domain name or to use a subdomain of your own domain by delegating it to Azure Communications Gateway. Delegated domains are limited to 34 characters. For more information on this choice, see [the guidance on creating a network design](prepare-to-deploy.md#create-a-network-design). | **DNS: Domain name options** |
- |(Required if you choose an autogenerated domain) The scope at which the autogenerated domain name label for Azure Communications Gateway is unique. Communications Gateway resources are assigned an autogenerated domain name label that depends on the name of the resource.  Selecting **Tenant** gives a resource with the same name in the same tenant but a different subscription the same label. Selecting **Subscription** gives a resource with the same name in the same subscription but a different resource group the same label. Selecting **Resource Group** gives a resource with the same name in the same resource group the same label. Selecting **No Re-use** means the label doesn't depend on the name, resource group, subscription or tenant. |**DNS: Auto-generated Domain Name Scope**|
- | (Required if you choose a delegated domain) The domain to delegate to this Azure Communications Gateway deployment | **DNS: DNS domain name** |
+ |The scope at which the autogenerated domain name label for Azure Communications Gateway is unique. Communications Gateway resources are assigned an autogenerated domain name label that depends on the name of the resource.  Selecting **Tenant** gives a resource with the same name in the same tenant but a different subscription the same label. Selecting **Subscription** gives a resource with the same name in the same subscription but a different resource group the same label. Selecting **Resource Group** gives a resource with the same name in the same resource group the same label. Selecting **No Re-use** means the label doesn't depend on the name, resource group, subscription or tenant. |**DNS: Auto-generated Domain Name Scope**|
 
 ## Collect configuration values for service regions