Custom DNS Servers and Azure Private EndPoint

Shola Lawani 531 Reputation points Microsoft Employee
2020-10-05T19:50:06.843+00:00

Hello Experts,

If I'm using a custom dns server (such as Active Directory Domain Service which has been extended from On-prem) within my VNet in Azure and I need to create a private endpoint, is still required that I choose the option "Integrate with private DNS zone"?

If I don't choose that option, what do I need to do on my custom dns server in On-prem and Azure to ensure proper resolution of the resource FQDN to its private IP?

Do I create a new forward look up zone in the active directory DNS such as blob.core.windows.net (in this case of storage account) and then create the A record for StorageAccountA.privatelink.blob.core.windows.net?

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
598 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
469 questions
0 comments
Accepted answer
  1. TravisCragg-MSFT 5,676 Reputation points Microsoft Employee
    2020-10-05T21:04:38.197+00:00

    It is recommended to still forward the requests to a private DNS zone. Here is a doc outlining the scenario using a DNS forwarder.

    The most important thing is that when requests to 'blob.core.windows.net' are sent, they are directed to the PIP of the private link. This is required for HTTPs to work when connecting.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest