azure-private-dnsazure-private-dns-zone

How to make sure a Private DNS zone is resolving a given private ip?


The use case scenario here is that the private DNS resolves an internal IP acting as the default gateway of an API Manager - APIM.

In front of APIM, there is an Application Gateway with a backend pool targeting the private DNS.

I can see that the backend health status is unknown, and it might be related to the FQDN - associated with an internal Ip, not being resolved, but how can I make sure that it is the actual problem?


Solution

  • You can try either of the following ways to make sure Private DNS zone is resolving a given private IP.

    Workaround 1:

    1. Create an Azure VNet with a DNS private zone like private.test.com.
    2. Create a VM and a VPN gateway on that VNet. Enable VNet integration.
    3. with my Azure web app service.

    Workaround 2:

    1. Deploy new Azure Private DNS Zones in your Azure environment part of private endpoint deployment. (Default option)
    2. Use existing Azure Private DNS Zones. Use this option if you using a private endpoint in a hub-and-spoke model from a different subscription or even within the same subscription.
    3. Use your own DNS Servers if you do not use DNS forwarders and instead you manage A records directly in your on-premises DNS servers.

    Reference: Azure DNS zone record not resolving to specified IP from App service to Virtual Machine - Stack Overflow and Configure DNS Name Resolution for private endpoints - Azure Purview | Microsoft Docs