Share via

Azure Private DNS Zone resolution

Apurva Pathak 590 Reputation points
2024-06-19T12:59:55.3833333+00:00

Hi folks,

Hope you are doing well!

I have a doubt with regards to Azure Private DNS and Custom DNS Servers in Vnets as below:

As far I understand, if we are specifying custom DNS servers in Vnets then even Azure PaaS related private DNS zone resolution (let's say for Blob or File etc.) will be redirected to the custom DNS servers bypassing Azure DNS, then I will have to setup conditional forwarders to be able to resolve them. Is my understanding correct?

Now, what if I want my both of the setup work together, i.e. I want my Vnets to refer to my custom DNS servers as well as I want PaaS services resolutions to be redirected to Azure DNS.

Can this be achieved if I specify '168.63.129.16' as a custom DNS server in the Vnet? Apologies if this sound non-sensical/ silly but just wanted to clarify my doubt.

Also, is there any order of precedence in the custom DNS servers specified in the Vnets.

Thanks in advance!

Regards

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
689 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,490 questions
0 comments
Accepted answer
  1. KapilAnanth-MSFT 46,676 Reputation points Microsoft Employee
    2024-06-19T13:22:45.9966667+00:00

    @Apurva Pathak ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    Wrt,

    As far I understand, if we are specifying custom DNS servers in Vnets then even Azure PaaS related private DNS zone resolution (let's say for Blob or File etc.) will be redirected to the custom DNS servers bypassing Azure DNS, then I will have to setup conditional forwarders to be able to resolve them. Is my understanding correct?

    • Yes
    • This is correct.

    Your requirement :

    Now, what if I want my both of the setup work together, i.e. I want my Vnets to refer to my custom DNS servers as well as I want PaaS services resolutions to be redirected to Azure DNS.

    Wrt,

    Can this be achieved if I specify '168.63.129.16' as a custom DNS server in the Vnet? Apologies if this sound non-sensical/ silly but just wanted to clarify my doubt.

    • It is technically possible to define '168.63.129.16' as a custom DNS server in the VNet.
    • This will work but not as you expect.
    • It is because, as you mentioned, there is a order of precedence in the custom DNS servers specified in the VNet.
    • The order is the DNS servers specified in the VNET DNS configuration page.
    • See : DNS servers of a virtual network
      • User's image
      • What this means is that as long as the first DNS server is reachable, Azure will continue to use it even if it gives wrong or null response to the DNS Query.

    Kindly let us know if this helps or you need further assistance on this issue.

    Thanks,

    Kapil

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andreas Baumgarten 110.8K Reputation points MVP
    2024-06-19T13:14:53.1466667+00:00

    Hi @Apurva Pathak ,

    if I got your requirement right you want to use your custom DNS in combination with Azure private DNS.

    If my assumption is right it works the follows:

    Configure your custom DNS Server IP in the Custom DNS Settings of the vNets (not the Azure DNS IP!).

    Add a conditional forwarder on your custom DNS Server to an Azure Private Resolver

    Please take a look here: Azure Private Resolver with on-premises DNS forwarder

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards

    Andreas Baumgarten

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.