Search code examples
azurednsazure-front-door

Azure Front Door and DNS Configuration

I'm having issue configuring my DNS to make all traffic routed from the root domain (no www) to the Azure front door. The below is what I have done so far:

  • Create the front door (frontend/backend/routing)
  • On-Board my custom domain (let's say hello.com) on front door

Now as per Microsoft guide I have to add a CNAME record to the DNS hosting provider (domain.com) to route the traffic to front door. But I have been told by domain.com that I cannot have A record and CNAME record named @

So I've found this solution https://learn.microsoft.com/en-gb/azure/frontdoor/front-door-how-to-onboard-apex-domain

Then I have created a DNS Zone on my Azure environment named "hello.com" and followed the guide.

Still I cannot see the traffic going through the front door.

Is that because I have 2 DNS servers? (one hosted on domain.com and another one on Azure)?

Can It be propagation time ?

Also how does azure know that I'm the owner of hello.com domain ?

Solution

  • As the linking document, to onboard a root or apex domain on your Front Door, you could use alias records in Azure DNS.

    There are other DNS providers as well that support CNAME flattening or DNS chasing, however, Azure Front Door recommends using Azure DNS for its customers for hosting their domains.

    If you select to use Azure DNS to host DNS domains, first you need to create an Azure DNS zone (hello.com) in Azure and delegate the domain to Azure DNS via changing the name server records for the domain in your original DNS registrar. You can verify the delegation by using a tool such as nslookup to query the Start of Authority (SOA) record for your zone. It can take up to 72 hours to propagate worldwide, although it typically takes a few hours.

    Then, you can add an alias record for the zone apex in the DNS configuration for the domain to be onboarded. After this, you can add the apex domain name in the custom host name field on the Front Door designer tab.

    To access your backend web app with the custom domain, ensure that you have created appropriate routing rules for your apex domain or added the domain to existing routing rules. Or, you may enable HTTPS on your custom domain.