Networking

The Networking forum covers all aspects of Networking in Azure, including endpoints, load-balancing, network security, DNS, Traffic Manager, virtual networks, and external connectivity.

Virtual Network:

  • Service overview

  • Technical documentation

  • Pricing details

  • Traffic Manager:

  • Service overview

  • Technical documentation

  • Pricing details

  • Network Watcher:

  • Service overview

  • Technical documentation

  • Pricing details

  • If you have any feedback on any aspect of Azure relating to Networking, we’d love to hear it.

    • Hot ideas
    • Top ideas
    • New ideas
    • My feedback
    1. Provide DNS Services for my domains and sub-domains

      DNS is crucial - if it's down, my Azure web roles are down. I don't trust GoDaddy and Verisign with my production DNS, so I either need to have on-premise load balanced DNS servers or pay someone to do it. It would be great if Windows Azure took care of this for me.

      1,500 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      33 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    2. Publish the the list of Traffic Manager Probe IPs

      We have several VMs which provide a service to our web roles. We use traffic manager to loadbalance between these VMs.

      As the the only valid traffic to these VMs is from our webroles, our office or the TM probes, we use windows firewall on the VMs to restrict all other traffic.

      The issue we have is that the traffic manager Probe IPs change on occasion.

      If the list of Probe IPs was published, we could ensure that our FW rules are kept upto date ensuring that TM is doing it's supposed to be doing!

      1,351 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      11 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →

      This feature has been completed. The IP addresses used by the Traffic Manager health checks are now fixed, and can be included in ACLs/firewall whitelists.

      The list of health check IP addresses is published here: https://docs.microsoft.com/en-us/azure/traffic-manager/traffic-manager-monitoring#faq

      For services in Azure, we are planning in future to make it easier to whitelist these IP addresses via a pre-defined NSG rule.

      This feature is available in the Azure Public Cloud. It is not yet deployed to the Azure China Cloud, German Cloud, or FedGov Cloud.

    3. Provide Reverse DNS (PTR records) for Virtual Machines

      Currently, you cannot operate a Microsoft Exchange Server on Windows Azure. Well, you can, but don't expect to be able to send email to anyone on AOL, Comcast, and a multitude of other domains. The reason is that these providers REQUIRE that the sending IP address have a reverse lookup.

      For simplicity (and a quick implementation by Microsoft), I suggest that you simply provide the option for a Reverse lookup or not. So if your VM is named myserver.cloudapp.net, then the reverse lookup on the current IP would return that name.

      Is this something you can do quickly? I'm having…

      1,283 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      87 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    4. Support apex (naked) domains more seamlessly

      Some things work, other things don't. I can setup an apex domain, but to get SSL working on an apex domain in hosted cloud service web role requires tweaking. Traffic manager doesn't work with apex domains.
      Azure needs a DNS service like Amazon's Route 53. (http://aws.amazon.com/route53/)

      827 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      32 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →

      We just announced support for Alias records in Azure DNS public zones. See our blog post here: This is now available with Azure DNS in the form of support for Alias records. See our blog post here: https://azure.microsoft.com/en-us/blog/announcing-alias-records-for-azure-dns/

      You can point to any Public IP-backed resource (such as AppGW) or a Traffic Manager profile (with external endpoints) from your apex (naked) domain.

    5. Azure DNS user friendly Web Interface

      Add a GUI to Azure DNS.

      That is wonderful, we do not have to use competitors' solutions like Route53 for DNS hosting any more, but please add a user-friendly interface to the new Azure DNS service.

      384 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      19 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →

      The UI for the Azure DNS service is now live.

      You can access the UI via https://portal.azure.com. It’s not yet wired up under New > Networking, instead you can create new DNS zones via ‘New’, then search the marketplace for ‘DNS’ (we’ll fix that soon). You can also browse existing DNS zones under ‘Browse >’.

      Any new feature requests should be filed here. Any other feedback about the new UI can be shared at azurednsfeedback@microsoft.com.

    6. Traffic Manager Failover profile alert

      Can you please add alert rule for Azure traffic manager to update the co-admin by sending mail alert whenever there is a down of primary / secondary and switch over?

      Since our customer wants to create alert for this scenario.

      This will greatly relax the customer to sit in a place to watch service changes through mail.

      328 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      19 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    7. Enable split DNS for providing both public and internal name resolution to VMs in the VNET.

      Amazon Route 53 supports split-view DNS, so you can configure public and "PRIVATE" hosted zones to return different external and internal IP addresses for the same domain names.
      i think a similar capability can be very useful also in Azure

      150 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      5 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    8. Traffic Manager Logging & Alerts

      Traffic Manager needs to keep track of past endpoint health failures.
      In addition to this it should be possible to configure alerts about changes to endpoint health.

      107 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      6 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    9. Alias records

      I have a number of DNS records for various webapps in my zone... all of which point to the same host. I understand the limitations CN's, but the convenience of maintaining them is too great.

      My request is to provide an "alias" record, which provides a single record to maintain, but is applied as A/AAAA records.

      The benefit is to bridge CNAME convenience with RFC incompatible goals such as CN apex records.

      104 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      4 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    10. Add more configurability to Traffic Manager monitoring endpoint

      I would like for the monitoring endpoint configuration to support two new options:

      1) How many consecutive times TrafficMgr does not get an http 200 from the endpoint before it deems it down. I have a scenario where I want it to be deemed down immediately after one failure for a quicker failover.
      2) How many consecutive times TrafficMgr receives an http 200 after it has deemed it down before it will deem it up again. I have seen a scenario where table storage (or SQL Azure) is inconsistent (fails one query then succeeds the next, back and forth) and…

      79 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    11. Create private dns zone in virtual network which already has VMs

      Create private dns zone in virtual network which already has VMs. Currently, it's giving below error:

      Virtual networks that are non-empty (have Virtual Machines or other resources) are not allowed during association with a private zone.

      76 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      7 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    12. Allow modifying NS records in apex of DNS zone

      We need to be able to modify the NS records in the apex of a domain hosted by Azure DNS.

      In the wake of the DYN DNS DDoS, a lot of large websites are adding multiple independent DNS providers to reduce the impact of a single DNS provider being taken offline.

      However, you cannot do this if you use Azure DNS, because Azure does not allow modifying the NS records in the apex of your zone.

      Modifying these NS records is possible in Route 53 and Google Cloud DNS, and it is because of the lack of this functionality that…

      76 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →

      Thanks for the feedback. We’ve changed the behaviour in Azure DNS. You can now add or remove additional name server names to the NS record set at the zone apex. This allows you to configure your DNS zone for co-hosting in multiple providers.

      Note that Azure DNS does not currently support zone transfers, hence you will need to make other arrangements to ensure the DNS records are in sync across providers.

      Note also that whilst you can add additional name server names to the NS record set at the zone apex, you cannot remove or edit the pre-populated Azure DNS name server names. I.e. Azure DNS does not currently support ‘vanity’ name servers. The reason for this is to prevent customers taking a direct dependency on the name server IP addresses at this time.

    13. traffic manager support for external endpoints that are IP addresses instead of FQDN

      Support for IPs to be used instead of FQDNs for Azure Traffic Manager external endpoints would reduce the DNS lookup penalty of the external endpoint. Right now 3 DNS lookups are needed: 1, foo.com 2, foo.trafficmanager.net 3, foo-vip.externalendpoint.com

      Supporting foo.trafficmanager.net pointing to the IP for #3 eliminates the DNS lookup for #3 in the example above

      56 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      7 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    14. Add DNS name label to private IPs

      Currently when using Azure provided DNS all VM's are registered automatically using VM name. Unfortunately it's not possible to register other resources like for example load-balancers with private IPs. It would be great to be able to assign dns name to private IPs

      55 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      6 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    15. Azure DNS private zone for non-empty vnets

      allow creating of private zone for non-empty vnet.

      46 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    16. Support Azure Web Sites

      At the moment only cloudapp.net Cloud Services are supported by Traffic Manager. Please add azurewebsites.net Web Sites to the list, too.

      43 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      0 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    17. ARM Template for Traffic Manager

      Make an Azure Resource Manager template available for Traffic Manager that can be utilize this as part of automated resource provisioning.

      39 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    18. Azure DNS Reporting

      I would like to see a simple view that shows me how many request I'm getting to each of my DNS zones hosted in Azure DNS, for the last 24 hours and the last month as an example. There would be so many benefits to this, one being the ability forecast growth patterns in traffic.

      38 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      3 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    19. Generic TCP/UDP protocols for Monitor settings

      Hello,

      I am configuring a generic TCP services with traffic manager. It looks like the service is working perfectly fine and client sessions are directed correctly to the nearest server/azure datacentre; however monitoring of the service seems to be available only for HTTP/HTTPS services.

      This is not going to work for generic TCP services and traffic manager believes that the service is degraded/offline whereas the service is running perfectly fine.
      I highly suggest to make the monitoring of the traffic manager services available for generic TCP/UDP services as well.

      Company: FxPro Financial Services
      Contact Name: Panayiotis Annivas

      37 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      2 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    20. Add support for on-premises resources in Traffic Manager

      The title is self-describing. We need to be able to add non-azure resources to Traffic Manager so we can (A) fallback to on-premises when Azure fails or (B) fallback to Azure when on-premises fails.

      29 votes
      Vote
      Sign in
      (thinking…)
      Sign in with: Microsoft
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      4 comments  ·  DNS  ·  Flag idea as inappropriate…  ·  Admin →
    ← Previous 1
    • Don't see your idea?

    Feedback and Knowledge Base