![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 46%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAC%3C/text%3E%3C/svg%3E)
Azure Site Recovery
An Azure native disaster recovery service. Previously known as Microsoft Azure Hyper-V Recovery Manager.
For VMware/physical machines with Azure Site Recovery using private endpoints, the behavior depends on whether the classic (configuration server) or modernized architecture is used.
- MySQL requirement and modernized architecture
- The referenced article describes the classic model that uses a Configuration Server/Process Server on-premises.
- In that classic model, MySQL is required on the configuration server (as per the document referenced in the context).
- For the modernized architecture for VMware/physical machines, the document explicitly calls out a separate private DNS zone for:
-
privatelink.prod.migration.windowsazure.com, used by Site Recovery to perform discovery of the on-premises environment.
-
- The context provided does not state that MySQL is required for the modernized ASR appliance; it only mentions MySQL in the classic configuration-server scenario. No additional MySQL requirement for the modernized appliance is documented in the provided context.
- Domain join requirement for the ASR appliance
- The context does not state that the ASR appliance (or configuration server) must be joined to an Active Directory domain.
- DNS integration for private endpoints is handled via Azure Private DNS zones and virtual network links, not by requiring domain join. The key requirement is that the appliance/Process Server/Hyper-V provider can resolve the private endpoint FQDNs to the private IPs.
- DNS resolution for private endpoints
a. Private DNS zones for Site Recovery
- For on-premises machines using private endpoints, the guidance is:
- Create a private DNS zone named:
-
privatelink.siterecovery.windowsazure.com
-
- If using modernized architecture for VMware/physical machines, also create:
-
privatelink.prod.migration.windowsazure.com
-
- Link these private DNS zones to the bypass VNet.
- Ensure A records are created for each FQDN that appears on the Site Recovery private endpoint:
- Pattern:
{Vault-ID}-asr-pod01-{type}.{target-geo-code}.privatelink.siterecovery.windowsazure.com
- Pattern:
- For modernized VMware/physical protection, also ensure DNS records for
privatelink.prod.migration.windowsazure.comas indicated.
- Create a private DNS zone named:
b. Automatic vs manual DNS integration
- When creating the private endpoint for the vault:
- If Integrate with private DNS zone is set to Yes, Azure automatically:
- Creates/links the private DNS zone to the bypass VNet.
- Adds the required A records for the private endpoint FQDNs.
- If Integrate with private DNS zone is set to Yes, Azure automatically:
- If DNS zones are created manually:
- Must manually add A records for each FQDN and private IP from the private endpoint.
- After enabling replication, two additional FQDNs are added to the private endpoint; corresponding A records must also be added.
- On-premises DNS configuration and conditional forwarders
- The document’s pattern for Site Recovery private endpoints is:
-
{Vault-ID}-asr-pod01-{type}.{target-geo-code}.privatelink.siterecovery.windowsazure.com
-
- For modernized VMware/physical protection, an additional zone is required:
-
privatelink.prod.migration.windowsazure.com
-
- The context does not mention
.blob.core.windows.netorprivatelink.blob.core.windows.netas required for Site Recovery private endpoints in this scenario. - For ASR with private endpoints, the relevant private-link DNS zones in the provided context are:
-
privatelink.siterecovery.windowsazure.com -
privatelink.prod.migration.windowsazure.com(modernized VMware/physical)
-
- Conditional forwarders on on-premises DNS should therefore be configured to forward queries for these private-link zones to the DNS that can resolve the Azure Private DNS zones (typically the DNS in the bypass VNet or a custom DNS server that can reach them).
- Summary for the specific questions
- MySQL on configuration server:
- Required in the classic configuration-server model as per the referenced article.
- No MySQL requirement for the modernized VMware/physical ASR appliance is documented in the provided context.
- Domain join for ASR appliance:
- Not documented as a requirement in the provided context. DNS resolution is handled via private DNS zones and network links, not by domain membership.
- DNS/conditional forwarders:
- For private endpoints, ensure DNS resolution for:
-
privatelink.siterecovery.windowsazure.com -
privatelink.prod.migration.windowsazure.com(modernized VMware/physical)
-
- The context does not state a requirement to forward or configure
privatelink.blob.core.windows.netfor ASR private endpoints.
- For private endpoints, ensure DNS resolution for:
References: