Closed svdHero closed 1 year ago
@svdHero Thanks for your feedback! We will investigate and update as appropriate.
@SaurabhSharma-MSFT Thank you. Could you already give me some advice what to use? What would you recommend for DNS Forwarder?
Hello @svdHero, apologies for the delayed response here. You can refer to this DNS forwarder template which utilizes a VM(1x Standard A1 v2 SKU) for DNS forwarding. I am afraid there is no other Azure PaaS service which can act as DNS forwarder as you have to create a windows\Linux based DNS server. Please let us know if you have any additional questions. Thank you!
We will now proceed to close this issue out. Please tag me in your response if there are any additional concerns.
Thank you for your help. I am very grateful for the link to the ARM template.
@ChaitanyaNaykodi-MSFT I actually do have a follow-up question:
Since I already have set up my hub-spoke-architecture with existing VNets, what would be the fastest and easiest way to use said template with existing VNets? For testing purpose I just clicked the "Deploy to Azure" button which is great, but which created a dnsproxy-vnet that conflicted with my other VNets and which also did not adhere to our company naming convention of Azure resources.
I also created a feature request for this: https://github.com/Azure/azure-quickstart-templates/issues/11923
However, can you give me advice for a quick solution? In particular, I am not sure how to deal with _artifactsLocation
in order to provide forwarderSetup.sh
. We are using Azure DevOps in my company. Should I just create a public git repo there, upload forwarderSetup.sh
and point the modified template to it?
@ChaitanyaNaykodi-MSFT ... could you please comment/gather feedback on using Azure Firewall as the DNS forwarder as that would avoid maintaining VMs for that purpose (SaaS all (most of) the things! :-) ). The approach seems to have been documented by someone at Microsoft at https://github.com/adstuart/azure-privatelink-dns-azurefirewall but we have not evaluated the feasibility yet.
Thanks.
Hello @svdHero, apologies for the delayed response here. I think the proposed solution should work, please let me know if you are facing any issues. @sopelt, thank you for pointing this Azure Firewall as a DNS forwarder solution to us. I am reopening and assigning this issue to @ivapplyr to review further and update the document.
Hello @ivapplyr, just following up here. Any help in help in updating the documentation will be very helpful. Thank you!
We can use this as DNS forwarder: https://azure.microsoft.com/en-us/resources/templates/dns-forwarder/
@svdHero
Thank you for the feedback. We now have a service called Azure Private Resolver that eliminates the need for a DNS forwarder VM. The following links will give more information:
https://learn.microsoft.com/en-us/azure/dns/dns-private-resolver-overview
https://learn.microsoft.com/en-us/azure/private-link/tutorial-dns-on-premises-private-resolver
The documentation talks about the VM "DNS Forwarder". It reads:
So now I understand what it does and why it is needed. However, I do not know how to set up or configure such a DNS Forwarder.
What kind of software can I use to achieve the DNS forwarding? Can I use a Linux VM with some out-of-the-box DNS server software? What is the best practice here? Or can I also use some low-cost Azure PaaS that acts as the DNS Forwarder?
I would highly appreciate some information in this regard. Maybe the documentation could elaborate on this a little bit? That would be especially helpful for DevOps that are more on the Dev-side of things like myself.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.