Great , very informative article.
Referring to the scenario "5 OnPrem -> VPN -> Azure Private Link (Custom DNS)", you mention that by adding the forwarder to the Azure DNS 168.63.129.16, requests to FQDN of sql server should be able to resolve.
However if you review this post https://github.com/dmauser/PrivateLink/tree/master/DNS-Integration-Scenarios#4-on-premises-dns-integration, it mentions that
- we will still need a custom DNS server inside the Azure VNET .
- custom DNS server inside Azure will have a forwarding rule to 168.63.129.16
- The on-prem DNS server will have forwarder to the custom DNS server inside Azure vnet
just checking on what your thoughts are on this and whether just forwarding rule to 168.63.129.16 from on-prem DNS server will work.
Thanks