The course is part of these learning paths
See 3 moreLearn how to configure Microsoft Azure connectivity and name resolution with this course instructed by a Cloud Academy expert.
In this course, you will learn two different ways to connect virtual networks together. The course starts by teaching you how to set up peering between virtual networks, then moves on to show you how to connect two VNets using a virtual network gateway. Once you have mastered network connections, you will learn how to use Azure DNS to configure custom domain names for the resources in your VNets. Finally, we will move on to learning how to set up both public and private DNS zones.
This course is essential for those looking to train enterprise teams since, by default, Azure virtual networks are isolated from each other and only have a rudimentary form of name resolution. To build useful networks in Azure, you will need to connect these virtual networks together. To make them easier to manage, you will need to implement custom name resolution.
This course is made up of 7 lectures with an introduction and conclusion to aid in reviewing what you have learned throughout the course.
Learning Objectives
- Configure Azure virtual network peering
- Create a virtual network gateway and use it to connect two VNets
- Configure Azure DNS to handle name resolution
Intended Audience
- Those looking to become Azure cloud architects
- Those preparing for Microsoft’s AZ-100 or AZ-102 exam
Prerequisites
- Basic knowledge of Azure virtual networks
Additional Resources
- The GitHub repository for this course is at https://github.com/cloudacademy/azure-networks-and-dns
I hope you enjoyed learning about Azure network connectivity and name resolution. Let’s do a quick review of what you learned.
You can connect two Azure virtual networks together using either VNet peering or a virtual network gateway.
You can peer virtual networks that are in different regions or across subscriptions. You need to create a peering in both directions before the VNets can connect with each other. Peered VNets must have non-overlapping IP address spaces.
Peerings are not transitive, so the spokes in a hub-and-spoke configuration can’t communicate with each other unless you peer the spokes with each other or you add a router to the hub.
One option for adding a router is to deploy a Linux VM. To make this work, you need to add route tables and you need to enable the “Allow forwarded traffic” option when you’re creating the peerings.
Another way to add a router is to deploy a virtual network gateway. To make this work, you need to add route tables and you need to check the “Allow gateway transit” option when you’re creating the peering connections from the hub. You also need to check the “Use remote gateways” option on the peering connections from the spokes to the hub. You can only enable gateway transit or remote gateways if the VNets are in the same region.
A DNS zone contains the records for a particular domain. When you create a zone in Azure DNS, it automatically creates an NS (or nameserver) record and an SOA (or Start of Authority) record. Use the “at” symbol to refer to the root of the domain. An A record gives the IP address associated with a name. A CNAME record lets you create an alias for a name that’s been defined by an A record.
After you create a zone, you have to delegate the domain to Azure DNS by changing the nameserver records at the domain’s registrar. If you want to assign a custom domain to an Azure Web App, you need to create both an A record and a TXT record for the root of the domain so Azure App Services can validate it properly. To verify that name resolution is configured properly, you can use the nslookup command.
Azure DNS supports private domains that aren’t accessible over the internet. If you designate a virtual network as a registration VNet, then Azure DNS will automatically create DNS records for the resources in that VNet. Multiple virtual networks can be linked to the same private zone, and all of them can be registration VNets. VNets that don’t have autoregistration enabled are called resolution VNets. You need to create DNS records manually for resources in resolution VNets. Reverse DNS queries don’t work across VNets that are linked to a private zone.
To enable split-horizon functionality, create a public zone and a private zone with the same domain name and then link them to the same virtual networks.
Now you know how to configure Azure VNet peering, create a virtual network gateway and use it to connect two VNets, and configure Azure DNS to handle name resolution.
To learn more about Azure’s network services, you can read Microsoft’s documentation. Also watch for new Microsoft Azure courses on Cloud Academy, because we’re always publishing new courses. Please give this course a rating, and if you have any questions or comments, please let us know. Thanks and keep on learning!
Guy launched his first training website in 1995 and he's been helping people learn IT technologies ever since. He has been a sysadmin, instructor, sales engineer, IT manager, and entrepreneur. In his most recent venture, he founded and led a cloud-based training infrastructure company that provided virtual labs for some of the largest software vendors in the world. Guy’s passion is making complex technology easy to understand. His activities outside of work have included riding an elephant and skydiving (although not at the same time).