Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Avoiding subdomain takeover

      The main concern is that when creating an Azure resource, attaching it to a subdomain in our DNS, and then later deleting that same Azure resource, we must never forget to delete the corresponding subdomain in our DNS because otherwise, since the affinity between Azure and the subdomain is still present, someone can create an Azure resource with the same name as one of our forgotten subdomains and use it to its own advantage.

      I understand that this is the way it works in Azure, but some resources in AWS work with generated CNAME, which is automatically deleted when the…

      24 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    2. Azure Private DNS Zone resolution from OnPremise

      Make it possible to enable the Name Resolution from onpremise if i have an azure private dns Zone.

      It should be possible to make an Forward from onpremise dns to an azure private dns Zone.

      498 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      planned  ·  20 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    3. Zone transfer of zones hosted on Azure Private DNS

      Need to extract the DNS zone hosted in Azure Private DNS via zone transfer to be able to ***** it to DNS server on premise.
      Today that functionality exists on a the public Azure DNS but not when using it as a Private DNS within a VNET.

      Large companies have large internal DNS implementations and without this function it really limits our possibility to use Azure DNS and to incorporate it into the existing internal DNS design.

      11 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    4. Azure DNS query log

      Hi,

      I would like to request Azure DNS Query Log. This will help us identify traffic hitting record name in the dns zone.

      Possible Log Sample

      Time-Stamp,SourceIP,RecondType,RecordName

      298 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      under review  ·  2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    5. DNS BUG! servers should be located in more than one AS

      Go to https://zonemaster.net/domain_check

      Azure.com as example: https://zonemaster.net/result/6d710df34ffad843

      Getting warnings

      18 CONNECTIVITY WARNING All nameservers in the delegation have IPv4 addresses in the same AS (8068).
      19 CONNECTIVITY WARNING All nameservers in the delegation have IPv6 addresses in the same AS (8075).

      In most cases this is not an issue, however this should be fixed, and while at it, integrate the zonemaster checks into the Azure UI.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    6. Allow custom or higher TTL for Auto Registered records

      Currently Auto Registered records have a default value of 10 seconds. The only way to to change that is overwriting the record but we lose the automatic updates from VMs. I'd like to see the ability to either customize the TTL on Auto Registered records or be given a higher TTL value of at least 30 minutes

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    7. Traffic Manager Private Endpoints

      For Traffic Manager, allow us to use private endpoints (load-balancer) for fail over. It looks like someone created a work around using Web Apps but would like to have a supported method for RFC1918 addresses.

      https://blogs.msdn.microsoft.com/mihansen/2018/05/24/using-azure-traffic-manager-for-private-endpoint-failover-manual-method/

      91 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    8. Export private DNS zones

      Please extend the import/export of DNS zones also to private DNS zones. At the moment only import/export is possible with regular DNS as stated here:
      https://docs.microsoft.com/bs-latn-ba/azure/dns/dns-import-export

      Import/export of private zones via CLI/powershell/Python SDK would be also helpful.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    9. 3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    10. Update the powershell commands to allow DNS backup

      Update the powershell DNS commands to allow backups. The current limitation of Azure CLI does not allow for runbooks to automate the backup of DNS records

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    11. Microsoft could be a provider of domain registrations.

      Currently we use Registro.br, Godaddy, 101Domain, Amazon Route 53, Google Domains among others for domain registrations. Microsoft could be a provider of domain registrations. It would be another service that would add to the cloud services already offered by Microsoft. Having everything centralized would be ideal, all in one invoice and customer loyalty.

      26 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    12. Allow the creation of null MX records for domains that accept no mail

      As per RFC7505, allow the creation of a NULL MX record by entering a single period '.' for the MX Record's Mail Exchange field.

      Currently, attempting to create one raises the following error: "Each label must contain at least one character. You may not input consecutive period '.' characters"

      18 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    13. DNSSEC support on Azure DNS servers

      DNSSEC support on Azure DNS servers

      16 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    14. set ttl value for azure cli "az network dns zone import"

      To modify the default ttl value provided by the exported zone. I'd like an additional paramter for the azure cli command "az network dns zone import" for a custom ttl

      3 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    15. Allow creating multiple TXT records at the root of the domain

      I have customers that have multiple TXT records at the root of their domain with their current DNS provider. This is not possible in Azure. Hence we cannot move their DNS to Azure. Please make this possible.

      8 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    16. Tags for DNS Record - with space in Tagname

      Public DNS Records currently don't allow Tagnames containing space character - we checkt this in support case 119072222001569. As far as we know all other Provider do support this. Please add this to DNS Record as well so that we have the same Tagging cababilities with all Resource Providers.

      8 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      triaged  ·  0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    17. Allow Private DNS zones to have IP address from a vNet assigned rather than use Azure DNS Its

      This would allow for on-prem resolution for Private DNS. This would avoid having to stand up DNS proxy servers in each vNet all pointing to the same IP address

      27 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    18. Need DNS logs

      I cannot believe this has not been requested before. We need access to logs in order to understand why there are sudden spikes in traffic. When hacker perform reconnaissance, they cruise through the DNS space looking for targets like admin.domain .com.

      Microsoft will not release logs that we pay for. Incredible.

      1 vote
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    19. Support SSHFP records in Azure DNS zones

      Since Windows now supports OpenSSH natively, as well as Linux and other clients/servers on the same network, supporting this standard for server authentication seems like an obvious win.

      10 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    20. Enable Internal Facing Traffic Manager profile

      As of today, Azure Traffic manager supports only Internet facing applications. However, it does allow routing traffic to external end points (DNS/IP) which could be used to route traffic to on-prem resources.

      It would be an essential feature if we could leverage the same features on a vnet.

      Eg. Route internal traffic to multiple on-prem resources (via Express route) based on the service health check.

      Features to support
      1. Enable Internal facing with custom domains (internal domains) & SSL

      16 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1 3 4 5 6
    • Don't see your idea?

    Feedback and Knowledge Base