Azure DNS

Azure DNS: A Comprehensive Guide

{'exam_tips': "When answering questions on Azure DNS in the exam, consider the following:
- *Understand the different record types* and their use cases (A, CNAME, MX, TXT, SRV, AAAA).
- Recognize the *benefits of using Azure DNS* (High Availability, Scalability, Integration with Azure services).
- Know the difference between *Public and Private DNS Zones* and their respective use cases.
- Understand the role of *DNSSEC* in securing DNS records.
- Comprehend *Alias Records* and when it is better to use them: targeting Azure resources, they keep dns records dynamic and updated at all times.
- Be aware of basic PowerShell or Azure CLI commands for managing DNS zones and records.
- Differentiate when to use a *CNAME versus an Alias Record*. CNAMEs can't be used at the zone apex whereas Alias Records can.

*Example Question:* You need to ensure that your web application hosted on an Azure VM is accessible using a custom domain name, and the DNS records update automatically when the IP address of the VM changes. What should you do?
*Correct Answer:* Create an Azure DNS zone for your domain and create an *Alias Record* pointting to the public IP of the virtual machine.", 'importance': 'Azure DNS is a crucial service for resolving domain names to IP addresses within the Azure ecosystem and beyond. ***It provides a highly available and scalable authoritative DNS service***, enabling you to manage your DNS records using the same credentials, billing, and support contract as your other Azure services. Without a functional DNS, users would have to remember and type IP addresses instead of friendly domain names.', 'how_it_works': "When someone attempts to access your application or services using a domain name, the following steps occur:
1. The user's device queries a recursive DNS resolver (often provided by their ISP).
2. The recursive resolver queries the root DNS servers to find the authoritative DNS servers for the top-level domain (TLD) (e.g., .com, .net, .org).
3. The recursive resolver queries the authoritative DNS servers for your domain (which, in this case, are hosted in Azure DNS).
4. Azure DNS responds with the IP address or other record associated with the requested domain name.
5. The recursive resolver returns the IP address to the user's device.
6. The user's device connects to the server (e.g., web server) at the specified IP address.

*Azure DNS zones* contain DNS records. Common record types include *A records* (mapping hostnames to IPv4 addresses) and *CNAME records*(creating aliases for other DNS records). For IPv6, you have *AAAA records*. You can also create *MX records* (specifying mail servers), *TXT records* (containing arbitrary text), and *SRV records* (defining the location of services).

*Azure Private DNS* allows resolution within a specific Virtual Network without requiring external DNS resolution.", 'what_is_azure_dns': "Azure DNS is a *hosting service* for DNS domains that provides name resolution by using the Microsoft Azure infrastructure. By hosting your domains in Azure, you can *manage your DNS records* using the same APIs, tools, and billing as your other Azure services.

Key features of Azure DNS include:
- *Global network:* Azure DNS leverages Azure's global network of DNS servers to provide high availability and low latency.
- *Integration with Azure services:* Seamlessly integrates with other Azure services like Virtual Machines, App Service, and Traffic Manager.
- *Private DNS Zones:* Allows creation of private DNS zones to resolve names within a virtual network.
- *DNSSEC support:* Supports DNSSEC to protect against DNS spoofing and cache poisoning attacks.
- *Alias Records:* Supports Alias records targeting Azure resources like Public IPs, Traffic Manager profiles or Content Delivery Networks, which keep records dynamic and automatically updated to prevent orphaned records.
- *Cost efficient:* Billed based on the number of DNS zones hosted and the number of DNS queries received."}