I'm trying to set up a hybrid connection from my on-premise network to Azure using Azure DNS Private Resolver, private DNS zones, and private endpoints. I understand that I can use a custom DNS in the spoke network, utilizing the inbound endpoint IP address of the Azure DNS Private Resolver as the custom DNS. But I'm wondering if I can also use the same inbound endpoint IP address as the custom DNS in the hub VNet to avoid requests going to the default Azure DNS. Specifically, my client wants to avoid the default private DNS zone value for services like blob storage, preferring to have a custom value like myorg.blob.xyz.com for resolving the blob private endpoint from our on-premise network.
2 Answers
To clarify, it sounds like your client doesn't want to use the standard DNS names like blob.core.windows.net for private endpoints. Instead, they're interested in using custom DNS names like myorg.blob.xyz.com. As for your question, it looks like you can indeed set up custom DNS in your hub VNet as long as you properly peer the networks and link your resolver along with all the private link zones. This way, you'll have one DNS resolver IP in your hub that serves multiple spokes, which should help manage DNS requests effectively.
Yes, you can manage your DNS setup across your hub and spoke networks. By peering the networks and ensuring the DNS resolver is correctly linked, you'll definitely be able to restrict requests going to Azure's default DNS. So, using custom DNS zone values for your different services should solve the issue you're facing.
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads