Merge pull request #114721 from mblanco77/privatelink-dns-development

private link dns suggested wording

Author: ShannonLeavitt

articles/private-link/media/private-endpoint-dns/on-premise-forwarding-to-azure.png renamed to articles/private-link/media/private-endpoint-dns/on-premises-forwarding-to-azure.png

@@ -11,20 +11,20 @@ ms.author: allensu
 # Azure Private Endpoint DNS Configuration
 
 
-When connecting to a private link resource using a fully qualified domain name (FQDN) as part of the connection string, it's important to correctly configure your DNS settings to resolve to the allocated private IP address. Existing Azure services might already have a DNS configuration to use when connecting over a public endpoint. This needs to be overridden to connect using your private endpoint. 
+When connecting to a private link resource using a fully qualified domain name (FQDN) as part of the connection string, it's important to correctly configure your DNS settings to resolve to the allocated private IP address. Existing Azure services might already have a DNS configuration to use when connecting over a public endpoint. This configuration needs to be overridden to connect using your private endpoint. 
 
 The network interface associated with the private endpoint contains the complete set of information required to configure your DNS, including FQDN and private IP addresses allocated for a given private link resource. 
 
 You can use the following options to configure your DNS settings for private endpoints: 
 - **Use the Host file (only recommended for testing)**. You can use the host file on a virtual machine to override the DNS.  
 - **Use a private DNS zone**. You can use [private DNS zones](../dns/private-dns-privatednszone.md) to override the DNS resolution for a given private endpoint. A private DNS zone can be linked to your virtual network to resolve specific domains.
-- **Use your custom DNS server**. You can use your own DNS server to override the DNS resolution for a given private link resource. If your [DNS server](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server) is hosted on a virtual network, you can create a DNS forwarding rule to use a private DNS zone to simplify the configuration for all private link resources.
+- **Use your DNS forwarder (Optional)**. You can use your DNS forwarder to override the DNS resolution for a given private link resource. If your [DNS server](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server) is hosted on a virtual network, you can create a DNS forwarding rule to use a private DNS zone to simplify the configuration for all private link resources.
 
 > [!IMPORTANT]
 > It's not recommended to override a zone that is actively in use to resolve public endpoints. Connections to resources won't be able to resolve correctly without DNS forwarding to the public DNS. To avoid issues, create a different domain name or follow the suggested name for each service below. 
 
 ## Azure services DNS zone configuration
-Azure services will create a canonical name DNS record (CNAME) on the public DNS to redirect the resolution to the suggested private domain names. You'll be able to override the resolution with the private IP address of your private endpoints. 
+Azure services will create a canonical name DNS record (CNAME) on the public DNS to redirect the resolution to the suggested private domain name. You can override the resolution with the private IP address of your private endpoints. 
 
 Your applications don't need to change the connection URL. When attempting to resolve using a public DNS, the DNS server will now resolve to your private endpoints. The process does not impact your existing applications. 
 
@@ -74,7 +74,7 @@ DNS is a critical component to make the application work correctly by resolving
 Based on your preferences, the following scenarios are available for DNS resolution integrated:
 
 - [Virtual network workloads without custom DNS server](#virtual-network-workloads-without-custom-dns-server)
-- [On premises workloads using a DNS forwarder](#on-premises-workloads-using-a-dns-forwarder)
+- [On-premises workloads using a DNS forwarder](#on-premises-workloads-using-a-dns-forwarder)
 
 ## Virtual network workloads without custom DNS server
 
@@ -84,7 +84,7 @@ This configuration is appropriate for virtual network workloads without custom D
 > [!NOTE]
 > This scenario is using Azure SQL database recommended Private DNS zone. For other services you can adjust the model using the following reference [Azure services DNS zone configuration](#azure-services-dns-zone-configuration).
 
-To configure properly you would need the following resources :
+To configure properly, you would need the following resources:
 
 - Client virtual network
 
@@ -101,54 +101,54 @@ This model can be extended to multiple peered virtual networks that are associat
 > [!IMPORTANT]
 >  A single private DNS zone is required for this configuration, creating multiple zones with the same name for different virtual networks would need manual operations to merge the DNS records
 
-In this scenario there's a [hub & spoke](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/hub-spoke) networking topology with the spoke networks sharing a common private endpoint and all the spoke virtual network are linked to the same private dns zone. 
+In this scenario, there's a [hub & spoke](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/hub-spoke) networking topology with the spoke networks sharing a common private endpoint and all the spoke virtual network are linked to the same private dns zone. 
 
 :::image type="content" source="media/private-endpoint-dns/hub-and-spoke-azure-dns.png" alt-text="Hub and spoke with Azure-provided DNS":::
 
-## On premises workloads using a DNS forwarder
+## On-premises workloads using a DNS forwarder
 
-For on premises workloads to be able to resolve an FQDN of a private endpoint into the private IP address, you must use a DNS forwarder to make the resolution of the Azure service [public DNS zone](#azure-services-dns-zone-configuration) deployed in Azure.
+For on-premises workloads to be able to resolve an FQDN of a private endpoint into the private IP address, you must use a DNS forwarder to make the resolution of the Azure service [public DNS zone](#azure-services-dns-zone-configuration) deployed in Azure.
 
 
-The following scenario is appropriate for an on premises network that has a DNS forwarder in Azure, which in turn is responsible for resolving all the DNS queries via a server level forwarder to the Azure provided DNS [168.63.129.16](../virtual-network/what-is-ip-address-168-63-129-16.md) 
+The following scenario is appropriate for an on-premises network that has a DNS forwarder in Azure, which in turn is responsible for resolving all the DNS queries via a server level forwarder to the Azure provided DNS [168.63.129.16](../virtual-network/what-is-ip-address-168-63-129-16.md) 
 
 > [!NOTE]
 > This scenario is using Azure SQL database recommended Private DNS zone. For other services you can adjust the model using the following reference [Azure services DNS zone configuration](#azure-services-dns-zone-configuration).
 
-To configure properly you would need the following resources:
+To configure properly, you would need the following resources:
 
-- On premises network
-- Virtual network [connected to on premises](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/)
+- On-premises network
+- Virtual network [connected to on-premises](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/)
 - DNS forwarder deployed in Azure 
 - Private DNS zones [privatelink.database.windows.net](../dns/private-dns-privatednszone.md) with [type A Record](../dns/dns-zones-records.md#record-types)
 - Private endpoint information (FQDN record name and Private IP Address)
 
-The following diagram illustrates the DNS resolution sequence from an on premise network that use a DNS forwarder deployed in Azure,
-where the resolution is made by an private DNS zone linked to a virtual network.
+The following diagram illustrates the DNS resolution sequence from an on-premises network that uses a DNS forwarder deployed in Azure,
+where the resolution is made by a private DNS zone linked to a virtual network.
 
-:::image type="content" source="media/private-endpoint-dns/on-premise-using-azure-dns.png" alt-text="On-premises using Azure DNS":::
+:::image type="content" source="media/private-endpoint-dns/on-premises-using-azure-dns.png" alt-text="On-premises using Azure DNS":::
 
-This configuration can be extended for an on premise network that has already a DNS solution in place. 
-The on premises DNS solution needs to be configured to forward DNS traffic to the Azure DNS via a [conditional forwarder](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server) referencing the DNS forwarder deployed in Azure.
+This configuration can be extended for an on-premises network that has already a DNS solution in place. 
+The on-premises DNS solution needs to be configured to forward DNS traffic to the Azure DNS via a [conditional forwarder](../virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances.md#name-resolution-that-uses-your-own-dns-server) referencing the DNS forwarder deployed in Azure.
 
 > [!NOTE]
 > This scenario is using Azure SQL database recommended Private DNS zone. For other services you can adjust the model using the following reference [Azure services DNS zone configuration](#azure-services-dns-zone-configuration).
 
-To configure properly you would need the following resources :
+To configure properly, you would need the following resources:
 
 
-- On premises network with a custom DNS solution in place 
-- Virtual network [connected to on premises](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/)
+- On-premises network with a custom DNS solution in place 
+- Virtual network [connected to on-premises](https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/)
 - DNS forwarder deployed in Azure
 - Private DNS zones [privatelink.database.windows.net](../dns/private-dns-privatednszone.md)  with [type A Record](../dns/dns-zones-records.md#record-types)
 - Private endpoint information (FQDN record name and Private IP Address)
 
-The following diagram illustrates the DNS resolution sequence from an on premise network that conditionally forwards DNS traffic to Azure,where the resolution is made by an private DNS zone linked to a virtual network
+The following diagram illustrates the DNS resolution sequence from an on-premises network that conditionally forwards DNS traffic to Azure, where the resolution is made by a private DNS zone linked to a virtual network
 
 > [!IMPORTANT]
 > The conditional forwarding must be made to the [public DNS zone](#azure-services-dns-zone-configuration) Ex: `database.windows.net` , instead of **privatelink**.database.windows.net
 
-:::image type="content" source="media/private-endpoint-dns/on-premise-forwarding-to-azure.png" alt-text="On-premises forwarding to Azure DNS":::
+:::image type="content" source="media/private-endpoint-dns/on-premises-forwarding-to-azure.png" alt-text="On-premises forwarding to Azure DNS":::
 
 
 ## Next steps