This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 56.00000000000001%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
I have an Azure SQL Managed Instance configured with Private Link.
From on-premises (or a closed client network), Resolve-DnsName shows the privatelink.database.windows.net and the worker.vnet.database.windows.net CNAME, but does not return an IP. As a result, connections from SSMS fail with “No such host is known” or TCP port 1433 unavailable. If we force IP in the hosts file, connectivity works but its not best practice.
*.privatelink.database.windows.net names from an on-premises or closed environment? Do we need DNS forwarding to Azure DNS? Or should we use an Azure Private DNS zone linked to our VNets?An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
Answer accepted by question author
Hi Julie,
Typically you would use either Azure DNS Private Resolver or your own DNS server VM in Azure to resolve the private endpoint IP. On premises you would have DNS server with conditional forwarding that sends DNS queries to DNS Private Resolver/DNS VM.
Please click Accept Answer and upvote if the above was helpful.
Thanks.
-TP