The UW Azure DNS Bridge solution enables customers to resolve hostnames which are registered in UW DNS and Azure DNS. It also provides a consistent DNS resolver for all UW Azure-based resources.
What are the DNS problems associated with using Azure?
Hosts with private IP addresses on the UW network generally register their DNS hostname with the UW DNS servers and can only be resolved from the UW network. Azure native services with private links have private IP addresses on the Azure network, have their hostnames registered with the Azure DNS server, and can only be resolved from the Azure network. Any given network client can only use one DNS server for hostname resolution. These general facts form the basis for the problems in this area. The problems are:
- If I point my UW network clients at UW DNS, they can not resolve private hostnames that are only registered in Azure DNS
- If I point my Azure network clients at Azure DNS, they can not resolve private hostnames that are only registered in UW DNS
- I don’t want to run my own DNS services to solve the above problems, nor do I want the additional overhead associated with managing an additional private DNS zone on UW DNS to proxy Azure private hostnames
UW-IT has provided this solution for these problems.
What DNS servers should I use for my Azure resources?
You should use the UW Azure DNS Bridge servers:
10.4.10.20
10.4.10.21
Use of these servers requires Azure VNet peering with the UW Hub VNet and you’ll need to leverage the Shared ExpressRoute.
What DNS servers should I use for my campus clients?
You should continue to use the UW DNS servers, as you currently do. When your campus client encounter a private hostname associated with an Azure DNS zone, the UW DNS servers will forward those requests to the Azure DNS Bridge servers. These DNS servers are on the Azure network, and in turn forward these request to the Azure DNS service. This results in returning the private IP address back to your campus client.
Are there other solutions to these problems?
Yes, there are other solutions but none of them is as ideal as this solution. If you need to explore other solutions because this solution doesn’t meet your need, please reach out to UW-IT for consultation. We recommend you address your email to help@uw.edu and ask for the “Microsoft Infrastructure team” which will be specially acquainted with the other solutions in this problem space.