Export (0) Print
Expand All

Name Resolution (DNS)

Updated: January 21, 2014

In order to refer to virtual machines and role instances within a cloud service by hostname directly, Windows Azure provides a name resolution service. This service is used for internal hostname resolution within a cloud service. The name resolution service that is provided by Windows Azure is a completely separate service from that which is used to access your public endpoints on the Internet.

Before deploying role instances or virtual machines, you must consider how you want name resolution to be handled. There are two options available. You can either use internal name resolution provided by Windows Azure, or you can choose to specify a DNS server that is not maintained by Windows Azure. Not all configuration options are available for every deployment type. Carefully consider your deployment scenario before making this choice.

For detailed information about the name resolution that Windows Azure provides, see Windows Azure-provided name resolution. For detailed information about using your own DNS solution, see Name resolution using your own DNS server.

The following table illustrates scenarios and corresponding name resolution solutions:

 

Scenario Name resolution provided by: For more information see:

Name resolution between role instances located in the same cloud service

Windows Azure name resolution (internal)

Name resolution between virtual machines located in the same cloud service

Windows Azure name resolution (internal)

Name resolution between virtual machines located in the same virtual network

Windows Azure name resolution (internal)

Name resolution between virtual machines and role instances located in the same virtual network, but different cloud services

Windows Azure name resolution (internal)

Name resolution between virtual machines and role instances located in the same cloud service, not in a Windows Azure Virtual Network

Not applicable. Virtual machines and role instances cannot be deployed in the same cloud service.

Not applicable.

Name resolution between role instances located in different cloud services, not in a Windows Azure Virtual Network

Not applicable. Connectivity between virtual machines and role instances in different cloud services is not supported outside a virtual network.

Not applicable.

Name resolution between virtual machines located in the same Windows Azure Virtual Network

DNS solution of your choice (not Windows Azure-provided)

For resolution using FQDN, you can use Windows Azure name resolution for the first 100 cloud services in the virtual network

Cross-premises: Name resolution between role instances or virtual machines in Windows Azure and on-premises computers

DNS solution of your choice (not Windows Azure-provided)

Cross-premises: Name resolution between on-premises computers and role instances or virtual machines in Windows Azure

DNS solution of your choice (not Windows Azure-provided)

Use name resolution to direct traffic between datacenters

Traffic Manager

Name resolution between computers on the internet and your public endpoints

Windows Azure name resolution (external)

This solution is not covered in the context of this topic.

Windows Azure-provided name resolution provides hostname resolution for virtual machines and role instances that reside in the same cloud service. This service is separate from the service that handles externally facing publicly accessible names.

Although Windows Azure-provided name resolution requires very little configuration, it is not the appropriate choice for all deployments. If your network requires name resolution across cloud services, you’ll need to use your own DNS server. For example, if you have two virtual machines located on the same virtual network, you will need to use your own DNS server solution in order for them to communicate directly by hostname. If you require cross-premises name resolution, or if you want to register additional DNS records of your own, you will need to use your own DNS solution and not the Windows Azure-provided solution. For additional details, see the Features and Considerations.

noteNote
In the case of web and worker roles, you can also access the internal IP addresses of role instances based on the role name and instance number using the Windows Azure runtime API. For more information, see Windows Azure Managed Library Reference and How to Define Internal Endpoints for a Role.


Features:

  • Ease of use: Little or no configuration is required in order to use the Windows Azure-provided DNS service.

  • Hostname resolution is provided between role instances within the same cloud service.

  • Hostname resolution is provided between VMs within the same cloud service.

  • Name resolution is provided between VMs located on the same virtual network, but in different cloud services. (FQDN)

  • You can create the hostnames that will best describe your deployments, rather than working with auto-generated names.

  • Standard DNS lookups are supported.

Considerations:

  • Name resolution between virtual networks is not available.

  • Use of multiple hostnames for the same virtual machine or role instance is not supported.

  • Cross-premises name resolution is not available.

  • Reverse lookups (PTR) records are not available.

  • The Windows Azure-created DNS suffix cannot be modified.

  • You cannot manually register your own records in Windows Azure-provided DNS.

  • WINS and NetBIOS are not supported. (You cannot list your virtual machines in the network browser in Windows Explorer.)

  • Hostnames must be DNS-compatible (They must use only 0-9, a-z and ‘-‘, and cannot start or end with a ‘-‘. See RFC 3696 section 2.)

  • DNS query traffic is throttled per VM. If your application performs frequent DNS queries on multiple target names, it is possible that some queries may time out. A possible workaround is to reduce DNS query traffic from each VM and then retry the lookup.

If your name resolution requirements go beyond the features available from the Windows Azure-provided DNS server, you have the option of using your own DNS server.

noteNote
You may choose to specify a DNS server that is provided by a third-party. An external solution may not support your virtual machines or role instances. In most cases, an external solution should be avoided except for specific situations where you only need name resolution of external DNS names.

If you plan to use name resolution that is not provided by Windows Azure, the DNS server that you specify must support the following:

  • The DNS server must accept dynamic DNS registration via Dynamic DNS (DDNS).

  • The DNS server must have record scavenging turned off. Windows Azure IP addresses have long leases, which can result in the removal of records on the DNS server during scavenging.

  • The DNS server must have recursion enabled.

  • The DNS server must be accessible (on TCP/UDP port 53) by the clients requesting name resolution and by the services and virtual machines that will register their names.

It’s important to understand that DNS server lists do not work round-robin. DNS servers will be used in the order that they are specified. If the first DNS server on the list can be reached, the client will use that DNS server regardless of whether the DNS server is functioning properly or not. For this reason, verify that you have your DNS servers listed in the correct order for your environment.

If you used the Management Portal or a Network Configuration file to create your virtual network and you want to edit the DNS settings that you specified, after you make the changes to the virtual network, you must then restart each virtual machine. Restarting the virtual machine allows it to register the new DNS settings. If you don’t restart your virtual machines, they will continue to use the DNS server settings that were in effect before you made the changes.

The Windows Azure Management Portal can be used to configure DNS settings when you create a virtual network. When you create a virtual network by using the Management Portal, you are using the portal to create a Network Configuration file, although you do not see the file unless you export it. If you prefer to work with the Network Configuration file directly (not in the Management Portal), you may want to create your initial virtual network in the Management Portal and then export the file to use as a virtual network file template.

When you create your virtual network by using the Management Portal, you can specify the IP address and name of the DNS server (or servers) that you want to use. Once the virtual network has been created, the virtual machines and roles that you deploy to the virtual network are automatically configured with your specified DNS settings. For more information about configuring settings for Windows Azure Virtual Network, see About Configuring a Virtual Network in the Management Portal.

You can specify DNS servers by using configuration files when you create Windows Azure Virtual Network, or when you deploy roles. There are two different files in which you can specify a DNS server: the Network Configuration file and the Service Configuration file. Select the appropriate configuration file based on your name resolution needs.

For example, to create and configure a virtual network, you will probably want to use the Network Configuration file. When you specify DNS settings in the Network Configuration file, any roles or virtual machines that you then deploy to the virtual network will automatically be configured with those DNS settings.

If you do not plan to use a virtual network, or are using a virtual network and want to specify different DNS settings for a particular cloud service within that network, you would specify those settings in the Service Configuration file. Settings in the Service Configuration file take precedence over settings in the Network Configuration file.

If you plan to create a virtual network, you can specify the DNS server settings in the Network Configuration file. Once the virtual network has been created, the virtual machines or role instances that you deploy to that virtual network will be automatically configured with the DNS. For more information about the Network Configuration file, see Windows Azurev Virtual Network Configuration Schema and Configure a Virtual Network by Using Network Configuration Files.

noteNote
In order to specify this setting for the Virtual Network Sites element, it must be first defined in the DNS element of the Network Configuration file. The DnsServerRef name in the Virtual Network Sites element must refer to a name value specified in the DNS element for DnsServer name.

If you do not plan to use a virtual network, or are using a virtual network and want to specify different DNS settings for a particular cloud service within the virtual network, you would specify those settings in the Service Configuration file. Settings in the Service Configuration file take precedence over settings in the Network Configuration file. You can also use the Service Configuration file to modify DNS server settings for web and worker roles.

For more information about the Service Configuration file, see Windows Azure Service Configuration Schema.

See Also

Show:
© 2014 Microsoft