The course is part of these learning paths
Azure Network Connectivity and Name Resolution
Learn how to configure Microsoft Azure connectivity and name resolution with this expertly instructed course from Cloud Academy.
In this course, you will learn two different ways to connect virtual networks together. The course starts by teaching you how to set up peering between virtual networks and then moves on to showing you how to connect two VNets using a virtual network gateway. Once you have mastered network connections, you will learn how to use Azure DNS to configure custom domain names for the resources in your VNets. Finally, we will move on to learning how to set up both public and private DNS zones.
This course is essential for those looking to train enterprise teams since, by default, Azure virtual networks are isolated from each other and only have a rudimentary form of name resolution. To build useful networks in Azure, you will need to connect these virtual networks together. To make them easier to manage, you will need to implement custom name resolution.
This course is made up 7 lectures with an introduction and conclusion to aid in reviewing what you have learned throughout the course.
Configure Azure virtual network peering
Create a virtual network gateway and use it to connect two VNets
Configure Azure DNS to handle name resolution
Those looking to become Azure cloud architects
Those preparing for Microsoft’s AZ-100 or AZ-102 exam
- Basic knowledge of Azure virtual networks
- The GitHub repository for this course is at https://github.com/cloudacademy/azure-networks-and-dns
I hope you enjoyed learning about Azure network connectivity and name resolution. Let's do a quick review of what you learned. You can connect to Azure virtual networks together using either VNet peering or a virtual network gateway. You can peer virtual networks that are in different regions or across subscriptions as long as they're associated with the same Azure Active Directory tenant. You need to create a peering in both directions before the VNets can connect with each other. Peered VNets must have non-overlapping IP address spaces. Peerings are not transitive. So the spokes in a hub-and-spoke configuration can't communicate with each other unless you peer the spokes with each other, or you add a router to the hub.
One options for adding a router is to deploy a Linux VM. To make this work, you need to add route tables and you need to check the Allow Forwarded Traffic option when you're creating the peerings. Another way to add a router is to deploy a virtual network gateway. To make this work, you need to add route tables and you need to check the Allow Gateway Transit option when you're creating the peering connections from the hub.
You also need to check the Use Remote Gateways option on the peering connections from the spokes to the hub. You can only enable gateway transit or remote gateways if the VNets are in the same region. A DNS zone contains the records for a particular domain. When you create a zone in Azure DNS, it automatically creates an NS, or a nameserver record, and an SOA or Start of Authority record. Use the @ symbol to refer to the root of the domain. An A record gives the IP address associated with the name. A CNAME record lets you create an alias for a name that's been defined by an A record. After you create a zone, you have to delegate the domain to Azure DNS by changing the nameserver records at the domain's registrar. If you want to assign a custom domain to an Azure web app, you need to create both an A record and a TXT record for the root of the domain so Azure App Services can validate it properly. To verify that name resolution is configured properly, you can use the nslookup command.
Azure DNS supports private domains that aren't accessible over the internet. If you designate a virtual network as a registration VNet, then Azure DNS will automatically create DNS records for the resources in that VNEt. Multiple virtual networks can be linked to the same private zone, but there can only be one registration VNEt. All of the other VNets can only be resolution VNets. You need to create DNS records manually for resources in resolution VNEts. Reverse DNS queries don't work across VNets that are linked to a private zone.
To enable split horizon functionality, create a public zone and a private zone with the same domain name, and then link them to the same virtual networks. Now you know how to configure Azure VNEt peering, create a virtual network gateway and use it to connect to VNets, and configure Azure DNS to handle name resolution. To learn more about Azure's network services, you can read Microsoft's documentation. Also watch for new Microsoft Azure courses on Cloud Academy, because we're always publishing new courses. Please give this course a rating, and if you have any questions or comments, please let us know. Thanks, and keep on learning.
About the Author
Guy launched his first training website in 1995 and he's been helping people learn IT technologies ever since. He has been a sysadmin, instructor, sales engineer, IT manager, and entrepreneur. In his most recent venture, he founded and led a cloud-based training infrastructure company that provided virtual labs for some of the largest software vendors in the world. Guy’s passion is making complex technology easy to understand. His activities outside of work have included riding an elephant and skydiving (although not at the same time).