PesalaPavan
commented
2 weeks ago @Tbohunek Thanks for your feedback! We will investigate and update as appropriate.
Open Tbohunek opened 2 weeks ago
PesalaPavan
commented
2 weeks ago @Tbohunek Thanks for your feedback! We will investigate and update as appropriate.
Tbohunek
commented
1 week ago Thanks @PesalaPavan Furthermore can you please check if the default rules contain also domains unrelated to privatelink? Like microsoft.com, sharepoint.com etc?
Ideally you would modify the product in a way such that the built-in rules are visible in the Ruleset directly, and that there would be a flipswitch to disable them all in one go without having to explicitly and unreliably maintain our own list.
Tbohunek
commented
1 week ago This is inconsistent with PTR forwarding, where rule 10.in-addr.arpa. will forward all queries, including ones for the IP address space of the vnet it is linked to, with no ability to exclude the Vnet address space from forwarding.
ManoharLakkoju-MSFT
commented
1 week ago @Tbohunek Thank you for bringing this to our attention. I've delegated this to content author @greg-lindsay, who will review it and offer their insightful opinions.
Tbohunek
commented
1 week ago Thank you @ManoharLakkoju-MSFT.
Just to provide a bit of context:
Hi, there seems to be small error with the explanation in https://learn.microsoft.com/en-us/azure/dns/private-resolver-endpoints-rulesets?source=docs#rule-processing
I have set up an explicit forwarding rule for
windows.net, however queries likemystorage.blob.core.windows.netdo not get forwarded. Queries likemydb.database.windows.netget forwarded. I have figured out that I must explicitly forward alsocore.windows.netto make the above forward.Can you please clarify why that is?
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.