You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/api-management/api-management-using-with-internal-vnet.md
+10-11Lines changed: 10 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -111,7 +111,15 @@ After successful deployment, you should see your API Management service's **priv
111
111
112
112
## DNS configuration
113
113
114
-
In external VNET mode, Azure manages the DNS. For internal VNET mode, you have to manage your own DNS to enable access to your API Management service endpoints.
114
+
In external VNET mode, Azure manages the DNS. For internal VNET mode, you have to manage your own DNS to enable inbound access to your API Management service endpoints.
115
+
116
+
We recommend:
117
+
118
+
1. Configure an Azure [DNS private zone](../dns/private-dns-overview.md).
119
+
1. Link the Azure DNS private zone to the VNET into which you've deployed your API Management service.
120
+
121
+
Learn how to [set up a private zone in Azure DNS](../dns/private-dns-getstarted-portal.md).
122
+
115
123
116
124
> [!NOTE]
117
125
> The API Management service does not listen to requests on its IP addresses. It only responds to requests to the host name configured on its service endpoints. These endpoints include:
@@ -144,7 +152,6 @@ To access these API Management service endpoints, you can create a virtual machi
144
152
145
153
You can then access all the service endpoints from the virtual machine you created.
146
154
147
-
148
155
### Access on custom domain names
149
156
150
157
If you don't want to access the API Management service with the default host names:
@@ -155,14 +162,6 @@ If you don't want to access the API Management service with the default host nam
155
162
156
163
2. Create records in your DNS server to access the endpoints accessible from within your VNET. Map the endpoint records to the [private virtual IP address](#routing) for your service.
157
164
158
-
We recommend:
159
-
160
-
1. Configure an Azure [DNS private zone](../dns/private-dns-overview.md).
161
-
1. Link the Azure DNS private zone to the VNET into which you've deployed your API Management service.
162
-
1. Create DNS A-records in the private zone to access each of the API Management endpoints.
163
-
164
-
Learn how to [set up a private zone in Azure DNS](../dns/private-dns-getstarted-portal.md).
165
-
166
165
## Routing
167
166
168
167
The following virtual IP addresses are configured for an API Management instance in an internal virtual network. Learn more about the [IP addresses of API Management](api-management-howto-ip-addresses.md).
@@ -184,7 +183,7 @@ The load-balanced public and private IP addresses can be found on the **Overview
184
183
185
184
### VIP and DIP addresses
186
185
187
-
DIP addresses will be assigned to each underlying virtual machine in the service and used to access resources *within* the VNET. A VIP address will be used to access resources *outside* the VNET. If IP restriction lists secure resources within the VNET, you must specify the entire subnet range where the API Management service is deployed to grant or restrict access from the service.
186
+
Dynamic IP (DIP) addresses will be assigned to each underlying virtual machine in the service and used to access resources *within* the VNET. The API Management service's public virtual IP (VIP) address will be used to access resources *outside* the VNET. If IP restriction lists secure resources within the VNET, you must specify the entire subnet range where the API Management service is deployed to grant or restrict access from the service.
188
187
189
188
Learn more about the [recommended subnet size](virtual-network-concepts.md#subnet-size).
0 commit comments