Forum Discussion

DK's avatar
DK
Copper Contributor
Mar 19, 2023

create a private zone and link it to a vnet without enabling auto registration?

if you create a private zone and link it to a vnet without enabling auto registration,... do you have to manually create DNS records in the private zone everytime you create a new VM in the VNET that is linked to the private zone?  Is there a situation or reason to create a private zone without linking it to VNET?

  • LainRobertson's avatar
    LainRobertson
    Silver Contributor

    DK 

     

    Yes, you do have to manually create each record in that scenario.

     

    And yes, there are reasons for this related to how one architects their DNS resolution. Whether you specifically have a reason to disable auto-registration, only you could answer that.

     

    To use a very simple hypothetical scenario though, a hybrid client extensively using IaaS and Active Directory may elect to retain Active Directory as their primary DNS service. In this scenario, they may disable auto-registration for some or all relevant Azure private DNS zones since they might prefer their IaaS clients to only register in Active Directory DNS.

     

    This is just one of many scenarios though.

     

    As to your second question on whether there is a point to creating a private DNS zone that is not linked to a VNet: yes, there is.

     

    A DNS zone can hold all sorts of records and they don't have to relate to your Azure or on-premise infrastructure. It's nothing more than an electronic phone directory, meaning it's quite valid to have a standalone zone not connected to a VNet for the purposes of looking up all manner of internally- or externally-located resources (which you'd be in the position of having to manually maintain.)

     

    As with auto-registration though, whether you have a use case for a detached private DNS zone is only something you could answer.

     

    Cheers,

    Lain

Resources