Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details
  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details
  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details
  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    How can we improve Azure Networking?

    You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

    There are two ways to get more votes:

    • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
    • You can remove your votes from an open idea you support.
    • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
    (thinking…)

    Enter your idea and we'll search to see if someone has already suggested it.

    If a similar idea already exists, you can support and comment on it.

    If it doesn't exist, you can post your idea so others can support it.

    Enter your idea and we'll search to see if someone has already suggested it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. nsupdate

      We need a painless way to update linux systems with the dynamic internal and external IPs of systems. We'd like to use the Azure DNS service. The painless Linux way is using nsupdate.

      Please support allowing us to update entries within our DNS managed domain.

      For security either allow us to upload a public key for use with nuspdate, or generate a key pair and let us download the privay=te key.

      8 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)

      Thank you for the feedback.
      For internal networks, the Azure-provided DNS service already supports dynamic DNS update. However, this service does not enable you to specify your own DNS zone (that’s something we’re already tracking).
      For the external networks, Azure DNS today only supports DNS updates via the Azure Resource Manager REST API (the Portal, PowerShell and CLI experiences sit on top of this API). We will consider whether dynamic DNS should also be supported, based on customer demand.

    2. Add Redis as Traffic Manager Service Type

      Currently the Traffic Manager only supports Service Types of Cloud App and Web App. Would be nice to add other services too such as Redis. The outage in West Europe this week highlighted a number of Azure services that currently cannot be Geo-Redundant

      7 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    3. Allow Private DNS zones to have IP address from a vNet assigned rather than use Azure DNS Its

      This would allow for on-prem resolution for Private DNS. This would avoid having to stand up DNS proxy servers in each vNet all pointing to the same IP address

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    4. Traffic Manager should default to port 443 for HTTPS

      First time configuring Traffic Manager and I pointed it at https but forgot to change the port, took a support call to resolve.

      Suggest that the default port be changed to 443 if you toggle to https, or at least warn that you are on a non-default https port

      6 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    5. Audit logs for DNS record changes

      Multiple people have access to our DNS zones. We would like to know who changed what.

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    6. Traffic Manager Probe Success and Failure Logs

      Currently in the metrics for Traffic Manager, you cannot see a history of when probes passed or failed. You can only see an average of the probes over a period of time.

      Seeing the logs of when probes succeeded and failed for each endpoint could be helpful for troubleshooting. Particularly when you think a failover should have occurred, but it did not.

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      started  ·  0 comments  ·  Domain Name Service (DNS, Traffic Manager)  ·  Flag idea as inappropriate…  ·  Admin →
    7. Support reverse DNS for Azure Container Instance (ACI)

      For my project I'm setting up an Azure Container Instance with a public IP address and FDQN. The docker image used (OWASP ZAP), requires a reverse DNS.

      At this moment a public IP address is not visible in the Azure CLI networking, and this a reverse FDQN cannot be setup and results in the following error;

      PublicIp is trying to use does not belong to subscription yyyyyy. One of the following conditions need to be met to establish ownership: 1) ReverseFqdn matches fqdn of any public ip resource under the subscription; 2) ReverseFqdn resolves to thefqdn (through CName records chain)…

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    8. Traffic Manager Private Endpoints

      For Traffic Manager, allow us to use private endpoints (load-balancer) for fail over. It looks like someone created a work around using Web Apps but would like to have a supported method for RFC1918 addresses.

      https://blogs.msdn.microsoft.com/mihansen/2018/05/24/using-azure-traffic-manager-for-private-endpoint-failover-manual-method/

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    9. Improve Interface / Search for Azure DNS

      Please fix azure DNS interface so that search works without having to click "load more" times until you reach the page with the record on it. We have thousands of records and we cant easily find the ones we need to adjust. This is a major issue for our networking team.

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    10. SQL Managed Instances VNET DNS Queries are not clear and impact Windows VMs on the same VNET

      There is no clarity on how DNS is resolved under a SQL managed instance VNET and the consequential impact on Windows VMs hosted in the same VNET

      5 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    11. Provide traffic manager regions in Africa/South Africa

      Hi,

      You currently have good coverage for external external traffic manager endpoints everywhere except none in Africa. This will result in poor performance for Africa clients even if we put servers all over Africa.

      Do you plan to extend Azure coverage to Africa/South Africa?

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    12. Performance based load balancing should consider application load as an input

      Akamai offers ability to load balance traffic based on the current load of the endpoint. The endpoints return load data via GET or POST to the akamai api. This basically enables customers to get best of both the world's, be able to route traffic to the least latent node and fail over to next latent node if it gets overloaded.

      It can be argued that the node should take itself offline via health probes when it is overloaded, but that's not ideal as it would cause massive traffic swings instead of smoothening out the requests.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    13. Enable validation of DNSSEC domains on Azure recursive resolver service (IP 168.63.129.16)

      The default Azure recursive DNS resolver service on virtual IP 168.63.129.16 does not validate DNSSEC as far as I can tell.

      These days I expect a recursive resolver to enable DNSSEC validation by default.

      Please consider enabling DNSSEC validation in the default Azure Recursive Resolver.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    14. Support Azure Traffic Manager endpoints that are nested and external to allow us to use alias records

      We have an Apex domain that needs to point to Traffic Manager. We use Traffic Manager nested profiles.
      We want to use alias records to point to our DNS alias record to Traffic manager. This requires using external endpoints in traffic manager.
      Problem is that we use nested profiles. It is not possible to create nested external endpoints in traffic manager.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    15. Enable Internal Facing Traffic Manager profile

      As of today, Azure Traffic manager supports only Internet facing applications. However, it does allow routing traffic to external end points (DNS/IP) which could be used to route traffic to on-prem resources.

      It would be an essential feature if we could leverage the same features on a vnet.

      Eg. Route internal traffic to multiple on-prem resources (via Express route) based on the service health check.

      Features to support
      1. Enable Internal facing with custom domains (internal domains) & SSL

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    16. API to retrieve the max number of DNS zones currently configured in each sub

      A support ticket can increase the max number of DNS zones in a subscription (and correspondingly reduce the max number of records in zones then created). The API results for a zone GET includes MaxNumberOfRecords. It would also be useful to be able to retrieve MaxNumberOfZones for the DNS provider in a subscription.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    17. Allow modifying TTL per record instead of per record-set

      Real-world scenarios need different TTL values per record in the same zone. The service currently allows only to define TTL per record-set that is not bad, but not good enough.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    18. Azure DNS should not be listed as globally available

      According to

      https://azure.microsoft.com/en-us/regions/services/

      Azure DNS, as a service, is globally available. However, as stated by a Microsoft support engineer here

      https://social.msdn.microsoft.com/Forums/en-US/a26ca6e1-28a6-44f1-8807-6fdd6bdae66f/

      it isn't. The service availability chart should reflect this.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)

      Thank you for the feedback.

      The intent of the ‘global’ availability for Azure DNS is to indicate that is available as part of the Azure Public cloud, but not tied to any specific region. However, I appreciate that this can easily be misunderstood as meaning the service is available in Azure National Clouds, which it is not (as yet).

      I’ll share your feedback with the page owners.

    19. Traffic manager https

      Why dont subdomains of trafficmanager.net automatically support https? Similar to azurewebsites.net.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
    20. Roelant

      when adding endpoints to the traffic manager, you get all app-services that are available, but in our case, the list is very long, and searching makes it difficult. The list is not sorted, and neither can we filter it.
      Adding a filter would be very helpfull.

      4 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  0 comments  ·  Domain Name Service (DNS, Traffic Manager)  ·  Flag idea as inappropriate…  ·  Admin →
    • Don't see your idea?

    Feedback and Knowledge Base