Azure 应用服务内部 DNS 解析

Question

I have an Azure Web App that communicates with a 3rd party system thru VPN / VNET integration. Part of that communication relies on being able to resolve a DNS name.

When the app is deployed to a virtual machine, we just update the hosts file with an entry like

123.45.67.89 RPGMDR500-0R

and the communication works fine. Because of the way the communication is setup, I cannot just use the IP address in code. In the communication the DNS name is sent back to us and we have to resolve it to that ip address.

Is there a way to do this with just an App Service? Effectively, we want the app to resolve this custom dns name to the ip address.

UPDATE I updated our VNET DNS Servers to use a Virtual Machine setup for DNS.

Using nameresolver, I can see that the DNS is reaching the app service, but only if I specify the DNS IP address. By Default, it is still using a Default Server (which not sure how). (sorry for the blackouts, not sure how sensitive those datas are).

Answer 1

In Azure Web App, you cannot add an entry into the hosts file as it is not allowed.

Before you proceed you may want to check if the web app can do the name resolution in the first place. The Azure Web App has nameresolver.exe built in. You can run the following command:

nameresolver www.facebook.com

You can do name resolution in your code. Here is a discussion thread on stackoverflow: How to get the IP address of the server on which my C# application is running on?

It works using System.Net

string url = "www.facebook.com";
IPAddress[] addressList = Dns.GetHostAddresses(url);

Answer 2

As far as I know, we have no permission to access the disk C in the azure web app.So we couldn't change the hosts file in the azure web app.

Image like below:

Here is a workaround, if you use http to access the vnet, you could change the request host header to change the dns name in the code by using HttpRequestHeaders class.

More details, you could refer to below code sample.

HttpClient client = new HttpClient();
client.BaseAddress = new Uri(@"http://111.111.111.70");
client.DefaultRequestHeaders
      .Accept
      .Add(new MediaTypeWithQualityHeaderValue("application/json"));//ACCEPT header

HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, @"http://111.111.111.70");
request.Headers.Host = "DNS name";

var re=  client.SendAsync(request).Result;

Answer 3

It is a lot of overhead to set it up but you could set up a DNS server in an Azure Virtual Network and then use the VNet Integration feature with your app. Your app would then use the DNS of your VNet which you could configure as you see fit.

Answer 4

Here is documentation for the Azure app service that are accessing the VMs in the network. It is said that you will need dedicated DNS server to be set up if app service and VMs are in different networks.

However I did not tried it and I have heard complains that we don't have this option to sync network using VNET Integration

Answer 5

You can add role DNS server to a Vm in the same vnet the webapp has access to. Set that DNS server up to just forward all requests to the AAD DNS servers in the other vnet.