Hello anonymous user ,
It is correct that for on-premises workloads to resolve an FQDN of a private endpoint into the private IP address, you must use a DNS forwarder in Azure, which in turn is responsible for resolving all the DNS queries via a server-level forwarder to the Azure-provided DNS 168.63.129.16.
If you check the table in Name resolution for resources in Azure virtual networks article, you can find the below:
Currently, there is no other way to accomplish this requirement but Azure Private DNS Zone resolution from OnPremise is planned and is on the roadmap. You can vote for this feature in the below forum:
https://feedback.azure.com/forums/217313-networking/suggestions/36317164-azure-private-dns-zone-resolution-from-onpremise
Hence, at the moment, you need to configure your on-premises DNS solution to forward DNS traffic to Azure DNS via a conditional forwarder that references the DNS forwarder deployed in Azure.
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.