Upcoming Changes to Azure Relay IP Addresses and DNS Support

Microsoft

Oct 22, 2025

Azure Relay is an integral part of modern hybrid cloud architectures, enabling seamless connectivity between on-premises and cloud resources. To ensure continued reliability and security, Microsoft is implementing important updates to the IP addresses and DNS naming conventions used by Azure Relay services.

What’s Changing?

As detailed in the changes to IP-addresses for Azure Relay and Azure Relay WCF and Hybrid Connections DNS Support reference blogs, customers should be aware of two primary changes:

IP and Name Transitions:
- The IP addresses and corresponding DNS names for Azure Relay endpoints will change during the transition period.
- For example, g0-prod-bn-vaz0001-sb.servicebus.windows.net can change to gv0-prod-bn-vaz0001-sb.servicebus.windows.net
DNS Support Enhancements:
- Improved DNS support will enhance reliability and future-proof connectivity for both WCF Relay and Hybrid Connections users.

Recommended Actions for Customers

To minimize disruption, it is crucial for users to update their network configurations and firewall rules to accommodate these new IP addresses and DNS names as soon as possible. These will be made available using the below PS1 script -

Update Allow Lists: Ensure that your firewalls and network security groups permit traffic to the new IP ranges and DNS endpoints as specified in the official documentation.
Monitor Transition Phases: Be prepared for two rounds of changes. Apply updates promptly during both the initial and final transitions.

Automating Namespace Information Retrieval

To assist with this transition, Microsoft has updated the PowerShell script for retrieving namespace information, which now reflects the planned changes. You can access the latest script here:

GetNamespaceInfo.ps1 (azure-relay-dotnet/tools) (Instructions on how to use the ps1 script is available in the README)

This script allows you to efficiently check the current configuration of your Azure Relay namespaces and validate connectivity against the updated endpoints.

Sample output


PS D:\AzureVMSSEssentials\Tools\GetNamespaceInfoWithIpRanges> .\GetNamespaceInfo.ps1 <your-relay-namespace>.servicebus.windows.net
  
Namespace        : <your-relay-namespace>.servicebus.windows.net
Deployment       : PROD-BN-VAZ0001
ClusterDNS       : ns-prod-bn-vaz0001.eastus2.cloudapp.azure.com
ClusterRegion    : eastus2
ClusterVIP       : 40.84.75.3
GatewayDnsFormat : g{0}-bn-vaz0001-sb.servicebus.windows.net or gv{0}-bn-vaz0001-sb.servicebus.windows.net
Notes            : Entries with 'FUTURE' IPAddress may be added at a later time as needed
 Current IP Ranges
Name                                              IPAddress
----                                              ---------
g0-bn-vaz0001-sb.servicebus.windows.net   20.36.144.8
g1-bn-vaz0001-sb.servicebus.windows.net   20.36.144.1
g2-bn-vaz0001-sb.servicebus.windows.net   20.36.144.2
g3-bn-vaz0001-sb.servicebus.windows.net   20.36.144.11
g4-bn-vaz0001-sb.servicebus.windows.net   20.36.144.3
g5-bn-vaz0001-sb.servicebus.windows.net   FUTURE
g6-bn-vaz0001-sb.servicebus.windows.net   FUTURE
...
g98-bn-vaz0001-sb.servicebus.windows.net FUTURE
g99-bn-vaz0001-sb.servicebus.windows.net FUTURE

Future IP Ranges for Region:eastus2
addressPrefixes
---------------
135.18.130.0/23
135.18.132.0/26
135.18.132.64/27

Published Oct 22, 2025

Version 1.0

updates

ashish-chhabria

Microsoft

Joined May 03, 2024

View Profile

Messaging on Azure Blog

Follow this blog board to get notified when there's new activity