VNET link to multiple private DNS zones

Freya Feng 26 Reputation points Microsoft Employee
2021-09-22T09:03:14.077+00:00
  1. we have a group of subscriptions, each of them has their own private DNS zone deployed with different private endpoints. One thing to highlight here is that all of these zones would have exact same name. e.g. privatelink.database.windows.net
  2. we also have a management subscription with a management VNET, where our custom DNS server is located.
  3. for all other subscriptions, we use that custom DNS server. but for private endpoint, we have to link this management VNET to all the existing private DNS zones
  4. the issue is we can't link one VNET to multiple DNS zones with the same name. workaround here is to manually add all the DNS records together. But we really don't want it to be manually managed.

ASK: will MS consider to allow one VNET link to multiple zones with the same name? or any other workaround here would be highly appreciated.

Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
462 questions
0 comments
Accepted answer
  1. GitaraniSharma-MSFT 47,421 Reputation points Microsoft Employee
    2021-09-22T15:51:24.857+00:00

    Hello @Anonymous ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    If you're using a private endpoint in a hub-and-spoke model from a different subscription or even within the same subscription, it is recommended to link the same private DNS zones to all spokes and hub virtual networks that contain clients that need DNS resolution from the zones.

    134365-image.png

    A single private DNS zone is required for this configuration. Creating multiple zones with the same name for different virtual networks would need manual operations to merge the DNS records.
    This is a known limitation and can be found documented in the below article:
    https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns#virtual-network-workloads-without-custom-dns-server

    However, we will note your feature request and will forward this to the Product team for future improvements.

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest