I have multiple Azure Infrastructure-as-a-Service (Iaas) Virtual Machines (VMs) running under multiple Cloud Services, within one Virtual Network. I need these VMs to resolve each other based on hostname as well as be able to resolve public websites.
If these VMs were all running in one cloud service, they would be able to resolve each other using Azure Name Resolution. However, for a variety of reasons, I need to run them in separate Cloud Services, which prevents me from using this.
This leaves me with three options:
In this article, we'll explore the third option. Note this article may seem fairly basic to people who have a good understanding of infrastructure, but hopefully it will help people who don't.
Note: Azure AD is quite different from Windows AD and does not provide any functionality for DNS.
To simulate this scenario, I have the following Azure setup…
Note, I actually have multiple VMs similar to Test1, each running in their own cloud service, but for simplicity I have just shown the DNS VM and another example VM.
If this is not already configured (as per the above scenario), go the Azure Management Portal and set a DNS server to the IP of your DNS VM.
To add the DNS server role, remote onto the Virtual Machine you intend to use for DNS and launch Server Manager. From this, launch the "Add Roles and Features Wizard" and do the following:
Once the DNS role is installed, to configure bring up the DNS Manager (in Server Manager, click DNS from the left hand pane, select your local server, right click and select DNS Manager)
Within DNS manager, you now need to create a forward lookup zone. This is the domain name on which all of your servers are referenced. In my example, I'm going to use contoso.local (local is to denote that the domain name is just pertinent to the virtual network, and not a public domain name – you could use whatever domain name you like however).
In the new zone wizard…
You should end up with the following
The final configuration step is to ensure that all VMs (including the DNS VM) use a DNS suffix that matches your new forward lookup zone.
From the Server Manager, click "Local Server" in the left hand pane, then click the "Computer Name" link to launch the In the System Properties dialog.
Repeat on every Virtual Machine.
To verify everything's worked, remote onto the DNS VM and launch the DNS Manager. Expand your forward lookup zone. You should see all of your VMs under this (the VMs would have automatically registered as we set our zone to "Allow both nonsecure and secure dynamic updates")
Finally, on each machine, launch a command prompt and run NSLookup against the other VMs in your network as well as a publicly facing website. These should now successfully resolve.
Footnote: By default, root hints are configured on the DNS server. This means you can resolve external sites also with no further action:
Written by Rob Nowik