Azure DNS
Domain Name System (DNS) is a hierarchical and federated naming system for computers, services, or any resource connected to the Internet or a private network.
On this page
Introduction to Azure DNS
Azure DNS provides a highly available and globally scalable DNS hosting service for your domain names. It enables you to host your DNS domains in Azure, managing your DNS records using the same credentials, APIs, tools, and billing as your other Azure services.
Key benefits of Azure DNS include:
- Reliability and Performance: Leverages Azure's global network for high availability and low-latency lookups.
- Security: Integrates with Azure's security features, including Azure Active Directory and RBAC.
- Scalability: Handles millions of DNS queries without performance degradation.
- Integration: Seamlessly integrates with other Azure services like Virtual Machines, App Services, and Azure Traffic Manager.
- Cost-Effective: Offers competitive pricing for DNS hosting.
Zone Types
Azure DNS supports two primary types of DNS zones:
Public DNS Zones
Public DNS zones are used to resolve names for resources that are published to the public internet. For example, if your domain name is contoso.com, Azure DNS can host the DNS records for this domain, enabling users worldwide to resolve your domain name to your IP address.
Note: To host a public DNS zone in Azure, you need to configure your domain registrar to delegate your domain to Azure DNS name servers.
Private DNS Zones
Private DNS zones are used for domain name resolution within your virtual networks in Azure. They allow you to use custom domain names for your Azure services without needing to configure a custom DNS solution. Resolution of private DNS zones is restricted to the virtual networks they are linked to.
For example, you can use a private DNS zone named corp.contoso.local to resolve internal service names within your private network.
az network dns zone create \
--resource-group myResourceGroup \
--name corp.contoso.local \
--output table
DNS Record Types
Azure DNS supports the following standard DNS record types:
| Record Type | Description |
|---|---|
| A | Maps a hostname to an IPv4 address. |
| AAAA | Maps a hostname to an IPv6 address. |
| CNAME | Canonical name for another domain name. |
| MX | Mail exchanger records for email delivery. |
| NS | Name server records, delegating a zone. |
| PTR | Pointer records for reverse DNS lookups. |
| SOA | Start of Authority, provides authoritative information about the zone. |
| SRV | Service locator records. |
| TXT | Text records, often used for verification or policy. |
You can create multiple records of the same type with different names within a zone.
Managing DNS Zones
You can manage your DNS zones and records using various methods:
- Azure Portal: A user-friendly graphical interface for managing all your Azure resources.
- Azure CLI: A powerful command-line tool for automating tasks.
- Azure PowerShell: Another command-line tool for managing Azure resources.
- Azure SDKs: Programmatic access for integrating DNS management into your applications.
Creating a Public DNS Zone via CLI
az network dns zone create \
--resource-group myResourceGroup \
--name mydomain.com
Adding an 'A' Record via CLI
az network dns record-set a add-record \
--resource-group myResourceGroup \
--zone-name mydomain.com \
--record-set-name www \
--ipv4-address 192.168.1.100
Azure Traffic Manager
Azure Traffic Manager is a DNS-based traffic load balancer that enables you to distribute traffic effectively to your Azure services and also to external endpoints. Traffic Manager allows you to control the distribution of traffic by using different traffic-routing methods.
Traffic Manager uses DNS to direct client requests to the most appropriate endpoint based on a traffic-routing method you choose. It can be used for:
- Improving availability: By routing traffic to a healthy endpoint.
- Improving performance: By routing traffic to the closest endpoint.
- Performing planned maintenance: By disabling endpoints and rerouting traffic.
Tip: Combine Azure DNS with Azure Traffic Manager for robust global traffic management and high availability scenarios.
Azure DNS Analytics
Azure DNS Analytics provides insights into your DNS zone activity. It helps you monitor the health and performance of your DNS zones, analyze query patterns, and detect potential threats.
Key features of DNS Analytics include:
- Query Analysis: Understand which DNS records are queried most frequently.
- Traffic Distribution: Monitor DNS traffic across different locations.
- Malicious Activity Detection: Identify potential DNS-based attacks.
- Health Monitoring: Track the availability and performance of your DNS zones.
To use DNS Analytics, you typically integrate it with Azure Log Analytics workspace.