How can we improve Azure Networking?

Allow modifying NS records in apex of DNS zone

We need to be able to modify the NS records in the apex of a domain hosted by Azure DNS.

In the wake of the DYN DNS DDoS, a lot of large websites are adding multiple independent DNS providers to reduce the impact of a single DNS provider being taken offline.

However, you cannot do this if you use Azure DNS, because Azure does not allow modifying the NS records in the apex of your zone.

Modifying these NS records is possible in Route 53 and Google Cloud DNS, and it is because of the lack of this functionality that we have had to give our DNS business to them.

59 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Mark HendersonMark Henderson shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    1 comment

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Mark HendersonMark Henderson commented  ·   ·  Flag as inappropriate

        To clarify some more: We need to be able to add (and possibly delete) the existing NS records. For Example, if we were to use AWS and Azure as our two DNS Providers, we would need to add the four Azure NS records into the apex of the domain.

        Or, we may choose to use TWO nameservers from Azure and TWO from AWS so that we're not specifying 8 nameservers, so we might need to delete two of the existing records and replace them with AWS records.

        In other words: There should be no special cases around NS records in the apex - we should be able to do anything we need to them.

      Feedback and Knowledge Base