I have a SQL DB in Azure, defined as Private Link.
Using "sort of" a VPN, my local machine can resolve the private IP to it correctly - nslookup, dig, ping - all work.
nslookup myserver.database.windows.net
Server: 100.100.100.153
Address: 100.100.100.153#53
myserver.database.windows.net canonical name = myserver.privatelink.database.windows.net.
Name: myserver.privatelink.database.windows.net
Address: 10.1.0.4
However, when I try to connect to it via Azure Data Studio, I can see that the connection starts over that PrivateLink, and then I get a TLS Server Hello message with rdnSequence cr3.eastus1-a.control.database.windows.net that pushes the communication to the public IP of the SQL - and that fails (as it should).
If I add a host entry for this cr3.eastus1-a.control.database.windows.net on my proxy ("VPN endpoint"), the connection is successful. I tried a DNS forwarder that will forward to 168.63.129.16 (Azure DNS), but that doesn't change anything.
I have read a bunch of the articles on MSFT, e.g. https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns, but none ended up being helpful.
Any ideas what might be missing here? Thanks.
