DNS Basics¶
DNS provides name resolution for Azure services, both within a VNet and across hybrid environments. Proper configuration is critical for service connectivity, especially when using Private Endpoints.
| Option | Resolution Scope | Customization |
|---|---|---|
| Azure-provided DNS | Internal VNet resolution. | None. |
| Custom DNS | External or on-prem servers. | Full control. |
| Private DNS Zones | Managed resolution for VNets. | High control. |
| Azure DNS Private Resolver | Hybrid DNS queries. | Managed service. |
mermaid graph TD User[App Service] --> Q{Query DNS?} Q -->|Private Endpoint| PEZ[Private DNS Zone] Q -->|Internal VNet| APD[Azure Provided DNS] Q -->|External| PAD[Public DNS] PEZ --> IP[Private IP] APD --> IP PAD --> PIP[Public IP]
Warning
Private Endpoint (PE) deployments without a properly linked Private DNS Zone are the most common source of networking issues. Clients will resolve the public IP but fail to connect privately.
Warning
Do not override a public DNS zone that is actively in use unless you also provide DNS forwarding or a fallback path to public resolution.
Do not reuse one Private DNS zone for multiple private endpoints of the same Azure service; it can break A records and resolution for existing endpoints.