![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 73%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
690 questions
Hello @Andrea ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you would like to understand the costs associated with Azure DNS private resolver.
Azure DNS Private Resolver is a multitenant service but has some restrictions and limits that you need to consider. Below are some of the important restrictions that you should consider:
- DNS Private Resolver rule sets can only be linked to virtual networks that are within the same geographical region as the resolver.
- A virtual network can't contain more than one DNS private resolver.
- When you link a ruleset to a virtual network, resources within that virtual network use the DNS forwarding rules enabled in the ruleset. A ruleset can be linked to up to 500 virtual networks in the same region.
- You can also link a ruleset to a virtual network in another Azure subscription. However, the resource group specified must be in the same region as the private resolver.
- A single ruleset can be associated with up to 2 outbound endpoints belonging to the same DNS Private Resolver instance. It can't be associated with 2 outbound endpoints in two different DNS Private Resolver instances.
- Rule processing: https://learn.microsoft.com/en-us/azure/dns/private-resolver-endpoints-rulesets#rule-processing
Refer: https://learn.microsoft.com/en-us/azure/dns/private-resolver-hybrid-dns
https://learn.microsoft.com/en-us/azure/dns/private-resolver-endpoints-rulesets
https://learn.microsoft.com/en-us/azure/dns/dns-private-resolver-overview#restrictions
https://learn.microsoft.com/en-us/azure/dns/private-resolver-architecture
For Azure DNS Private Resolver pricing, you can refer: https://azure.microsoft.com/en-in/pricing/details/dns/
And also use the Pricing calculator to get the actual cost:
https://azure.microsoft.com/en-us/pricing/calculator/
So, if all your Azure Vnets are in a single region, you can use a single Azure DNS Private Resolver with a single inbound and outbound endpoint to link all your Vnets to it for dns resolution. The number of rulesets could vary depending upon your requirement.
But if you have Vnets in multiple regions, then a single Azure DNS Private Resolver will not work. You will need an Azure DNS Private Resolver for each region.
Kindly let us know if the above helps or you need further assistance on this issue.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 50%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)