Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you are unable to resolve Private DNS Zone records from a remote device connected via P2S.
This is an expected behavior.
P2S and S2S Connected devices would not have the knowledge of Private DNS Zone records, and thus the resolution would fail.
If you would like to provide DNS resolution for records contained in Private DNS Zone,
- Consider using Azure DNS Private Resolver or a VM acting as DNS Server in the Hub VNET (for both S2S and P2S)
-
- Refer to the highlighted section from the above diagram
- You should take care of your OnPrem (in your case, AWS VPC) forwarding the DNS requests to the Inbound EndPoint of Private DNS Resolver in case of S2S
- For P2S , you can consider adding DNS suffixes and custom DNS servers into the P2S Configuration file.
- The DNS Suffix should be the private DNS Zone name
- And custom DNS Server should be the InBound EndPoint.
You can find a similar environment here : Azure Private Resolver with on-premises DNS forwarder
- While this architecture highlights private endPoints and their Private DNS Zones
- The same configuration can be applies for any Private DNS Zone that needs to be resolved from OnPrem via S2S or P2S.
Please let us know if we can be of any further assistance here.
Thanks,
Kapil
Please Accept an answer if correct.
Original posters help the community find answers faster by identifying the correct answer.