Azure DNS

Interlabz Technologies 1
 What is Azure DNS?
• Azure DNS is a hosting service for DNS domains that
provides name resolution by using Microsoft Azure
infrastructure. By hosting your domains in Azure, you can
manage your DNS records by using the same credentials,
APIs, tools, and billing as your other Azure services.
• DNS domains in Azure DNS are hosted on Azure's global
network of DNS name servers. Azure DNS uses anycast
networking. Each DNS query is answered by the closest
available DNS server to provide fast performance and
high availability for your domain.

Interlabz Technologies 2
 Security
• Azure DNS is based on Azure Resource Manager, which provides
features such as:
• Role-based access control to control who has access to specific
actions for your organization.
• Activity logs to monitor how a user in your organization modified a
resource or to find an error when troubleshooting.
• Resource locking to lock a subscription, resource group, or resource.
Locking prevents other users in your organization from accidentally
deleting or modifying critical resources.
• Azure DNS does not currently support DNSSEC. In most cases, you
can reduce the need for DNSSEC by consistently using HTTPS/TLS in
your applications. If DNSSEC is a critical requirement for your DNS
zones, you can host these zones with third party DNS hosting
providers.
Interlabz Technologies 3
 Alias records
• Azure DNS supports alias record sets. You can use an alias
record set to refer to an Azure resource, such as an Azure
public IP address, an Azure Traffic Manager profile, or an
Azure Content Delivery Network (CDN) endpoint. If the IP
address of the underlying resource changes, the alias
record set seamlessly updates itself during DNS resolution.
The alias record set points to the service instance, and the
service instance is associated with an IP address.
• Also, you can now point your apex or naked domain to a
Traffic Manager profile or CDN endpoint using an alias
record. An example is contoso.com.

Interlabz Technologies 4
• Azure DNS alias records are qualifications on a DNS record set.
They can reference other Azure resources from within your DNS
zone. For example, you can create an alias record set that
references an Azure public IP address instead of an A record. Your
alias record set points to an Azure public IP address service
instance dynamically. As a result, the alias record set seamlessly
updates itself during DNS resolution.
• An alias record set is supported for the following record types in
an Azure DNS zone:
• A
• AAAA
• CNAME

Interlabz Technologies 5
 Capabilities
• Point to a public IP resource from a DNS A/AAAA record set. You
can create an A/AAAA record set and make it an alias record set
to point to a public IP resource (standard or basic). The DNS
record set changes automatically if the public IP address changes
or is deleted. Dangling DNS records that point to incorrect IP
addresses are avoided.
• There is a current limit of 20 alias records sets per resource.
• Point to another DNS record set within the same zone. Alias
records can reference other record sets of the same type. For
example, a DNS CNAME record set can be an alias to another
CNAME record set. This arrangement is useful if you want some
record sets to be aliases and some non-aliases.

Interlabz Technologies 6
• Point to a Traffic Manager profile from a DNS A/AAAA/CNAME
record set. You can create an A/AAAA or CNAME record set and use
alias records to point it to a Traffic Manager profile. It's especially
useful when you need to route traffic at a zone apex, as traditional
CNAME records aren't supported for a zone apex. For example, say
your Traffic Manager profile is myprofile.trafficmanager.net and
your business DNS zone is contoso.com. You can create an alias
record set of type A/AAAA for contoso.com (the zone apex) and
point to myprofile.trafficmanager.net.
• Point to an Azure Content Delivery Network (CDN) endpoint. This
is useful when you create static websites using Azure storage and
Azure CDN.

Interlabz Technologies 7
Create an Azure DNS zone and record using
the Azure portal
• You can configure Azure DNS to resolve host names
in your public domain. For example, if you
purchased the contoso.xyz domain name from a
domain name registrar, you can configure Azure DNS
to host the contoso.xyz domain and resolve 
www.contoso.xyz to the IP address of your web
server or web app.
• We will create a test domain, and then create an
address record to resolve www to the IP
address 10.10.10.10.
Interlabz Technologies 8
 Create a DNS zone
• A DNS zone contains the DNS entries for a domain. To start hosting
your domain in Azure DNS, you create a DNS zone for that domain
name.
• To create the DNS zone:
• At upper left, select Create a resource, then Networking, and
then DNS zone.
• On the Create DNS zone page, type or select the following values:
– Name: Type contoso.xyz for this quickstart example. The DNS zone name
can be any value that is not already configured on the Azure DNS servers.
A real-world value would be a domain that you bought from a domain
name registrar.
– Resource group: Select Create new, enter MyResourceGroup, and
select OK. The resource group name must be unique within the Azure
subscription.
• Select Create.
Interlabz Technologies 9
Interlabz Technologies 10
 Create a DNS record
• You create DNS entries or records for your domain
inside the DNS zone. Create a new address record or
'A' record to resolve a host name to an IPv4 address.
• To create an 'A' record:
• In the Azure portal, under All resources, open
the contoso.xyz DNS zone in
the MyResourceGroup resource group. You can
enter contoso.xyz in the Filter by name box to find it
more easily.
• At the top of the DNS zone page, select + Record set.
Interlabz Technologies 11
• On the Add record set page, type or select the following values:
• Name: Type www. The record name is the host name that you want
to resolve to the specified IP address.
• Type: Select A. 'A' records are the most common, but there are
other record types for mail servers ('MX'), IP v6 addresses ('AAAA'),
and so on.
• TTL: Type 1. Time-to-live of the DNS request specifies how long DNS
servers and clients can cache a response.
• TTL unit: Select Hours. This is the time unit for the TTL value.
• IP address: For this quickstart example, type 10.10.10.10. This value
is the IP address the record name resolves to. In a real-world
scenario, you would enter the public IP address for your web server.

Interlabz Technologies 12
 What is Azure Private DNS?
• In addition to supporting internet-facing DNS domains, Azure DNS
also supports private DNS zones.
• Azure Private DNS provides a reliable, secure DNS service to manage
and resolve domain names in a virtual network without the need to
add a custom DNS solution. By using private DNS zones, you can use
your own custom domain names rather than the Azure-provided
names available today. Using custom domain names helps you to
tailor your virtual network architecture to best suit your
organization's needs. It provides name resolution for virtual
machines (VMs) within a virtual network and between virtual
networks. Additionally, you can configure zones names with a split-
horizon view, which allows a private and a public DNS zone to share
the name.

Interlabz Technologies 13
• To resolve the records of a private DNS zone from your
virtual network, you must link the virtual network with
the zone. Linked virtual networks have full access and can
resolve all DNS records published in the private zone.
Additionally, you can also enable autoregistration on a
virtual network link. If you enable autoregistration on a
virtual network link, the DNS records for the virtual
machines on that virtual network are registered in the
private zone. When autoregistration is enabled, Azure
DNS also updates the zone records whenever a virtual
machine is created, changes its' IP address, or is deleted.

Interlabz Technologies 14
As a best practice, do not use a .local domain for your private
DNS zone. Not all operating systems support this.

Interlabz Technologies 15
 Benefits
Azure Private DNS provides the following benefits:

• Removes the need for custom DNS solutions. Previously, many

customers created custom DNS solutions to manage DNS zones in
their virtual network. You can now manage DNS zones using the
native Azure infrastructure, which removes the burden of creating
and managing custom DNS solutions.
• Use all common DNS records types. Azure DNS supports A, AAAA,
CNAME, MX, PTR, SOA, SRV, and TXT records.
• Automatic hostname record management. Along with hosting
your custom DNS records, Azure automatically maintains
hostname records for the VMs in the specified virtual networks. In
this scenario, you can optimize the domain names you use without
needing to create custom DNS solutions or modify applications.
Interlabz Technologies 16
 END

Interlabz Technologies 17