Hi folks, I have a VNet, a private DNS zone e.g. private.brezel.com , and a link with auto registration between them. If I add a new VM e.g. capp l to the VNet, an A record capp pointing at the VM will be automatically created in the private DNS zone, so the VPN is reachable at capp.private.brezel.com . The same seams to don't work with private Endpoints, which becomes capp.privatelink.blob.core.windows.net . Why? Thanks, speechkey

@Artem Grebenkin , Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well. This is an expected behavior The Azure DNS private zones auto registration feature is expected to work with VMs only. See : What is the auto registration feature in Azure DNS private zones? For Private EndPoints, you can specify if or not you want to update the record in a Private DNS Zone by using the "Integrate with private DNS zone" field while creating the PE. If you click "Yes" and, If the resource group already has a Private DNS Zone of the same name, the A record gets updated- If the resource group does not already has a Private DNS Zone, it creates a new zone and also adds the A record Thanks, Kapil Please Accept an answer if correct. Original posters help the community find answers faster by identifying the correct answer.

Private DNS Zone with custom Domain name auto-registration for private Endpoints

Accepted answer

KapilAnanth-MSFT 38,791 Reputation points Microsoft Employee

2024-05-23T05:47:23.95+00:00
@Artem Grebenkin ,

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

This is an expected behavior

The Azure DNS private zones auto registration feature is expected to work with VMs only.

See : What is the auto registration feature in Azure DNS private zones?

For Private EndPoints, you can specify if or not you want to update the record in a Private DNS Zone by using the "Integrate with private DNS zone" field while creating the PE.

If you click "Yes" and,

If the resource group already has a Private DNS Zone of the same name, the A record gets updated-

If the resource group does not already has a Private DNS Zone, it creates a new zone and also adds the A record

Thanks,

Kapil

Please Accept an answer if correct.

Original posters help the community find answers faster by identifying the correct answer.
Please sign in to rate this answer.
Artem Grebenkin 20 Reputation points

2024-05-23T06:33:14.7066667+00:00

Thank you for answering,

exactly, at 4th step DNS I can only select the predefined DNS zone e.g. privatelink.blob.core.windows.net. I would like to use my own private.artem...kin.com , which I've already created:

Artem Grebenkin 20 Reputation points

2024-05-23T06:38:19.52+00:00

Thank you for answering, exactly at 4th step DNS I am only able to select a Microsoft predefined DNS zone e.g. privatelink.blob.core.windows.net, which will be created if not already exists.

I would like to use my own created private DNS zone:

KapilAnanth-MSFT 38,791 Reputation points Microsoft Employee

2024-05-23T14:32:09.09+00:00

@Artem Grebenkin ,

Thank you for sharing the details.

We already established that auto registration feature is expected to work with VMs only.

Now using a custom DNS Zone with Private EndPoint is not supported natively in Azure.

This means, you can add the Private EndPoint's IP to your custom DNS Zone, but this should be done manually

Even if you use a Private DNS Zone group to group your custom domain and "privatelink.blob.core.windows.net", only the "privatelink.blob.core.windows.net" will get updated with the PE IP's values

This is by design

NOTE : Private DNS zone group is supposed to be used with Private EndPoints of PaaS Services that require two or more zones to work - not used to update custom domains (even when the custom domain is added to the group)

See :
- I added a custom domain and "privatelink.blob.core.windows.net" post creating the PE

But only the "privatelink.blob.core.windows.net" zone gets auto updated with the PE's IP

If your requirement is to use a custom Private DNS Zone with PE, You should manually update the custom Private DNS Zone with the PE's IP.

I hope this adds more clarity.

Thanks,

Kapil

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.
Sign in to comment

Share via

Private DNS Zone with custom Domain name auto-registration for private Endpoints

0 additional answers