Public DNS

How DNS resolution works (high level)
Why use Azure DNS?
Common record types (quick recap)
Links and references

Public DNS — an overview. This section describes how Azure DNS hosts and responds for public domain names so your services are discoverable across the internet. It focuses on how DNS resolution occurs when you use Azure DNS as the authoritative DNS provider and the common record types you’ll manage. Azure DNS is an authoritative DNS hosting service built on Microsoft’s global DNS infrastructure. When you publish a public DNS zone in Azure, Azure provides the authoritative name servers for that zone and answers queries for the domain’s records from a distributed network of servers.

How DNS resolution works (high level)

A user enters a domain name (for example, www.kodekloud.com) in their browser.
The browser asks a recursive resolver (for example, the ISP resolver or a public resolver like 8.8.8.8) to resolve the domain name.
If the resolver has no cached answer, it queries authoritative name servers for the zone. When the zone is hosted in Azure DNS, the Azure-provided authoritative servers are queried.
Azure’s globally distributed (Anycast) authoritative name servers respond with the requested record (for example, an A record mapping www.kodekloud.com to 172.67.68.105).
The resolver returns the IP address to the client, and the browser connects to the service.

Azure’s authoritative name servers are replicated across regions to provide low-latency, highly available DNS resolution for your domain. Common public DNS record types used in these responses are summarized below.

A diagram illustrating a public DNS query for www.kodekloud.com routed to multiple name servers which returns an IP response (172.67.68.105). It also notes common record types: A/AAAA map domains to IPv4/IPv6 addresses and CNAME is an alias for another domain.

Why use Azure DNS?

Global, low-latency resolution: Azure DNS uses Anycast routing so queries are answered from nearby authoritative servers, reducing lookup latency.
High availability and redundancy: Multiple authoritative servers distributed worldwide provide resilience if some endpoints are unreachable.
Fully managed service: Microsoft operates, patches, and maintains the DNS infrastructure so you don’t need to run DNS servers.
Rich DNS features and records: Support for standard record types (A, AAAA, CNAME, MX, TXT, SRV, NS, SOA) and Azure-specific alias records to integrate with services like Azure Traffic Manager, Application Gateway, and Azure Front Door.
Integrated management: Manage zones and records through the Azure portal, CLI, PowerShell, or ARM templates for automation and scale.

Common record types (quick recap)

Record type	Purpose	Example	Notes
A	Maps a domain to an IPv4 address	`www.kodekloud.com → 172.67.68.105`	Used for IPv4 endpoints
AAAA	Maps a domain to an IPv6 address	`ipv6.example.com → 2001:db8::1`	Used for IPv6 endpoints
CNAME	Alias from one name to another	`app.kodekloud.com → www.kodekloud.com`	Cannot coexist with other records at the same name and not allowed at the zone apex
MX	Mail exchange records for email routing	`mail.kodekloud.com`	Specifies mail servers for the domain
TXT	Arbitrary text for verification and policies	`v=spf1 include:mail.example.com -all`	Used for SPF, DKIM, and other verification
SRV	Service location for protocols	`_sip._tcp.example.com`	Used by services to locate hosts and ports
NS	Delegates a zone to authoritative name servers	`ns1.azure-dns.com`	Set for delegating a domain to Azure DNS
SOA	Start of Authority (zone metadata)	contains zone serial, refresh, retry values	Managed automatically by Azure DNS

Azure DNS is an authoritative DNS hosting service; it does not register domain names. To use Azure DNS for a domain you own, update your domain registrar’s name server (NS) records to delegate the domain to the Azure-provided name servers for your DNS zone.

Using Azure DNS gives you precise control over how your domain resolves globally while relying on Microsoft’s distributed DNS network for performance, availability, and operational management. Following this overview, you can follow a step-by-step walkthrough in the Azure portal to create a public DNS zone and add records, or automate zone management with the Azure CLI, PowerShell, or Infrastructure-as-Code tools.

Links and references

Watch Video

Private DNS Zones

Introduction

Introduction

Configure Internet Access with Azure Virtual NAT

Configure Peering for an Express Route Deployment

Configure Public IP Addresses

Connect Devices to Networks with Point to Site VPN Connections

Connect Networks with Site to Site VPN Connections

Connect Remote Resources by using Azure Virtual WA Ns

Create a Network Virtual Appliance NVA in a Virtual Hub

Deploy Azure D Do S Protection

Deploy and configure Network Security Groups

Design Azure Application Gateway

Design Azure Front Door

Design Name Resolution for Azure Virtual Network

Design an Express Route deployment

Design and Implement Azure Firewall

Design and Implement Azure Load Balancer

Design and Implement Azure VPN Gateway

Design and implement Azure Bastion

Enable Cross V Net Connectivity

Explain Virtual Network Service Endpoints

Explore Azure Express Route

Explore Azure Traffic Manager

Explore Azure Virtual Networks

Explore Load Balancing Options in the Azure

Express Route Advanced Features

Get Network Security Recommendations with Microsoft Defender for Cloud

Implement Virtual Network Traffic Routing

Implement a Web Application Firewall

Monitor your networks using Azure Monitor

Monitor your networks using Azure Network Watcher

Private Link Services and Private Endpoints

Troubleshooting Express Route Connections

Working with Azure Firewall Manager

How DNS resolution works (high level)

Why use Azure DNS?

Common record types (quick recap)

Links and references

Watch Video

Introduction

Configure Internet Access with Azure Virtual NAT

Configure Peering for an Express Route Deployment

Configure Public IP Addresses

Connect Devices to Networks with Point to Site VPN Connections

Connect Networks with Site to Site VPN Connections

Connect Remote Resources by using Azure Virtual WA Ns

Create a Network Virtual Appliance NVA in a Virtual Hub

Deploy Azure D Do S Protection

Deploy and configure Network Security Groups

Design Azure Application Gateway

Design Azure Front Door

Design Name Resolution for Azure Virtual Network

Design an Express Route deployment

Design and Implement Azure Firewall

Design and Implement Azure Load Balancer

Design and Implement Azure VPN Gateway

Design and implement Azure Bastion

Enable Cross V Net Connectivity

Explain Virtual Network Service Endpoints

Explore Azure Express Route

Explore Azure Traffic Manager

Explore Azure Virtual Networks

Explore Load Balancing Options in the Azure

Express Route Advanced Features

Get Network Security Recommendations with Microsoft Defender for Cloud

Implement Virtual Network Traffic Routing

Implement a Web Application Firewall

Monitor your networks using Azure Monitor

Monitor your networks using Azure Network Watcher

Private Link Services and Private Endpoints

Troubleshooting Express Route Connections

Working with Azure Firewall Manager

​How DNS resolution works (high level)

​Why use Azure DNS?

​Common record types (quick recap)

​Links and references

Watch Video

How DNS resolution works (high level)

Why use Azure DNS?

Common record types (quick recap)

Links and references