Connection to multiple Private DNS with Private Links

Marcus Jung 0 Reputation points
2023-09-15T19:02:40.9233333+00:00

Hi everybody,

I'm a freelancer for setting up cloud environments with infrastructure as code and supporting small/medium companies for their cloud journey.

The current situation is that my infrastructure is connected via Azure VPN with the multiple customer Azure environments (1:n).

The customers uses the private DNS setup like Microsoft supports and recommends it, using

*.privatelink.blob.core.windows.net or *.blob.core.windows.net for storage accounts.

(https://video2.skills-academy.com/de-de/azure/private-link/private-endpoint-dns)

Example:

--

I'm connected via Azure VPN with the customers Azure subscriptions / network.

Me as freelancer:

  • uses network 172.17.0.0/XX with all requirement technology like AD, DNS, Exchange, ....

Company A:

  • creates storage storage account compA (dns: sacompA.blob.core.windows.net, sacompA.privatelink.blob.core.windows.net) with private network / ip address: 10.200.1.1 for storage account

Company B:

  • creates storage storage account compB (dns: sacompB.blob.core.windows.net, sacompB.privatelink.blob.core.windows.net) with private network / ip address: 10.201.1.1 for storage account

Company C:

  • analogical like the examples above
  • .....

Question:

How can my (local) machines from my network and automation resolve private DNS entries for multiple private DNS zones with the the same pattern? At this moment I'm using private managed DNS entries in my local network but this will scale not very well in future.

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
631 questions
Azure
Azure
A cloud computing platform and infrastructure for building, deploying and managing applications and services through a worldwide network of Microsoft-managed datacenters.
1,065 questions
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
492 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Luis Arias 5,981 Reputation points
    2023-09-15T19:51:03.96+00:00

    Hello Marcus,

    You can use Azure DNS Private resolver to make work this name resolutionin your environment.

    Guied: https://video2.skills-academy.com/en-us/azure/dns/private-resolver-hybrid-dns#create-an-azure-dns-private-resolver

    1. Create DNS private resolver using the IP accessivble by your network (https://video2.skills-academy.com/en-us/azure/dns/private-resolver-endpoints-rulesets)
    2. In your DNS (Freelance network 172.17.0.0/XX) add a conditional fordwarder to this IP of Step 1
    3. Nslookup to your domains to test

    Regards,

    Luis

    If the information helped address your question, please Accept the answer.