Configuring the new ILB ASE v2’s DNS records on Azure Private DNS.

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.

With the release of the new ILB ASE v2 (appservicenvironment.net), it's a common ask from customers to configure an Azure Private DNS to manage the ILB ASE's DNS records.

I'll describe step-by-step how to create each record listed under the DNS configuration section of the Create and use an Internal Load Balancer App Service Environment document.

It's important to note that records on Azure Private DNS Zones will only be resolvable by resources inside the VNet(s) to which the Zone has been linked to. Consider this if you have resources that cannot use this Azure Private DNS Zone (like on-prem resources).

Create a zone for <ASE name>.appserviceenvironment.net

 

1. In the Azure Portal, click in the portal search bar, type private dns zones in the search text box and press EnterThis will start the Create Private DNS zone experience.

clipboard_image_0.png

2. Select the Subscription that contains your ILB ASE's VNet.

3. Create or select an existing Resource Group.

4. In Name under Instance details type <ASE name>.appserviceenvironment.net

5. In Resource group location select the same location as your ILB ASE's VNet.

6. Click Review + create and then Create.

7. Once the deployment finishes click in Go to resource.

 

Create an A record in that zone that points * to the ILB IP address

 

8. In your Azure Private DNS Zone, click in +Record set

clipboard_image_0.png

9. Fill out the following information and then click OK:

Name: *

Type: A

IP address: <ILB IP address>
Note: You can find this under your ILB ASE's IP address blade, listed as Internal Load Balancer IP address. In my case my ILB ASE's IP is 172.20.0.11:

clipboard_image_1.png

 

Create an A record in that zone that points @ to the ILB IP address

 

10. Click on + Record set

11. Fill out the following information and then click OK:

Name: @

Type: A
IP address: <ILB IP address>
This is the same IP address used in Step 9.

clipboard_image_0.png

 

Create a zone in <ASE name>.appserviceenvironment.net named scm

 

12. The article says "create a zone in" which will correspond to a subdomain, but since Azure Private DNS Zone doesn't seem to have an option to create a subdomain this means either creating a separate zone called scm.<ASE name>.appserviceenvironment.net (more expensive) or simply creating a wildcard record for *.scm. We'll explain how to do the latter.

 

Create an A record in the scm zone that points * to the ILB IP address.

 

13. In your Azure Private DNS Zone, click in +Record set

clipboard_image_0.png

14. Fill out the following information and then click OK:

Name: *.scm

Type: A

IP address: <ILB IP address>
This is the same IP address as in Step 9.

clipboard_image_0.png

 

Assign the Azure Private DNS zone to the ILB ASE's VNet

15. Click in Virtual network links

clipboard_image_0.png

16. Click Add+

17. Fill out the following information and then click Ok:

Link name: <Any name> There's no requirement as to what name to use but I recommend using a descriptive name something like <VNet name>-PrivateDNS-Link

Subscription: Select the subscription that contains the ASE's VNet

Virtual network: Select the ASE's VNet

clipboard_image_0.png

18. After it finishes adding it, you should be able to see the link under Virtual network links.

clipboard_image_1.png

Now Web Apps running on this ASE or Azure VMs on this VNet, should be able to resolve any Web App name or kudu console (SCM) created on this ASE.

The ILB ASE's IP address won't change unless the ASE is suspended, so you shouldn't need to modify these records in the future.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.