Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
687 questions
Azure DNS Private Resolver is not returning private IP Address on Azure Resources
Ramasamy Balasubramanian
0
Reputation points
Private DNS Resolver is integrated with
Inbound - Front End IP -- Pointing to On-Premise DNS server
Outbound - Added Rules set with On-Premise DNS servers IP
VNET based virtual link is added
Custom DNS entry is added on all Spoke VNETs on Custom DNS section
NSG rules are created with DNS port only for Inbound and Outbound Private DNS resolver subnets
Firewall rule is enabled for On-premise DNS server pointing to Spoke VNETs based environments
Private DNS Zone and Private Link is created for Storage Account
While executing DNS resolution getting only public IP not Private IP which is assigned via private Link.
ex: getting DNS resolve only on Azure DNS
xyz.saaccount.privatelink.table.core.windows.net 168.63.129.16 Server : 168.63.129.16 Address : 168.63.129.16 Non-Authoritative answer: Name: xyz.saaccount.privatelink.table.core.windows.net Address : 192.168.6.16 --- private IP =====================================
Not getting DNS resolve via Private DNS
xyz.saaccount.privatelink.table.core.windows.net 192.168.0.6
Server : 192.168.0.6
Address : 192.168.0.6
Non-Authoritative answer:
Name: xyz.saaccount.privatelink.table.core.windows.net
Address : 52.239.222.113 - resolving public ip
============================================
Any Advice ????
{count} votes
-
KapilAnanth-MSFT 46,676 Reputation points Microsoft Employee2024-05-06T13:14:31.4266667+00:00 This looks like a misconfiguration at some step. I'd suggest you to please verify your configuration once more.
From your verbatim,
- I take it that when you use Azure wireserver IP, the resolution is properly happening to the private IP.
- But with the DNSInboundEndPoint, you are getting the Public IP.
From your setup,
- You didn't mention the use of "DNS forwarding ruleset". Are you using this?
- If so, please elaborate the set up.
- May I know from where you are trying to resolve the DNS? (from HubVNET or Spoke VNET or OnPrem)
Cheers,
Kapil
-
Ramasamy Balasubramanian 0 Reputation points
2024-05-22T19:02:55.3033333+00:00 Once Azure Private DNS resolver is integrated, could not able to add multi environment based VNETDNS-link.pngs on private DNS zone. Advice on it.
-
KapilAnanth-MSFT 46,676 Reputation points Microsoft Employee
2024-05-23T04:44:34.6366667+00:00 This is an expected behavior and is not related to Azure Private DNS resolver.
You will not be able to link a VNET with 2 Zones with the same name
Even without a Azure Private DNS resolver, this is the behavior.
See :
- I have 2 Zones of same name and one 1 is linked to a VNET
-
When I try to link the second domain (testdomain.com in privatednszonerg2) to the same VNET, I get the same error
You cannot link a VNET to two DNS Zones of same name - this is simply not supported by design.
Thanks,
Kapil
Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.
Sign in to comment
Sign in to answer