fixed things and added info

Author: ccompy

includes/app-service-web-vnet-regional.md

@@ -2,25 +2,25 @@
 author: ccompy
 ms.service: app-service-web
 ms.topic: include
-ms.date: 02/27/2020
+ms.date: 04/15/2020
 ms.author: ccompy
 ---
 Using regional VNet Integration enables your app to access:
 
-* Resources in the virtual network in the same region that you integrate with.
-* Resources in virtual networks peered to your virtual network that are in the same region.
+* Resources in a VNet in the same region as your app.
+* Resources in VNets peered to the VNet your app is integrated with.
 * Service endpoint secured services.
 * Resources across Azure ExpressRoute connections.
-* Resources in the virtual network you're connected to.
+* Resources in the VNet you're integrated with.
 * Resources across peered connections, which includes Azure ExpressRoute connections.
-* Private endpoints.
+* Private endpoints - Note: DNS must be managed separately rather than using Azure DNS private zones.
 
-When you use VNet Integration with virtual networks in the same region, you can use the following Azure networking features:
+When you use VNet Integration with VNets in the same region, you can use the following Azure networking features:
 
 * **Network security groups (NSGs)**: You can block outbound traffic with an NSG that's placed on your integration subnet. The inbound rules don't apply because you can't use VNet Integration to provide inbound access to your app.
 * **Route tables (UDRs)**: You can place a route table on the integration subnet to send outbound traffic where you want.
 
-By default, your app routes only RFC1918 traffic into your virtual network. If you want to route all of your outbound traffic into your virtual network, apply the app setting WEBSITE_VNET_ROUTE_ALL to your app. To configure the app setting:
+By default, your app routes only RFC1918 traffic into your VNet. If you want to route all of your outbound traffic into your VNet, apply the app setting WEBSITE_VNET_ROUTE_ALL to your app. To configure the app setting:
 
 1. Go to the **Configuration** UI in your app portal. Select **New application setting**.
 1. Enter **WEBSITE_VNET_ROUTE_ALL** in the **Name** box, and enter **1** in the **Value** box.
@@ -30,24 +30,25 @@ By default, your app routes only RFC1918 traffic into your virtual network. If y
 1. Select **OK**.
 1. Select **Save**.
 
-If you route all of your outbound traffic into your virtual network, it's subject to the NSGs and UDRs that are applied to your integration subnet. When you route all of your outbound traffic into your virtual network, your outbound addresses are still the outbound addresses that are listed in your app properties unless you provide routes to send the traffic elsewhere.
+If you route all of your outbound traffic into your VNet, it's subject to the NSGs and UDRs that are applied to your integration subnet. When you route all of your outbound traffic into your VNet, your outbound addresses are still the outbound addresses that are listed in your app properties unless you provide routes to send the traffic elsewhere.
 
-There are some limitations with using VNet Integration with virtual networks in the same region:
+There are some limitations with using VNet Integration with VNets in the same region:
 
 * You can't reach resources across global peering connections.
 * The feature is available only from newer Azure App Service scale units that support PremiumV2 App Service plans.
 * The integration subnet can be used by only one App Service plan.
 * The feature can't be used by Isolated plan apps that are in an App Service Environment.
-* The feature requires an unused subnet that's a /27 with 32 addresses or larger in an Azure Resource Manager virtual network.
-* The app and the virtual network must be in the same region.
-* You can't delete a virtual network with an integrated app. Remove the integration before you delete the virtual network.
-* You can only integrate with virtual networks in the same subscription as the app.
-* You can have only one regional VNet Integration per App Service plan. Multiple apps in the same App Service plan can use the same virtual network.
+* The feature requires an unused subnet that's a /27 with 32 addresses or larger in an Azure Resource Manager VNet.
+* The app and the VNet must be in the same region.
+* You can't delete a VNet with an integrated app. Remove the integration before you delete the VNet.
+* You can only integrate with VNets in the same subscription as the app.
+* You can have only one regional VNet Integration per App Service plan. Multiple apps in the same App Service plan can use the same VNet.
 * You can't change the subscription of an app or a plan while there's an app that's using regional VNet Integration.
+* Your app cannot resolve addresses in Azure DNS Private Zones.
 
 One address is used for each plan instance. If you scale your app to five instances, then five addresses are used. Since subnet size can't be changed after assignment, you must use a subnet that's large enough to accommodate whatever scale your app might reach. A /26 with 64 addresses is the recommended size. A /26 with 64 addresses accommodates a Premium plan with 30 instances. When you scale a plan up or down, you need twice as many addresses for a short period of time.
 
-If you want your apps in another plan to reach a virtual network that's already connected to by apps in another plan, select a different subnet than the one being used by the preexisting VNet Integration.
+If you want your apps in another plan to reach a VNet that's already connected to by apps in another plan, select a different subnet than the one being used by the preexisting VNet Integration.
 
 The feature is in preview for Linux. The Linux form of the feature only supports making calls to RFC 1918 addresses (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16).
 
@@ -57,7 +58,7 @@ If you host your app on Linux with the built-in images, regional VNet Integratio
 
 ### Service endpoints
 
-With regional VNet Integration, you can use service endpoints. To use service endpoints with your app, use regional VNet Integration to connect to a selected virtual network. Then configure service endpoints on the subnet you used for the integration.
+With regional VNet Integration, you can use service endpoints. To use service endpoints with your app, use regional VNet Integration to connect to a selected VNet. Then configure service endpoints on the subnet you used for the integration.
 
 ### Network security groups
 
@@ -78,4 +79,4 @@ Border Gateway Protocol (BGP) routes also affect your app traffic. If you have B
 [4]: ../includes/media/web-sites-integrate-with-vnet/vnetint-appsetting.png
 
 <!--Links-->
-[VNETnsg]: https://docs.microsoft.com/azure/virtual-network/security-overview/
+[VNETnsg]: https://docs.microsoft.com/azure/virtual-network/security-overview/