Share via

Best Practice DNS settings for a domain controller (VM) in Azure

Sam Na 46 Reputation points
2024-01-20T19:27:01.97+00:00

We have extended our on-prem services to Azure, and we have multiple Azure VMs (2022 domain controllers) in different regions. (no networking issues at all) Just wanted to know the best practices when it comes to DNS settings:

1- Which option on the Azure side would be the best-> the "Inherit from Vnet" or "Custome DNS Servers" option? (NIC settings, the Azure side)

2- Should we leave the DNS settings as "Obtain DNS Server automatically" or we should enter the preferred DNS server addresses? (On the NIC, inside the Azure VM-2022 Server).

3- DNS forwarders-> is using 168.63.129.16 necessary? (if we are NOT planning to use private DNS features).

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
603 questions
Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,198 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,262 questions
Accepted answer
  1. Konstantinos Passadis 17,376 Reputation points MVP
    2024-01-20T19:39:30.32+00:00

    Hello @Sam Na !

    Your questions are valid , allow me to help !

    1. Usually for the reason of central management and configuration it i better to manage global settings rather than specifics. Unless your needs instruct otherwise better stay inherited
    2. For an Azure VM we never touch the NIC setting. It is a SOS !
    3. Yes , Azure DNS is perfectly fine for a standard DNS resolver , unless you have specific needs via VPN , On Prem Applications.

    Keep in mind it is not a one size fits all ! Your needs are setting the stage !

    Reference Links

    https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/dns-for-on-premises-and-azure-resources

    https://learn.microsoft.com/en-us/azure/architecture/hybrid/hybrid-dns-infra

    --

    I hope this helps!

    Kindly mark the answer as Accepted and Upvote in case it helped! Regards

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ned Studt (MSC Technology North America) 0 Reputation points
    2024-03-04T14:56:26.6833333+00:00

    Hey Sam,

    1- Which option on the Azure side would be the best-> the "Inherit from Vnet" or "Custome DNS Servers" option? (NIC settings, the Azure side)

    Use the vNets custom DNS and enter in the DC/DNS servers in/closest to your vNet.

    2- Should we leave the DNS settings as "Obtain DNS Server automatically" or we should enter the preferred DNS server addresses? (On the NIC, inside the Azure VM-2022 Server).

    Each DC/DNS server should still use 127.0.0.1 as its first entry once setup is complete.

    3- DNS forwarders-> is using 168.63.129.16 necessary? (if we are NOT planning to use private DNS features).

    Set 168.63.129.16 as forwarder for each DNS server.

    0 comments