Azure DNS Private Resolver is a new service that enables customers to query Azure DNS private zones from an on-premises environment and vice versa without deploying VM-based DNS servers. This new service is fully managed in Azure and in public preview.
With the Azure DNS Private Resolver, customers now will be able to conditionally route domains back to on-premises across multi-cloud providers and public DNS servers without having to provision IaaS-based solutions on their virtual networks. It works for customers’ existing Azure ExpressRoute, Azure VPN, or Azure Bastion setups. In addition, customers will also be able to modify their DNS settings at the Virtual Network level in a much more straightforward manner by attaching rules to each Virtual Network and enabling conditional forwarding at scale.
Azure DNS Private Resolver requires a Virtual Network (VNet), and users can provision an Azure DNS Private Resolver inside of it. Subsequently, they can create one or more inbound endpoints that can be used as the DNS query destination. In addition, DNS queries are processed by the resolver’s outbound endpoint using a DNS forwarding ruleset that users establish. DNS queries issued from networks connected to a ruleset can be sent to other DNS servers.
John Savillia principal technical architect at Microsoft, concluded in an Azure DNS Private Resolver Deep Dive technical training video†
The Azure DNS Private Resolver removes me from my DNS Servers outside of Azure to resolve private DNS zones, nor have to manage some custom DNS forwarder. I can now actually forward from Azure DNS to zones hosted on my DNS zones on my DNS servers, be in Azure or outside Azure.
For some, the service should have come earlier, as a correspondent stated in a Reddit thread†
Unfortunately, this comes out just as my org. has finished finalizing its Private Endpoint infrastructure (by which I mean creating VMs that serve as DNS forwarders!)
Finally! An Azure-managed service for private DNS zone resolution from on-prem environments. This is usually done with custom DNS forwarding setups using bind or CoreDNS. Happy to see this.
Currently, Azure DNS Private Resolver is available in Australia East, UK South, North Europe, South Central US, West US 3, East US, North Central US, Central US Updates Access Program (EUAP), East US 2 EUAP, West Central US , East US 2 and West Europe Azure regions. Each of these supports Availability Zones, which will aid in regional and global resiliency of customer workloads. lastly, pricing details will follow soon.