Connecting two azure ressources in two different regions

Abdelrahman ELGAMAL 6 Reputation points
2021-08-27T07:08:36.193+00:00

Hello,
I need to use two Azure resources in two different regions.
I have an App service which is in the WE region for which I would like it to connect to an Azure SQL database which is in the NE region.

I have made many attempts to connect via the 'private end point' without success.

Example:

When I ping the FQDN of my private EndPoint, I have a KO:
tcpping observabilitedevsrv.privatelink.database.windows.net:1433
Connection attempt failed: No such host is known

However when I ping the IP it gives me an OK:
Connected to 172.16.101.4:1433, time taken: 46ms

Regarding the connection string in my app, contains the FQDN of my private link in the data source = MyDB.privatelink.database.windows.net

Can you please help me ?

Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
470 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,964 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. SaiKishor-MSFT 17,201 Reputation points
    2021-08-27T09:43:19.15+00:00

    @AbdelrahmanELGAMAL-3271 Thank you for reaching out to Microsoft Q&A.

    Can you confirm what DNS server your App server is using? As given here in Azure Private Endpoint DNS configuration document:

    It's important to correctly configure your DNS settings to resolve the private endpoint IP address to the fully qualified domain name (FQDN) of the connection string.

    Existing Microsoft Azure services might already have a DNS configuration for a public endpoint. This configuration must be overridden to connect using your private endpoint.

    The network interface associated with the private endpoint contains the information to configure your DNS. The network interface information includes FQDN and private IP addresses for your private link resource.

    You can use the following options to configure your DNS settings for private endpoints:

    1. Use the host file (only recommended for testing). You can use the host file on a virtual machine to override the DNS.
    2. Use a private DNS zone. You can use private DNS zones to override the DNS resolution for a private endpoint. A private DNS zone can be linked to your virtual network to resolve specific domains.
    3. Use your DNS forwarder (optional). You can use your DNS forwarder to override the DNS resolution for a private link resource. Create a DNS forwarding rule to use a private DNS zone on your DNS server hosted in a virtual network.

    Hope this helps. Please let us know if you have any further questions and we will be glad to assist you further. Thank you!

    Remember:

    Please accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer. Here is how.

    Want a reminder to come back and check responses? Here is how to subscribe to a notification.

    1 person found this answer helpful.
  2. Abdelrahman ELGAMAL 6 Reputation points
    2021-08-30T18:14:18.59+00:00

    I finally found the solution after many hours of KO :

    I changed the value of WEBSITE_VNET_ROUTE_ALL of my AppService configuration to be "0"
    I "Enabled" the Route All flag in the VNet configured to my AppService.

    That is All,

    Thanks another time @SaiKishor-MSFT

    Have a good day,

    Regards,
    Abdelrahman ELGAMAL

    1 person found this answer helpful.