Open Tbohunek opened 2 weeks ago
@Tbohunek Thanks for your feedback! We will investigate and update as appropriate.
Thanks @PesalaPavan Furthermore can you please check if the default rules contain also domains unrelated to privatelink? Like microsoft.com, sharepoint.com etc?
Ideally you would modify the product in a way such that the built-in rules are visible in the Ruleset directly, and that there would be a flipswitch to disable them all in one go without having to explicitly and unreliably maintain our own list.
This is inconsistent with PTR forwarding, where rule 10.in-addr.arpa.
will forward all queries, including ones for the IP address space of the vnet it is linked to, with no ability to exclude the Vnet address space from forwarding.
@Tbohunek Thank you for bringing this to our attention. I've delegated this to content author @greg-lindsay, who will review it and offer their insightful opinions.
Thank you @ManoharLakkoju-MSFT.
Just to provide a bit of context:
Hi, there seems to be small error with the explanation in https://learn.microsoft.com/en-us/azure/dns/private-resolver-endpoints-rulesets?source=docs#rule-processing
I have set up an explicit forwarding rule for
windows.net
, however queries likemystorage.blob.core.windows.net
do not get forwarded. Queries likemydb.database.windows.net
get forwarded. I have figured out that I must explicitly forward alsocore.windows.net
to make the above forward.Can you please clarify why that is?
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.