Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET
Microsoft Azure

How To Host a DNS Domain in Azure

Azure DNS

One of the important things you will do with any online service is to configure DNS. You obtain a DNS domain from a registrar and either host the domain with the registrar’s own hosting service or on your own public DNS servers.

People often don’t consider the impact of DNS on the performance on their online service. The first thing that a client (or potential customer) will do when browsing your site is to attempt to resolve the name of your service. So, if they browse to the browser/operating system will attempt to convert that name into an IP address to connect to – the address might be hidden by several layers of abstraction (CNAMEs).

How fast that resolution happens impacts the overall performance of the site, and the longer a site takes to load, the less profitable it will be. Many DNS hosting services are located in one or a few data centers in a relatively small area. For example, I might host a DNS name in California. If a customer in the Western US browses the site, the name will resolve quickly and then the site can start to load. But if a customer in India attempts to browse to the site, the name is on the other side of the globe and it will take much longer for the name to resolve and the site to start loading – customer lost!

Sponsored Content

Say Goodbye to Traditional PC Lifecycle Management

Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.

Azure DNS hosts your domain in Azure’s global network of data centers. That means that your domain is hosted all around the world, with automatic replication, and places the domain names closer to your potential customers. Using anycast networking, the client is redirected to the closest replica – now that client in India is redirected to an Azure DNS replica in India and the name resolves in milliseconds.

Other Benefits include:

  • Being an Azure service, Azure DNS can leverage Azure AD, auditing, governance, role-based access control (RBAC), and resource locking to secure your DNS service.
  • The admin experience is extremely simple – much easier than those “cpanels” that registrars use.
  • There is an internal DNS hosting option, but I find it a bit immature today. The external option, however, is awesome, in my opinion.

Create the Azure DNS Resource

Start off in the Azure Portal and click Create a Resource. Search for and select DNS Zone, and then click Create. Enter the following details in Create DNS Zone:

  • Name: The name of the DNS domain that you want to host.
  • Subscription: The subscription that you want to create the new resource in.
  • Resource group: The name of the resource group to create/use.
  • Resource group location: The Azure region of the resource group.

Creating a DNS hosting resource in Azure [Image Credit: Aidan Finn]
Creating a DNS hosting resource in Azure [Image Credit: Aidan Finn]
The new DNS zone resource is created as a global resource, not dependent on any one region … in theory. If I was creating a DNS zone in Azure for a service that runs in North Europe and has failover to West Europe, I would host the DNS zone in a different resource group that is hosted in France Central … weird things can happen in huge clouds and I don’t like to take chances.

The resulting resource is pretty simple. You can add records and delete the zone. Speaking of which – you might want to add a Delete lock to the DNS zone resource.

A new DNS zone hosted in Azure [Image Credit: Aidan Finn]
A new DNS zone hosted in Azure [Image Credit: Aidan Finn]
Note the highlighted name servers in the above screenshot. These are the names, resolvable by anycast, that the Internet will use to find the DNS servers for this DNS domain.

Modify Name Servers

At this time, the Internet has no idea about your new DNS hosting resource in Azure. It is time to change that. Browse to the control panel of your DNS registrar and log in. Browse through the maze of links until you find the option to manage your name servers. Change the registrar’s default name servers to the four Azure name servers.

Yes – Azure DNS is global and there are just four name servers. These names will use anycast to resolve to the closest replica of your globally replicated DNS zone.

Modifying the name servers for Azure DNS hosting [Image Credit: Aidan Finn]
Modifying the name servers for Azure DNS hosting [Image Credit: Aidan Finn]
Tip: Don’t do this until you have created all the required DNS records in your new DNS zone. It also might take time for the TTL (caching period) of old records to expire and force a re-lookup to your new DNS records in Azure.

And that is it! Now the Internet will start to look to Azure DNS to resolve names in this domain. You can now go through the simple process of creating DNS records in the Azure Portal.

Related Topics:


Don't have a login but want to join the conversation? Sign up for a Petri Account

Comments (0)

Leave a Reply

Aidan Finn, Microsoft Most Valuable Professional (MVP), has been working in IT since 1996. He has worked as a consultant and administrator for the likes of Innofactor Norway, Amdahl DMR, Fujitsu, Barclays and Hypo Real Estate Bank International where he dealt with large and complex IT infrastructures and MicroWarehouse Ltd. where he worked with Microsoft partners in the small/medium business space.
Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: