Setting up DNS in a Hybrid Environment.
Hello Folks, I’m not sure when this became a series, but it’s looking like it’s going to be ongoing. I’m hoping it can give the community a sense of how you can slowly adopt cloud services to enhance your on-prem environment. It started a few weeks ago with the post on how I needed to replace the edge device on my home network. Then I followed up with how I now can use the site-to-site VPN I set up to access (RDP & SSH) all the servers in my environment using the Bastion host on Azure. But I’m at a point where I’ve got demo servers and services on both sides of the VPN. Name resolution is fast becoming an issue. How do I set up a DNS structure to efficiently resolve server IP addresses from an on-premises environment and vice versa without deploying VM-based DNS servers.
Networking Related Commands for Azure App Services
First published on MSDN on Jul 24, 2017 The purpose of this blog is to give a general overview of the available commands to troubleshoot network connectivity issues with web apps, specifically when connecting the web apps to VNETs either in an App Service Environment (ASE) or a standard web app with a Point-to-Site VPN connection.
External private IP addresses registering with DNS server
Hello all, I've been trying to fine-tune our NIDS configuration (which predates my employment here) and more specifically trying to figure out why certain IP addresses/ranges that we don't use, keep appearing in reports/logs. I think I've figured out the root cause, but I'm not sure of the best way to fix it: We have a number of remote users who connect to our network by VPN. As best I can tell, when their laptops connect to the network, they're sending updates to the DNS server running on the DC with both the IP address of their VPN interface (routable on our network) and their private IP address on their home LAN (obviously not routable) - if I do an nslookup on a domain machine, the DC returns two A records, one for each address. This has a slight ripple effect through the network - which manifests mostly with Windows Update Delivery Optimization, where the peer discovery process frequently gets the non-routable private IP somehow and then tries to download Windows updates from it. Long story short: what is the best way to prevent VPN'ed machines from registering external private IP addresses with the DNS server running on the DC?
DNS DOH and DOT Server 2025
Does anyone know if Windows Server 2025 is planning to support native DNS over HTTPS or DNS over TLS? As of now, windows clients can be configured to support this, but MS DNS is not DOH or DOT compliant. I am just wondering if this is being considered or if it is on the roadmap. Thanks!
