- VNet can use Azure DNS or custom/private DNS
- Azure DNS - 168.63.129.16
- From a VNet auto-register to one private DNS zone (check-box in Private Link)
- Can resolve to upto a 1000 DNS zones
- Each private DNS zone can link to a 1000 VNets
- Types:
- Private
- Create a Private Link to VNet which needs DNS resolution
- Public
- Private
- NS record for delegating a sub-domain
- Create Azure DNS zone and records
- For “Entra ID” only TXT or MX records
- For app service to register dns TXT or CNAME record
Private DNS Resolver service
- Inbound (just an IP) and Outbound endpoint
- My on prem DNS can forward to inbound endpoint (which is just an IP)
- Forwarding rule sets can be created to resolve in Azure my onprem DNS
- Can be linked to different VNets
Dangling DNS
- Create an alias to a resource
- After time resource is deleted
- But alias still points to it
- Bad actor can create a service with the same record name
- So now my alias points to bad actor’s service
split horizon scenario
- Azure VM has Public IP Address and Azure Private IP Address
- We create 2 zones - public and private
- Configure the associated VNet to register to dns automatically
- Then private dns zone will have A record with private ip
- Public dns zone will have public ip
references:
- A is the host record, and is the most common type of DNS record. It maps the domain or host name to the IP address.
- CNAME is a Canonical Name record that’s used to create an alias from one domain name to another domain name. If you had different domain names that all accessed the same website, you’d use CNAME.
- MX is the mail exchange record. It maps mail requests to your mail server, whether hosted on-premises or in the cloud.
- TXT is the text record. It’s used to associate text strings with a domain name. Azure and Microsoft 365 use TXT records to verify domain ownership.
Additionally, there are the following record types:
- Wildcards
- CAA (certificate authority)
- NS (name server)
- SOA (start of authority)
- SPF (sender policy framework)
- SRV (server locations)
Subscribe to NordLetter
A weekly newsletter on living in Finland.