SlideShare a Scribd company logo

Azure DNS Privé

AZUG FR
AZUG FR

Azure Private DNS allows DNS resolution across Azure virtual networks and hybrid scenarios. It provides name resolution for private domains within and between Azure virtual networks. The solution demonstrated used Azure Private DNS zones to enable name resolution across multiple virtual networks in a hub-spoke topology, including resolution between an on-premises network and Azure virtual networks. DNS forwarders were used to resolve names from on-premises to the Azure DNS system. While the solution addressed many scenarios, Azure Private DNS has limitations including supporting a single registration network per zone and conditional forwarding.

Technology
1 of 30
Azure Private DNS Private DNS in Complex Azure Environments with Azure DNS Antoine Seignard, Marius Zaharia
A BIG thank you to the 2019 Global Sponsors!
www.azug.fr © 2019 AZUG FR. All Rights Reserved. 3 Agenda • Recall – DNS • Azure DNS • Azure Private DNS • Contexte & Scenario • Solution & Demo • "REX"/Feedback • Conclusion
www.azug.fr © 2019 AZUG FR. All Rights Reserved. 4 Meet the Team Un enthousiaste du cloud, qui aime aider les gens à sortir de l'informatique plutôt traditionnelle en proposant des chemins pour adopter les bons réflexes du Cloud Public et accélérer la transformation. Antoine Seignard Azure DevOps, Société Générale Azure MVP & Advisor Community Manager, AZUG FR Marius Zaharia Azure Tech Lead, Société Générale www.linkedin.com/in/mzaharia/ lecampusazure
Azure DNS
6 Recall – DNS • DNS (Domain Name System) resolves the names of internet sites with their underlying IP addresses • Public DNS / Private DNS EX: www.example.com => 12.34.56.78 (IPv4) • DNS Servers : • (Recursive) Resolver / • Root Domain / • Top Level Domain (TLD) / • Autoritative nameserver A DNS workflow Credit: cloudflare.com
7 Recall – DNS (2) • IP vs FQDN • Registrar • DNS Zone • DNS Records • A • AAAA • CNAME • PTR • NS • MX • SRV • TXT • … >nslookup www.google.com Serveur : UnKnown Address: fe80::a63e:51ff:fe7a:6dc6 Non authoritative answer: Name: www.google.com Addresses: 2a00:1450:4007:80c::2004 216.58.209.228
8 Azure DNS • Azure DNS: hosting service for DNS domains that provides name resolution by using Microsoft Azure infrastructure. • Manage your DNS records by using the same credentials, APIs, tools, and billing as other Azure services Benefits • Managed service • RBAC • Activity logging • Resource locking • Azure DNS supports all common DNS record types: A, AAAA, CAA, CNAME, MX, NS, PTR, SOA, SRV, and TXT
9 Azure DNS Delegation • Delegate the DNS resolution responsibility to specific name servers • In the registrar's DNS management page, edit the NS records and replace the NS records with the Azure DNS name servers
10 Azure DNS for private domains • Use our own custom domain names rather than the Azure-provided names, in private network space • Service in public preview today Benefits • Managed service • Automatic hostname record management • Hostname resolution between virtual networks • Split-horizon DNS support
11 Azure DNS for private domains Concepts • Resolution virtual networks: VNETs that are allowed to resolve records within the zone • Registration virtual network: a VNET for which Azure DNS maintains hostname records whenever a VM is created, changes IP, or is deleted Other capabilities • Reverse DNS lookup is supported within the virtual-network scope
12 Azure DNS Private Zones scenarios • Scenario: Name Resolution scoped to a single virtual network
13 Azure DNS Private Zones scenarios • Scenario: Name Resolution across virtual networks
14 Azure DNS Private Zones scenarios • Scenario: Split-Horizon
Context and Scenario
16 Context and Scenario Enteprise context: • Existing (legacy) IT infrastructure (on-premises) • Additional (new) infrastructure in the Azure cloud • Hybrid cloud connection, via VPN or ExpressRoute • Multiple applications in the Cloud • Multiple VNETs • Hub & Spoke network topology • DNS resolution necessary across VNETs • DNS resolution necessary between on-prem and cloud Hub & Spoke VNET topology
Solution
18 Solution - Architecture Hub vnet Front VM Client VM Local IS App 1 vnet Forwarder DNS Hub DNS zone App DNS zone Local LAN ExpressRoute App 2 DNS zone Azure App n DNS zone
DEMO
20 Demo scenario hub-vnet vm-lin-dns1 vm-lin-web01 vm-web-rdp local-vnet app-vnet vm-lin-dns0 10.0.20.0/24 10.0.10.0/24 10.0.30.0/24 hub.gab2019.local app.gab2019.local local.gab2019.local
21 Solution configuration • Azure resources • VNETs + peerings • 3 vnets • Hub-vnet • Local-vnet • App-vnet • Spoke vnets are connected to the hub vnet • Azure DNS Private zones • Each vnet is hosting a Azure private DNS zone • Forwarder DNS servers (IaaS) • 2 DNS Forwarder in 1 avset • Test / Demo VMs • 1 client Windows VM on the local-vnet • 1 Linux Apache server on the app-vnet • DNS Forwarder • Bind server • Forward all requests to Azure main DNS service (168.63.129.16) • Custom DNS Zones • hub.gab2019.local • local.gab2019.local • app.gab2019.local • www.app.gab2019.local
“REX” Azure DNS
23 Service limitations (as of today) • Only one registration virtual network is allowed per private zone • Up to 10 resolution VNETs allowed per private zone (preview limit) • Reverse DNS works only for private IP space in the registration VNET. • Reverse DNS for a private IP that isn't registered in the private zone returns internal.cloudapp.net as the DNS suffix. • • The VNET must be completely empty the first time you link it • However, the virtual network can then be non-empty for future linking as a registration or resolution virtual network, to other private zones. • VM record not viewable or retrievable from the Azure Powershell and Azure CLI APIs. • They are indeed registered and will resolve successfully. • Currently, conditional forwarding is not supported • DNS delegation is not supported (in private DNS) • Creation only via scripts • DNSSEC not supported
24 Our feedback • For a full Azure environment the solution does not need any VM • Records management via the portal makes management easier • Create records using the Azure API: allows for more industrialized management • No zone file to manage • Today the service is not hyper scalable • DNS Forwarder VM needed in hybrid scenarios • Flat zone model only
Conclusion
26 Conclusion PROS • Very good time-to-market, as a fully managed service • Azure DNS addresses a large number of simple DNS scenarios • Specific features like VM autoregistration augment productivity CONS • Service not completely mature as today • Hybrid complex scenarios require more investment
www.azug.fr © 2019 AZUG FR. All Rights Reserved. 27 Merci à nos sponsors LOCAUX
Sponsors internationaux
www.azug.fr © 2019 AZUG FR. All Rights Reserved. 29 Nous suivre Facebook facebook.com/groups/azugfr/ Twitter twitter.com/AZUGFR Meetup meetup.com/AZUG-FR/ LinkedIn https://www.linkedin.com/groups/8315615 Web www.azug.fr
Merci d’être venus A bientôt !

Recommended

Azure DNS Private Resolver - Azure Example Scenarios _ Microsoft Learn.pdf
Azure DNS Private Resolver - Azure Example Scenarios _ Microsoft Learn.pdfAzure DNS Private Resolver - Azure Example Scenarios _ Microsoft Learn.pdf
Azure DNS Private Resolver - Azure Example Scenarios _ Microsoft Learn.pdfKenneth Nnadikwe
 
Terraform on Azure
Terraform on AzureTerraform on Azure
Terraform on AzureMithun Shanbhag
 
Azure stack all you need to know
Azure stack all you need to knowAzure stack all you need to know
Azure stack all you need to knowSusantha Silva
 
Az 104 session 3 azure compute
Az 104 session 3 azure compute Az 104 session 3 azure compute
Az 104 session 3 azure compute AzureEzy1
 
Azure kubernetes service (aks)
Azure kubernetes service (aks)Azure kubernetes service (aks)
Azure kubernetes service (aks)Akash Agrawal
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureKasun Kodagoda
 
Microsoft Azure Networking Basics
Microsoft Azure Networking BasicsMicrosoft Azure Networking Basics
Microsoft Azure Networking BasicsSai Kishore Naidu
 
Best Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes ServicesBest Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes ServicesQAware GmbH
 

Recommended

Azure DNS Private Resolver - Azure Example Scenarios _ Microsoft Learn.pdf
Azure DNS Private Resolver - Azure Example Scenarios _ Microsoft Learn.pdfAzure DNS Private Resolver - Azure Example Scenarios _ Microsoft Learn.pdf
Azure DNS Private Resolver - Azure Example Scenarios _ Microsoft Learn.pdfKenneth Nnadikwe
 
Terraform on Azure
Terraform on AzureTerraform on Azure
Terraform on AzureMithun Shanbhag
 
Azure stack all you need to know
Azure stack all you need to knowAzure stack all you need to know
Azure stack all you need to knowSusantha Silva
 
Az 104 session 3 azure compute
Az 104 session 3 azure compute Az 104 session 3 azure compute
Az 104 session 3 azure compute AzureEzy1
 
Azure kubernetes service (aks)
Azure kubernetes service (aks)Azure kubernetes service (aks)
Azure kubernetes service (aks)Akash Agrawal
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureKasun Kodagoda
 
Microsoft Azure Networking Basics
Microsoft Azure Networking BasicsMicrosoft Azure Networking Basics
Microsoft Azure Networking BasicsSai Kishore Naidu
 
Best Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes ServicesBest Practices with Azure Kubernetes Services
Best Practices with Azure Kubernetes ServicesQAware GmbH
 
Let's Talk About: Azure Networking
Let's Talk About: Azure NetworkingLet's Talk About: Azure Networking
Let's Talk About: Azure NetworkingPedro Sousa
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual networkLalit Rawat
 
Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)Pedro Sousa
 
Part 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewPart 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewNeeraj Kumar
 
VMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfVMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfAmazon Web Services
 
Azure vnet
Azure vnetAzure vnet
Azure vnetzekeLabs Technologies
 
Azure web apps
Azure web appsAzure web apps
Azure web appsVaibhav Gujral
 
Azure storage
Azure storageAzure storage
Azure storageAdam Skibicki
 
Azure networking update 201908
Azure networking update 201908 Azure networking update 201908
Azure networking update 201908 Jay Kim
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual MachinesClint Edmonson
 
A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure NetworkingKarim Vaes
 
Azure key vault
Azure key vaultAzure key vault
Azure key vaultRahul Nath
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)Srikanth Kappagantula
 
Azure Hybid
Azure HybidAzure Hybid
Azure HybidThomas Treml
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - IntroductionPranav Ainavolu
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaSRobert Crane
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureGuy Barrette
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfMIlton788007
 
Azure Networking (1).pptx
Azure Networking (1).pptxAzure Networking (1).pptx
Azure Networking (1).pptxRazith2
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to AzureRobert Crane
 
SharePoint on Microsoft Azure
SharePoint on Microsoft AzureSharePoint on Microsoft Azure
SharePoint on Microsoft AzureK.Mohamed Faizal
 
Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginnersRadhika Puthiyetath
 

More Related Content

What's hot

Let's Talk About: Azure Networking
Let's Talk About: Azure NetworkingLet's Talk About: Azure Networking
Let's Talk About: Azure NetworkingPedro Sousa
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual networkLalit Rawat
 
Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)Pedro Sousa
 
Part 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewPart 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewNeeraj Kumar
 
VMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfVMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfAmazon Web Services
 
Azure networking update 201908
Azure networking update 201908 Azure networking update 201908
Azure networking update 201908 Jay Kim
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual MachinesClint Edmonson
 
A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure NetworkingKarim Vaes
 
Azure key vault
Azure key vaultAzure key vault
Azure key vaultRahul Nath
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)Srikanth Kappagantula
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - IntroductionPranav Ainavolu
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaSRobert Crane
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft AzureGuy Barrette
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfMIlton788007
 
Azure Networking (1).pptx
Azure Networking (1).pptxAzure Networking (1).pptx
Azure Networking (1).pptxRazith2
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to AzureRobert Crane
 

What's hot (20)

Let's Talk About: Azure Networking
Let's Talk About: Azure NetworkingLet's Talk About: Azure Networking
Let's Talk About: Azure Networking
 
Azure virtual network
Azure virtual networkAzure virtual network
Azure virtual network
 
Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)Lets talk about: Azure Kubernetes Service (AKS)
Lets talk about: Azure Kubernetes Service (AKS)
 
Part 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An OverviewPart 01: Azure Virtual Networks – An Overview
Part 01: Azure Virtual Networks – An Overview
 
VMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdfVMware Cloud on AWS - 100819.pdf
VMware Cloud on AWS - 100819.pdf
 
Azure vnet
Azure vnetAzure vnet
Azure vnet
 
Azure web apps
Azure web appsAzure web apps
Azure web apps
 
Azure storage
Azure storageAzure storage
Azure storage
 
Azure networking update 201908
Azure networking update 201908 Azure networking update 201908
Azure networking update 201908
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual Machines
 
A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure Networking
 
Azure key vault
Azure key vaultAzure key vault
Azure key vault
 
Azure role based access control (rbac)
Azure role based access control (rbac)Azure role based access control (rbac)
Azure role based access control (rbac)
 
Azure Hybid
Azure HybidAzure Hybid
Azure Hybid
 
Microsoft Azure - Introduction
Microsoft Azure - IntroductionMicrosoft Azure - Introduction
Microsoft Azure - Introduction
 
Introduction to Azure IaaS
Introduction to Azure IaaSIntroduction to Azure IaaS
Introduction to Azure IaaS
 
Introduction to Microsoft Azure
Introduction to Microsoft AzureIntroduction to Microsoft Azure
Introduction to Microsoft Azure
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdf
 
Azure Networking (1).pptx
Azure Networking (1).pptxAzure Networking (1).pptx
Azure Networking (1).pptx
 
Introduction to Azure
Introduction to AzureIntroduction to Azure
Introduction to Azure
 

Similar to Azure DNS Privé

SharePoint on Microsoft Azure
SharePoint on Microsoft AzureSharePoint on Microsoft Azure
SharePoint on Microsoft AzureK.Mohamed Faizal
 
Namespaces for Local Networks
Namespaces for Local NetworksNamespaces for Local Networks
Namespaces for Local NetworksMen and Mice
 
NSBCon UK nservicebus on Azure by Yves Goeleven
NSBCon UK nservicebus on Azure by Yves GoelevenNSBCon UK nservicebus on Azure by Yves Goeleven
NSBCon UK nservicebus on Azure by Yves GoelevenParticular Software
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupNetCraftsmen
 
Cloudstack for beginners
Cloudstack for beginnersCloudstack for beginners
Cloudstack for beginnersJoseph Amirani
 
More Cache for Less Cash
More Cache for Less CashMore Cache for Less Cash
More Cache for Less CashMichael Collier
 
NephoScale Elastic Networking
NephoScale Elastic NetworkingNephoScale Elastic Networking
NephoScale Elastic NetworkingNephoScale
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stackNitin Mehta
 
Share point 2013 on azure
Share point 2013 on azureShare point 2013 on azure
Share point 2013 on azurePrabath Fonseka
 
Data Scotland 2019: You can run SQL Server on AWS
Data Scotland 2019: You can run SQL Server on AWSData Scotland 2019: You can run SQL Server on AWS
Data Scotland 2019: You can run SQL Server on AWSJohn McCormack
 
Running Open Source Solutions on Windows Azure
Running Open Source Solutions on Windows AzureRunning Open Source Solutions on Windows Azure
Running Open Source Solutions on Windows AzureSimon Evans
 
Lecture 3 more on servers and services
Lecture 3 more on servers and servicesLecture 3 more on servers and services
Lecture 3 more on servers and servicesWiliam Ferraciolli
 
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29MysoreMuleSoftMeetup
 
Presentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicePresentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicexKinAnx
 
D108636GC10_les01.pptx
D108636GC10_les01.pptxD108636GC10_les01.pptx
D108636GC10_les01.pptxSuresh569521
 
Cleaning Out Your IT Closet - SPSRED 2013
Cleaning Out Your IT Closet - SPSRED 2013Cleaning Out Your IT Closet - SPSRED 2013
Cleaning Out Your IT Closet - SPSRED 2013adamtoth
 

Similar to Azure DNS Privé (20)

SharePoint on Microsoft Azure
SharePoint on Microsoft AzureSharePoint on Microsoft Azure
SharePoint on Microsoft Azure
 
Cloud stack for_beginners
Cloud stack for_beginnersCloud stack for_beginners
Cloud stack for_beginners
 
Namespaces for Local Networks
Namespaces for Local NetworksNamespaces for Local Networks
Namespaces for Local Networks
 
NSBCon UK nservicebus on Azure by Yves Goeleven
NSBCon UK nservicebus on Azure by Yves GoelevenNSBCon UK nservicebus on Azure by Yves Goeleven
NSBCon UK nservicebus on Azure by Yves Goeleven
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
 
Private DNS
Private DNSPrivate DNS
Private DNS
 
Cloudstack for beginners
Cloudstack for beginnersCloudstack for beginners
Cloudstack for beginners
 
More Cache for Less Cash
More Cache for Less CashMore Cache for Less Cash
More Cache for Less Cash
 
Azure DBA with IaaS
Azure DBA with IaaSAzure DBA with IaaS
Azure DBA with IaaS
 
NephoScale Elastic Networking
NephoScale Elastic NetworkingNephoScale Elastic Networking
NephoScale Elastic Networking
 
Hacking apache cloud stack
Hacking apache cloud stackHacking apache cloud stack
Hacking apache cloud stack
 
Share point 2013 on azure
Share point 2013 on azureShare point 2013 on azure
Share point 2013 on azure
 
Global Windows Azure Bootcamp - San Diego
Global Windows Azure Bootcamp - San DiegoGlobal Windows Azure Bootcamp - San Diego
Global Windows Azure Bootcamp - San Diego
 
Data Scotland 2019: You can run SQL Server on AWS
Data Scotland 2019: You can run SQL Server on AWSData Scotland 2019: You can run SQL Server on AWS
Data Scotland 2019: You can run SQL Server on AWS
 
Running Open Source Solutions on Windows Azure
Running Open Source Solutions on Windows AzureRunning Open Source Solutions on Windows Azure
Running Open Source Solutions on Windows Azure
 
Lecture 3 more on servers and services
Lecture 3 more on servers and servicesLecture 3 more on servers and services
Lecture 3 more on servers and services
 
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
Platform configuration on CloudHub 2.0 | MuleSoft Mysore Meetup #29
 
Presentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a servicePresentation citrix cloud platform for infrastructure as a service
Presentation citrix cloud platform for infrastructure as a service
 
D108636GC10_les01.pptx
D108636GC10_les01.pptxD108636GC10_les01.pptx
D108636GC10_les01.pptx
 
Cleaning Out Your IT Closet - SPSRED 2013
Cleaning Out Your IT Closet - SPSRED 2013Cleaning Out Your IT Closet - SPSRED 2013
Cleaning Out Your IT Closet - SPSRED 2013
 

More from AZUG FR

I want my model to be deployed ! (another story of MLOps)
I want my model to be deployed ! (another story of MLOps)I want my model to be deployed ! (another story of MLOps)
I want my model to be deployed ! (another story of MLOps)AZUG FR
 
Packer, Terraform, Ansible avec Azure
Packer, Terraform, Ansible avec AzurePacker, Terraform, Ansible avec Azure
Packer, Terraform, Ansible avec AzureAZUG FR
 
Tester avant de déployer ; comment tester ses déploiements ARM.
Tester avant de déployer ; comment tester ses déploiements ARM.Tester avant de déployer ; comment tester ses déploiements ARM.
Tester avant de déployer ; comment tester ses déploiements ARM.AZUG FR
 
Dev & run d'un site marchant dans Azure
Dev & run d'un site marchant dans AzureDev & run d'un site marchant dans Azure
Dev & run d'un site marchant dans AzureAZUG FR
 
Meetup AZUG FR @ IdeaStudio - 5 Février 2019
Meetup AZUG FR @ IdeaStudio - 5 Février 2019Meetup AZUG FR @ IdeaStudio - 5 Février 2019
Meetup AZUG FR @ IdeaStudio - 5 Février 2019AZUG FR
 
Cedric leblond migrer jenkins AWS vers Azure Devops
Cedric leblond migrer jenkins AWS vers Azure DevopsCedric leblond migrer jenkins AWS vers Azure Devops
Cedric leblond migrer jenkins AWS vers Azure DevopsAZUG FR
 
Ignite 2018 - Nouveautés governance et management (Manon Pernin)
Ignite 2018 - Nouveautés governance et management (Manon Pernin)Ignite 2018 - Nouveautés governance et management (Manon Pernin)
Ignite 2018 - Nouveautés governance et management (Manon Pernin)AZUG FR
 
Ignite 2018 - Nouveauté stockage (Didier Esteves)
Ignite 2018 - Nouveauté stockage (Didier Esteves)Ignite 2018 - Nouveauté stockage (Didier Esteves)
Ignite 2018 - Nouveauté stockage (Didier Esteves)AZUG FR
 
Ignite 2018 - Coups de coeur (Benoit Sautiere)
Ignite 2018 - Coups de coeur (Benoit Sautiere)Ignite 2018 - Coups de coeur (Benoit Sautiere)
Ignite 2018 - Coups de coeur (Benoit Sautiere)AZUG FR
 
Ignite 2018 - nouveautés sécurité et réseau (Laurent Yin)
Ignite 2018 - nouveautés sécurité et réseau (Laurent Yin)Ignite 2018 - nouveautés sécurité et réseau (Laurent Yin)
Ignite 2018 - nouveautés sécurité et réseau (Laurent Yin)AZUG FR
 
GAB 2018 PARIS - Enrichir vos applications avec Azure AI services par Houssem...
GAB 2018 PARIS - Enrichir vos applications avec Azure AI services par Houssem...GAB 2018 PARIS - Enrichir vos applications avec Azure AI services par Houssem...
GAB 2018 PARIS - Enrichir vos applications avec Azure AI services par Houssem...AZUG FR
 
GAB 2018 PARIS - Mettez un peu de CI/CD dans vos projets data! par Guillaume...
GAB 2018 PARIS - Mettez un peu de CI/CD dans vos projets data! par Guillaume...GAB 2018 PARIS - Mettez un peu de CI/CD dans vos projets data! par Guillaume...
GAB 2018 PARIS - Mettez un peu de CI/CD dans vos projets data! par Guillaume...AZUG FR
 
GAB 2018 PARIS - Gouvernance Azure, comment éviter les écueils par Benoît Sau...
GAB 2018 PARIS - Gouvernance Azure, comment éviter les écueils par Benoît Sau...GAB 2018 PARIS - Gouvernance Azure, comment éviter les écueils par Benoît Sau...
GAB 2018 PARIS - Gouvernance Azure, comment éviter les écueils par Benoît Sau...AZUG FR
 
Meetup AZUG FR Dec 2017 @ Arolla
Meetup AZUG FR Dec 2017 @ ArollaMeetup AZUG FR Dec 2017 @ Arolla
Meetup AZUG FR Dec 2017 @ ArollaAZUG FR
 
Meetup AZUG FR Oct 2017 @ Cellenza
Meetup AZUG FR Oct 2017 @ CellenzaMeetup AZUG FR Oct 2017 @ Cellenza
Meetup AZUG FR Oct 2017 @ CellenzaAZUG FR
 
Analysez vos textes avec Cognitive Services
Analysez vos textes avec Cognitive ServicesAnalysez vos textes avec Cognitive Services
Analysez vos textes avec Cognitive ServicesAZUG FR
 
Gab17 lyon - La BI traditionnelle est une histoire du passée. Impacts de la r...
Gab17 lyon - La BI traditionnelle est une histoire du passée. Impacts de la r...Gab17 lyon - La BI traditionnelle est une histoire du passée. Impacts de la r...
Gab17 lyon - La BI traditionnelle est une histoire du passée. Impacts de la r...AZUG FR
 
Gab17 lyon - Blockchain as a service dans Azure by Igor Leontiev
Gab17 lyon - Blockchain as a service dans Azure by Igor LeontievGab17 lyon - Blockchain as a service dans Azure by Igor Leontiev
Gab17 lyon - Blockchain as a service dans Azure by Igor LeontievAZUG FR
 
GAB 2017 PARIS - IoT Azure - Aymeric Weinbach
GAB 2017 PARIS - IoT Azure - Aymeric WeinbachGAB 2017 PARIS - IoT Azure - Aymeric Weinbach
GAB 2017 PARIS - IoT Azure - Aymeric WeinbachAZUG FR
 
GAB 2017 PARIS - Tester la sécurité de vos annuaires Active Directory et Azur...
GAB 2017 PARIS - Tester la sécurité de vos annuaires Active Directory et Azur...GAB 2017 PARIS - Tester la sécurité de vos annuaires Active Directory et Azur...
GAB 2017 PARIS - Tester la sécurité de vos annuaires Active Directory et Azur...AZUG FR
 

More from AZUG FR (20)

I want my model to be deployed ! (another story of MLOps)
I want my model to be deployed ! (another story of MLOps)I want my model to be deployed ! (another story of MLOps)
I want my model to be deployed ! (another story of MLOps)
 
Packer, Terraform, Ansible avec Azure
Packer, Terraform, Ansible avec AzurePacker, Terraform, Ansible avec Azure
Packer, Terraform, Ansible avec Azure
 
Tester avant de déployer ; comment tester ses déploiements ARM.
Tester avant de déployer ; comment tester ses déploiements ARM.Tester avant de déployer ; comment tester ses déploiements ARM.
Tester avant de déployer ; comment tester ses déploiements ARM.
 
Dev & run d'un site marchant dans Azure
Dev & run d'un site marchant dans AzureDev & run d'un site marchant dans Azure
Dev & run d'un site marchant dans Azure
 
Meetup AZUG FR @ IdeaStudio - 5 Février 2019
Meetup AZUG FR @ IdeaStudio - 5 Février 2019Meetup AZUG FR @ IdeaStudio - 5 Février 2019
Meetup AZUG FR @ IdeaStudio - 5 Février 2019
 
Cedric leblond migrer jenkins AWS vers Azure Devops
Cedric leblond migrer jenkins AWS vers Azure DevopsCedric leblond migrer jenkins AWS vers Azure Devops
Cedric leblond migrer jenkins AWS vers Azure Devops
 
Ignite 2018 - Nouveautés governance et management (Manon Pernin)
Ignite 2018 - Nouveautés governance et management (Manon Pernin)Ignite 2018 - Nouveautés governance et management (Manon Pernin)
Ignite 2018 - Nouveautés governance et management (Manon Pernin)
 
Ignite 2018 - Nouveauté stockage (Didier Esteves)
Ignite 2018 - Nouveauté stockage (Didier Esteves)Ignite 2018 - Nouveauté stockage (Didier Esteves)
Ignite 2018 - Nouveauté stockage (Didier Esteves)
 
Ignite 2018 - Coups de coeur (Benoit Sautiere)
Ignite 2018 - Coups de coeur (Benoit Sautiere)Ignite 2018 - Coups de coeur (Benoit Sautiere)
Ignite 2018 - Coups de coeur (Benoit Sautiere)
 
Ignite 2018 - nouveautés sécurité et réseau (Laurent Yin)
Ignite 2018 - nouveautés sécurité et réseau (Laurent Yin)Ignite 2018 - nouveautés sécurité et réseau (Laurent Yin)
Ignite 2018 - nouveautés sécurité et réseau (Laurent Yin)
 
GAB 2018 PARIS - Enrichir vos applications avec Azure AI services par Houssem...
GAB 2018 PARIS - Enrichir vos applications avec Azure AI services par Houssem...GAB 2018 PARIS - Enrichir vos applications avec Azure AI services par Houssem...
GAB 2018 PARIS - Enrichir vos applications avec Azure AI services par Houssem...
 
GAB 2018 PARIS - Mettez un peu de CI/CD dans vos projets data! par Guillaume...
GAB 2018 PARIS - Mettez un peu de CI/CD dans vos projets data! par Guillaume...GAB 2018 PARIS - Mettez un peu de CI/CD dans vos projets data! par Guillaume...
GAB 2018 PARIS - Mettez un peu de CI/CD dans vos projets data! par Guillaume...
 
GAB 2018 PARIS - Gouvernance Azure, comment éviter les écueils par Benoît Sau...
GAB 2018 PARIS - Gouvernance Azure, comment éviter les écueils par Benoît Sau...GAB 2018 PARIS - Gouvernance Azure, comment éviter les écueils par Benoît Sau...
GAB 2018 PARIS - Gouvernance Azure, comment éviter les écueils par Benoît Sau...
 
Meetup AZUG FR Dec 2017 @ Arolla
Meetup AZUG FR Dec 2017 @ ArollaMeetup AZUG FR Dec 2017 @ Arolla
Meetup AZUG FR Dec 2017 @ Arolla
 
Meetup AZUG FR Oct 2017 @ Cellenza
Meetup AZUG FR Oct 2017 @ CellenzaMeetup AZUG FR Oct 2017 @ Cellenza
Meetup AZUG FR Oct 2017 @ Cellenza
 
Analysez vos textes avec Cognitive Services
Analysez vos textes avec Cognitive ServicesAnalysez vos textes avec Cognitive Services
Analysez vos textes avec Cognitive Services
 
Gab17 lyon - La BI traditionnelle est une histoire du passée. Impacts de la r...
Gab17 lyon - La BI traditionnelle est une histoire du passée. Impacts de la r...Gab17 lyon - La BI traditionnelle est une histoire du passée. Impacts de la r...
Gab17 lyon - La BI traditionnelle est une histoire du passée. Impacts de la r...
 
Gab17 lyon - Blockchain as a service dans Azure by Igor Leontiev
Gab17 lyon - Blockchain as a service dans Azure by Igor LeontievGab17 lyon - Blockchain as a service dans Azure by Igor Leontiev
Gab17 lyon - Blockchain as a service dans Azure by Igor Leontiev
 
GAB 2017 PARIS - IoT Azure - Aymeric Weinbach
GAB 2017 PARIS - IoT Azure - Aymeric WeinbachGAB 2017 PARIS - IoT Azure - Aymeric Weinbach
GAB 2017 PARIS - IoT Azure - Aymeric Weinbach
 
GAB 2017 PARIS - Tester la sécurité de vos annuaires Active Directory et Azur...
GAB 2017 PARIS - Tester la sécurité de vos annuaires Active Directory et Azur...GAB 2017 PARIS - Tester la sécurité de vos annuaires Active Directory et Azur...
GAB 2017 PARIS - Tester la sécurité de vos annuaires Active Directory et Azur...
 

Recently uploaded

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 

Recently uploaded (20)

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 

Azure DNS Privé

  • 1. Azure Private DNS Private DNS in Complex Azure Environments with Azure DNS Antoine Seignard, Marius Zaharia
  • 2. A BIG thank you to the 2019 Global Sponsors!
  • 3. www.azug.fr © 2019 AZUG FR. All Rights Reserved. 3 Agenda • Recall – DNS • Azure DNS • Azure Private DNS • Contexte & Scenario • Solution & Demo • "REX"/Feedback • Conclusion
  • 4. www.azug.fr © 2019 AZUG FR. All Rights Reserved. 4 Meet the Team Un enthousiaste du cloud, qui aime aider les gens à sortir de l'informatique plutôt traditionnelle en proposant des chemins pour adopter les bons réflexes du Cloud Public et accélérer la transformation. Antoine Seignard Azure DevOps, Société Générale Azure MVP & Advisor Community Manager, AZUG FR Marius Zaharia Azure Tech Lead, Société Générale www.linkedin.com/in/mzaharia/ lecampusazure
  • 6. 6 Recall – DNS • DNS (Domain Name System) resolves the names of internet sites with their underlying IP addresses • Public DNS / Private DNS EX: www.example.com => 12.34.56.78 (IPv4) • DNS Servers : • (Recursive) Resolver / • Root Domain / • Top Level Domain (TLD) / • Autoritative nameserver A DNS workflow Credit: cloudflare.com
  • 7. 7 Recall – DNS (2) • IP vs FQDN • Registrar • DNS Zone • DNS Records • A • AAAA • CNAME • PTR • NS • MX • SRV • TXT • … >nslookup www.google.com Serveur : UnKnown Address: fe80::a63e:51ff:fe7a:6dc6 Non authoritative answer: Name: www.google.com Addresses: 2a00:1450:4007:80c::2004 216.58.209.228
  • 8. 8 Azure DNS • Azure DNS: hosting service for DNS domains that provides name resolution by using Microsoft Azure infrastructure. • Manage your DNS records by using the same credentials, APIs, tools, and billing as other Azure services Benefits • Managed service • RBAC • Activity logging • Resource locking • Azure DNS supports all common DNS record types: A, AAAA, CAA, CNAME, MX, NS, PTR, SOA, SRV, and TXT
  • 9. 9 Azure DNS Delegation • Delegate the DNS resolution responsibility to specific name servers • In the registrar's DNS management page, edit the NS records and replace the NS records with the Azure DNS name servers
  • 10. 10 Azure DNS for private domains • Use our own custom domain names rather than the Azure-provided names, in private network space • Service in public preview today Benefits • Managed service • Automatic hostname record management • Hostname resolution between virtual networks • Split-horizon DNS support
  • 11. 11 Azure DNS for private domains Concepts • Resolution virtual networks: VNETs that are allowed to resolve records within the zone • Registration virtual network: a VNET for which Azure DNS maintains hostname records whenever a VM is created, changes IP, or is deleted Other capabilities • Reverse DNS lookup is supported within the virtual-network scope
  • 12. 12 Azure DNS Private Zones scenarios • Scenario: Name Resolution scoped to a single virtual network
  • 13. 13 Azure DNS Private Zones scenarios • Scenario: Name Resolution across virtual networks
  • 14. 14 Azure DNS Private Zones scenarios • Scenario: Split-Horizon
  • 16. 16 Context and Scenario Enteprise context: • Existing (legacy) IT infrastructure (on-premises) • Additional (new) infrastructure in the Azure cloud • Hybrid cloud connection, via VPN or ExpressRoute • Multiple applications in the Cloud • Multiple VNETs • Hub & Spoke network topology • DNS resolution necessary across VNETs • DNS resolution necessary between on-prem and cloud Hub & Spoke VNET topology
  • 18. 18 Solution - Architecture Hub vnet Front VM Client VM Local IS App 1 vnet Forwarder DNS Hub DNS zone App DNS zone Local LAN ExpressRoute App 2 DNS zone Azure App n DNS zone
  • 19. DEMO
  • 21. 21 Solution configuration • Azure resources • VNETs + peerings • 3 vnets • Hub-vnet • Local-vnet • App-vnet • Spoke vnets are connected to the hub vnet • Azure DNS Private zones • Each vnet is hosting a Azure private DNS zone • Forwarder DNS servers (IaaS) • 2 DNS Forwarder in 1 avset • Test / Demo VMs • 1 client Windows VM on the local-vnet • 1 Linux Apache server on the app-vnet • DNS Forwarder • Bind server • Forward all requests to Azure main DNS service (168.63.129.16) • Custom DNS Zones • hub.gab2019.local • local.gab2019.local • app.gab2019.local • www.app.gab2019.local
  • 23. 23 Service limitations (as of today) • Only one registration virtual network is allowed per private zone • Up to 10 resolution VNETs allowed per private zone (preview limit) • Reverse DNS works only for private IP space in the registration VNET. • Reverse DNS for a private IP that isn't registered in the private zone returns internal.cloudapp.net as the DNS suffix. • • The VNET must be completely empty the first time you link it • However, the virtual network can then be non-empty for future linking as a registration or resolution virtual network, to other private zones. • VM record not viewable or retrievable from the Azure Powershell and Azure CLI APIs. • They are indeed registered and will resolve successfully. • Currently, conditional forwarding is not supported • DNS delegation is not supported (in private DNS) • Creation only via scripts • DNSSEC not supported
  • 24. 24 Our feedback • For a full Azure environment the solution does not need any VM • Records management via the portal makes management easier • Create records using the Azure API: allows for more industrialized management • No zone file to manage • Today the service is not hyper scalable • DNS Forwarder VM needed in hybrid scenarios • Flat zone model only
  • 26. 26 Conclusion PROS • Very good time-to-market, as a fully managed service • Azure DNS addresses a large number of simple DNS scenarios • Specific features like VM autoregistration augment productivity CONS • Service not completely mature as today • Hybrid complex scenarios require more investment
  • 27. www.azug.fr © 2019 AZUG FR. All Rights Reserved. 27 Merci à nos sponsors LOCAUX
  • 29. www.azug.fr © 2019 AZUG FR. All Rights Reserved. 29 Nous suivre Facebook facebook.com/groups/azugfr/ Twitter twitter.com/AZUGFR Meetup meetup.com/AZUG-FR/ LinkedIn https://www.linkedin.com/groups/8315615 Web www.azug.fr

Editor's Notes

  1. https://www.cloudflare.com/learning/dns/dns-server-types/ https://www.cloudflare.com/learning/dns/glossary/dns-zone/
  2. https://fr.wikipedia.org/wiki/Domain_Name_System
  3. https://docs.microsoft.com/en-us/azure/dns/dns-domain-delegation
  4. Antoine
  5. https://docs.microsoft.com/en-us/azure/dns/private-dns-scenarios Antoine
  6. https://docs.microsoft.com/en-us/azure/dns/private-dns-scenarios Antoine
  7. https://docs.microsoft.com/en-us/azure/dns/private-dns-scenarios
  8. Marius
  9. Antoine
  10. Antoine
  11. Only one registration virtual network is allowed per private zone Up to 10 resolution VNETs allowed per private zone (preview limit) VM record not viewable or retrievable from the Azure Powershell and Azure CLI APIs. They are indeed registered and will resolve successfully. Reverse DNS works only for private IP space in the registration VNET. Reverse DNS for a private IP that isn't registered in the private zone returns internal.cloudapp.net as the DNS suffix. However, this suffix isn't resolvable. The VNET must be completely empty the first time you link it to a private zone as a registration or resolution VNET. However, the virtual network can then be non-empty for future linking as a registration or resolution virtual network, to other private zones. Currently, conditional forwarding is not supported DNS delegation is not supported Creation only via scripts DNSSEC not supported