Whoever uses a cloud platform such as Azure naturally knows the challenges of name resolution via DNS. With Azure DNS Private Zones, Microsoft now offers a feature that makes other solutions superfluous.
You know DNS. An IP address is translated into a speaking name so that the service behind it can be found more easily. With Azure DNS, Microsoft offers a hosting service that guarantees an SLA of 99.99 % to provide DNS. The service is paid for according to the number of DNS zones and DNS queries per month. A DNS zone represents an administrative unit of a certain domain, in which all necessary DNS entries are made.
Those who want to use their own domain name must delegate this domain to Azure. This means that this domain is entered in Azure and is accessible via the Internet. The prerequisite, however, is that one submits four Azure DNS servers to the provider who manages the domain, thereby enabling DNS forwarding from the provider to Azure.
In addition to public DNS resolution, the name resolution provided by Azure also provides internal name resolution for VMs that are on the same virtual network (vNET). Azure DNS also does the same for instances within a cloud service such as App Services or Container Services. Resources in the same vNET or cloud service use a common DNS suffix, so a hostname is sufficient. If one wanted to use DNS resolution between different virtual networks and cloud services, this previously only worked via a so-called customer-managed DNS server, i.e. a DNS server operated by the customer itself. This construct is now being replaced by Azure DNS Private.
The feature is currently in preview and can be tested without a service level. However, you will not find the function in the Azure portal at the moment. It can be used with familiar methods via Powershell or CLI. If you have registered your own domain as an Azure Private DNS Zone, it is possible to use the domain name within a vNET and also across several vNets. With the split-horizon DNS support, it will be possible in the future to create DNS zones with the same domain name that are resolved differently within the vNET and on the public Internet. Such a construct will be used for applications that one wants to provide in different versions - internally as well as externally.
Azure Private DNS is to be available in all Azure regions. The pricing model is not yet known.
Sources:
https://docs.microsoft.com/de-de/azure/dns/dns-faq
https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances#azure-provided-name-resolution
https://azure.microsoft.com/en-us/blog/azure-dns-private-zones-now-available-in-public-preview/
