How to resolve DNS issues with Azure Database for MySQL
Published Feb 23 2024 05:26 PM 2,295 Views
Microsoft

If you’re using Azure Database for MySQL and have encountered issues with name resolution or the Domain Name System (DNS) when attempting to connect to your server from different sources and networks, then this blog post is for you! In the next sections, I’ll explain the causes of these types of issues and what you need to do to resolve them. 

 

What are DNS issues? 

DNS is a service that translates domain names (e.g., servername.mysql.database.azure.com) into IP addresses (e.g., 10.0.0.4) to make it easier for us to identify remember and access websites and servers. 

 

However, at time the DNS service can fail to resolve the domain name to the IP address, or it might resolve it to the wrong IP address. This can result in errors such as “Host not Known” or “Unknown host” when you specify the server name for making connections. 

 

Diagnosing DNS issues 

To diagnose DNS issues, use tools such as Ping or nslookup to verify that the host name is being resolved from the source. To test using ping, for example, on the source, run the following command: 

 

ping servername.mysql.database.azure.com 

 

If the server's name is not resolving, a response similar to the following should appear: 

RaviShankar_0-1706945289306.png

Fig 1: Ping request not returning IP 

 

To test using nslookup, on the source, run the following command: 

 

nslookup servername.mysql.database.azure.com 

 

Again, if the server name is not resolving, a response similar to the following should appear: 

RaviShankar_1-1706945289308.png

Fig 2: nslookup to DNS request not returning IP 

 

If on the other hand the commands return the correct IP address of the server, then the DNS resolution is working properly. If the commands return an error or a different IP address, then there is a DNS issue. 

 

To verify the correct IP address of the server, you can check the Private DNS zone of the Azure Database for MySQL Flexible server. The Private DNS zone is a service that provides name resolution for private endpoints within a virtual network (vNet). You can find the Private DNS zone in the properties of the overview blade of the server, as shown in the following figure: 

 

RaviShankar_2-1706945289309.png

 

Fig 3: Checking the private DNS zone in the Properties of overview blade 

 

In the Private DNS zone, you can see the currently assigned IP address to the MySQL Flexible server, as shown in the following figure: 

 

RaviShankar_3-1706945289310.png

 

Fig 4: Private DNS Zone overview 

 

Resolving DNS issues 

The solution to fix DNS issues depends on the source and the network configuration of the server. In this blog, I will cover two common scenarios: when the source is using the default (Azure-provided) DNS, and when the source is using a custom DNS. 

 

Scenario 1: Source is using the default (Azure-provided) DNS 

The default (Azure-provided) DNS can only be used by sources in Azure that have private endpoint, vNet integration, or have IPs defined from a vNet. If you are using the default DNS and you are getting a DNS issue, you need to check the following: 

 

  • vNet of the source: Check the vNet of the source (also check NIC level configuration in case of Azure VM) and make sure that it is set to Azure-provided DNS. You can check this on the vNet > DNS servers blade, as shown in the following figure: 

RaviShankar_4-1706945289311.png

 

Fig 5: DNS servers blade in virtual network 

 

  • Private DNS zone of the server: Go to the Private DNS zone of the MySQL Flexible server and add the vNet of the source to the Virtual Network Link blade, as shown in the following figure: 

 

RaviShankar_5-1706945289312.png

Fig 6: Adding virtual network link to private DNS zone 

 

After these steps, you should be able to ping and nslookup the server's name from the source and get the correct IP address. 

 

Scenario 2: Source is using a custom DNS 

This is the most commonly used scenario by the users. This pattern can be used in a hub-and-spoke model and also for name resolution from on-premises servers. In this scenario, a custom DNS server is deployed in a hub vNet that is linked to the on-premises DNS server. It can also be deployed without having on-prem connectivity, as shown in the following figure: 

 

RaviShankar_6-1706945289313.png

Fig 7: Network diagram showing access through custom DNS server in Hub and Spoke network. 

 

In this scenario, the MySQL Flexible server is deployed in a delegated subnet in Spoke2. Spoke1, Spoke2, and Spoke3 are connected through the Hub vNet. Spoke1 and Spoke3 have a custom DNS server configured which is deployed in the Hub vNet. Since both spoke vNets (1 and 3) are connected through the Hub vNet, clients can directly connect with the MySQL Flexible server with IP address only and DNS name resolution would not work. 

 

To fix this issue, perform the following steps:

  • Conditional forwarder: Add a conditional forwarder on the custom DNS for mysql.database.azure.com domain. This conditional forwarder must point to the Azure DNS IP address: 168.63.129.16, as shown in the following figure: 

RaviShankar_7-1706945289315.png

 

Fig 8: Adding conditional forwarder for mysql.database.azure.com 

 

  • Virtual network link: You need to add a virtual network link in the Private DNS zone for the custom DNS server’s vNet, as described in the previous scenario. 
  • On-premises DNS: If you have clients on-premises that need to connect to the Flexible server FQDN, then you need to add a conditional forwarder in the on-premises DNS server pointing to the IP address of the custom DNS server in Azure for mysql.database.azure.com. Alternatively, you can use the same custom DNS IP in additional DNS servers on on-premises clients. 

 

Conclusion 

In this blog, I have shown you how to solve DNS issues with Azure Database for MySQL using different DNS scenarios. I hope this helps you to enjoy the benefits of using Azure Database for MySQL for your applications. 

 

We are always interested in how you plan to use Flexible Server deployment options to drive innovation to your business and applications. Additional information on topics discussed above can be found in the following documents: 

 

 

If you have any questions about the detail provided above, please leave a comment below or email us at AskAzureDBforMySQL@service.microsoft.com. Thank you!

 

Version history
Last update:
‎Feb 23 2024 05:25 PM
Updated by: