You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/private-link/private-endpoint-dns.md
+9-8Lines changed: 9 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -74,8 +74,7 @@ DNS is a critical component to make the application work correctly by resolving
74
74
Based on your preferences, the following scenarios are available for DNS resolution integrated:
75
75
76
76
-[Virtual network workloads without custom DNS server](#virtual-network-workloads-without-custom-dns-server)
77
-
-[On premises workloads using a custom DNS server](#on-premises-workloads-using-a-custom-dns-server)
78
-
77
+
-[On premises workloads using a DNS forwarder](#on-premises-workloads-using-a-dns-forwarder)
79
78
80
79
## Virtual network workloads without custom DNS server
81
80
@@ -106,9 +105,9 @@ In this scenario there's a [hub & spoke](https://docs.microsoft.com/azure/archit
106
105
107
106
:::image type="content" source="media/private-endpoint-dns/hub-and-spoke-azure-dns.png" alt-text="hub and spoke with azure provided dns":::
108
107
109
-
## On premises workloads using a custom DNS server
108
+
## On premises workloads using a custom DNS forwarder
110
109
111
-
For on premises workloads to be able to resolve an FQDN of a private endpoint into the private IP address, you must use a custom DNS server to forward the resolution for Azure service [public DNS zones](#azure-services-dns-zone-configuration) deployed in Azure.
110
+
For on premises workloads to be able to resolve an FQDN of a private endpoint into the private IP address, you must use a DNS forwarder to make the resolution of the Azure service [public DNS zone](#azure-services-dns-zone-configuration) deployed in Azure.
112
111
113
112
114
113
The following scenario is appropriate for an on premises network that has a DNS forwarder in Azure, which in turn is responsible for resolving all the DNS queries via a server level forwarder to the Azure provided DNS [168.63.129.16](../virtual-network/what-is-ip-address-168-63-129-16.md)
@@ -119,17 +118,18 @@ The following scenario is appropriate for an on premises network that ha
119
118
To configure properly you would need the following resources:
120
119
121
120
- On premises network
122
-
- Virtual network [connected to on premises](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/)
121
+
- Virtual network [connected to on premises](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/)
122
+
- DNS forwarder deployed in Azure
123
123
- Private DNS zones [privatelink.database.windows.net](../dns/private-dns-privatednszone.md) with [type A Record](../dns/dns-zones-records.md#record-types)
124
124
- Private endpoint information (FQDN record name and Private IP Address)
125
125
126
-
The following diagram illustrates the DNS resolution sequence from an on premise network that use a DNS server deployed in Azure,
126
+
The following diagram illustrates the DNS resolution sequence from an on premise network that use a DNS forwarder deployed in Azure,
127
127
where the resolution is made by an private DNS zone linked to a virtual network.
128
128
129
129
:::image type="content" source="media/private-endpoint-dns/on-premise-using-azure-dns.png" alt-text="on premise using azure dns":::
130
130
131
131
This configuration can be extended for an on premise network that has already a DNS solution in place.
132
-
The on premises DNS solution needs to be configured to forward DNS traffic to the Azure DNS via a [conditional forwarder](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server) referencing the custom DNS deployed in Azure.
132
+
The on premises DNS solution needs to be configured to forward DNS traffic to the Azure DNS via a [conditional forwarder](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server) referencing the DNS forwarder deployed in Azure.
133
133
134
134
> [!NOTE]
135
135
> This scenario is using Azure SQL database recommended Private DNS zone. For other services you can adjust the model using the following reference [Azure services DNS zone configuration](#azure-services-dns-zone-configuration).
@@ -138,7 +138,8 @@ To configure properly you would need the following resources :
138
138
139
139
140
140
- On premises network with a custom DNS solution in place
141
-
- Virtual network [connected to on premises](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/)
141
+
- Virtual network [connected to on premises](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/)
142
+
- DNS forwarder deployed in Azure
142
143
- Private DNS zones [privatelink.database.windows.net](../dns/private-dns-privatednszone.md) with [type A Record](../dns/dns-zones-records.md#record-types)
143
144
- Private endpoint information (FQDN record name and Private IP Address)
0 commit comments