Cross tenant database migration - mysql flexible server

Question

Cross tenant database migration - mysql flexible server

Vincent Kiti 0

I am attempting to migrate at least 20 terabytes of data for my reporting db and 309 gb of data for my transaction db, both the source and target databases are in azure two different tenants configured using virtual network. I try to setup DMS to handle the transaction db, began by doing a vnet peering on both VNets (source and target) after that i deploy dms in my target, when i create a new migration project and try to access the source, i get the error: "id": 1,

"level": "Scenario TransientError",

"message": "The server: 'mysql-rpt-flexible-prod' is retrying a transient error during activity: 4c4c70a0-f3ef-471b-af56-9eeb66395b62.\r\n\tConnection failed.\r\n\t\tUnable to connect to any of the specified MySQL hosts." Kindly advise on series of steps to take to resolve this and what approach would be efficient for my reporting db given it has over 20 terabytes of data, thank you.

Moderator: Moved from Developer technologies | Transact-SQL

Vincent Kiti 0 Reputation points

2026-04-30T14:18:49.5033333+00:00

The last resource link is restricted, i have sent a couple of messages to @SAI JAGADEESH KUDIPUDI to grant me access but i have not received your response yet, i wanted to reference your document on cross tenant migration, nothing much, i would appreciate if you grant me access, thank you. here is the link to the document: https://microsoft.sharepoint.com/teams/AzureLinuxProvisioning/_layouts/15/Doc.aspx?sourcedoc=%7BAF434C4F-EB2E-43C6-9D26-2F7267D39A42%7D&file=Cross-Tenant%20Interactions%20Implementation%20Guide.docx&action=default&mobileredirect=true&DefaultItemOpen=1
Pilladi Padma Sai Manisha 7,710 Reputation points Microsoft External Staff Moderator

2026-05-05T04:08:13.7333333+00:00

Hi Vincent Kiti,
Thanks for the update . The document you shared is an internal SharePoint file, so access can only be granted by the owner or their team,I don’t have visibility to enable access from here. You can continue following up with them, but you don’t need that document to proceed.

The error from Azure Database Migration Service means it can’t reach your source Azure Database for MySQL Flexible Server. In cross-tenant setups, this is most often due to DNS not resolving across VNets, even if peering is in place.

Please check from a VM in the DMS subnet whether the MySQL FQDN resolves to a private IP. If not, you’ll need to link the private DNS zone (privatelink.mysql.database.azure.com) to both VNets or configure DNS forwarding. Also ensure peering allows forwarded traffic and port 3306 is not blocked.

For your 20 TB database, consider using a bulk load tool (like mydumper/myloader) first, then replication or DMS for sync.

Docs for reference:

https://learn.microsoft.com/azure/dms/tutorial-mysql-azure-mysql-offline-portal https://learn.microsoft.com/azure/mysql/flexible-server/concepts-networking https://learn.microsoft.com/azure/private-link/private-endpoint-dns

Once DNS and connectivity are fixed, the issue should be resolved.
Pilladi Padma Sai Manisha 7,710 Reputation points Microsoft External Staff Moderator

2026-05-06T05:17:39.7733333+00:00

Hi Vincent Kiti,
I hope you had a chance to review the information shared earlier, and I hope this information has been helpful! If you still have questions, please let us know what is needed in the comments so the question can be answered.
Vincent Kiti 0 Reputation points

2026-05-06T07:51:59.5766667+00:00

Alright, thank you...i will try figure it out by myself

2 answers

Your answer

Vincent Kiti 0 Reputation points

2026-04-30T14:18:49.5033333+00:00

The last resource link is restricted, i have sent a couple of messages to @SAI JAGADEESH KUDIPUDI to grant me access but i have not received your response yet, i wanted to reference your document on cross tenant migration, nothing much, i would appreciate if you grant me access, thank you. here is the link to the document: https://microsoft.sharepoint.com/teams/AzureLinuxProvisioning/_layouts/15/Doc.aspx?sourcedoc=%7BAF434C4F-EB2E-43C6-9D26-2F7267D39A42%7D&file=Cross-Tenant%20Interactions%20Implementation%20Guide.docx&action=default&mobileredirect=true&DefaultItemOpen=1
Pilladi Padma Sai Manisha 7,710 Reputation points Microsoft External Staff Moderator

2026-05-05T04:08:13.7333333+00:00

Hi Vincent Kiti,
Thanks for the update . The document you shared is an internal SharePoint file, so access can only be granted by the owner or their team,I don’t have visibility to enable access from here. You can continue following up with them, but you don’t need that document to proceed.

The error from Azure Database Migration Service means it can’t reach your source Azure Database for MySQL Flexible Server. In cross-tenant setups, this is most often due to DNS not resolving across VNets, even if peering is in place.

Please check from a VM in the DMS subnet whether the MySQL FQDN resolves to a private IP. If not, you’ll need to link the private DNS zone (privatelink.mysql.database.azure.com) to both VNets or configure DNS forwarding. Also ensure peering allows forwarded traffic and port 3306 is not blocked.

For your 20 TB database, consider using a bulk load tool (like mydumper/myloader) first, then replication or DMS for sync.

Docs for reference:

https://learn.microsoft.com/azure/dms/tutorial-mysql-azure-mysql-offline-portal https://learn.microsoft.com/azure/mysql/flexible-server/concepts-networking https://learn.microsoft.com/azure/private-link/private-endpoint-dns

Once DNS and connectivity are fixed, the issue should be resolved.
Pilladi Padma Sai Manisha 7,710 Reputation points Microsoft External Staff Moderator

2026-05-06T05:17:39.7733333+00:00

Hi Vincent Kiti,
I hope you had a chance to review the information shared earlier, and I hope this information has been helpful! If you still have questions, please let us know what is needed in the comments so the question can be answered.
Vincent Kiti 0 Reputation points

2026-05-06T07:51:59.5766667+00:00

Alright, thank you...i will try figure it out by myself

Answer 1

Hi Vincent Kiti,

Thank you for providing the detailed scenario — we understand the complexity involved, especially with cross‑tenant networking and large data volumes.

From the error message:

“Unable to connect to any of the specified MySQL hosts”

we can confirm that this issue is related to network connectivity, where Azure Database Migration Service (DMS) is not able to reach the source MySQL Flexible Server.

For Azure DMS to work successfully, it must have direct network access to both source and target databases. If this connectivity is not fully established, the migration activity will fail with the exact error you’re seeing.

In cross-tenant scenarios (like yours), the most common gaps are:

Firewall configuration (Mandatory)

We recommend ensuring that server-level firewall rules are properly configured on both:
Source MySQL Flexible Server
Target MySQL Flexible Server

The firewall must allow traffic from the DMS subnet or VNet IP range, otherwise the connection attempt will fail.
2. DNS resolution (Critical but commonly missed)

Even when VNet peering is configured:

Azure MySQL Flexible Server uses FQDN (DNS name) for connections
If DNS resolution is not working across VNets/tenants, DMS cannot locate the server

We recommend:

Linking the private DNS zone to both VNets
Validating DNS resolution from a VM inside the DMS subnet

This is a key requirement for private networking scenarios.
3. VNet peering and routing validation

Ensure bidirectional peering is enabled
Confirm:
- Allow virtual network access is selected
- Verify that NSG or route tables are not blocking traffic

Once the above (Firewall + DNS + VNet) are correctly configured, the connectivity issue should be resolved.
Important guidance for your 20 TB reporting database

While the above steps will fix the connection problem, we also want to clarify that:

Using DMS alone is not recommended for very large databases (like 20 TB)

For large-scale migrations, we suggest a more efficient approach

Use parallel tools (such as mydumper/myloader) for bulk data transfer
Use binlog-based replication or DMS for incremental changes and cutover

This hybrid approach:

Improves performance significantly
Supports minimal downtime
Scales better for large datasets

We are explaining that:

The current error is caused by incomplete network configuration (especially DNS and firewall settings) rather than a DMS limitation
Once these networking components are correctly configured, the migration connection should succeed

For your 20 TB reporting database, using DMS alone is not sufficient — a hybrid migration strategy is recommended for better performance and scalability

We recommend validating DNS resolution, firewall rules, and VNet configuration to resolve the DMS connectivity error. Additionally, for the 20 TB database, consider using a hybrid migration approach (parallel load + replication) to achieve better performance and minimal downtime.
Microsoft Reference Links:

Hope this helps. If you have any follow-up questions, please let me know. I would be happy to help.

Vincent Kiti 0 Reputation points

2026-04-29T08:20:31.1633333+00:00

I just sent a request to access the documentation on cross tenant migration, kindly grant

Answer 2

The error indicates that Azure Database Migration Service (DMS) cannot reach the source MySQL flexible server over the network. For cross-tenant migrations with VNet peering, the key is to ensure that the DMS subnet can reach both source and target servers and that firewall rules allow this traffic.

To resolve the connectivity error for the transaction database:

Verify DMS deployment and networking
- Ensure the DMS instance is created in Azure service mode and in a virtual network that must have IP connectivity to both:
  - The source MySQL flexible server VNet (in tenant A).
  - The target MySQL flexible server VNet (in tenant B).
- Confirm VNet peering between the two VNets is fully configured in both directions, with:
  - “Allow virtual network access” enabled.
  - No custom route tables or network virtual appliances blocking traffic between the subnets.
Confirm firewall rules on MySQL servers
- For both the source MySQL server and the target MySQL flexible server, create server-level firewall rules that allow inbound connections from the DMS subnet (or VNet) IP range.
- This is required so that the DMS instance can access both source and target databases.
- The guidance for physical migration explicitly calls this out, and it applies similarly to online migrations:
  - “Create a server-level firewall rule for both the source MySQL server and the target MySQL flexible server to allow the virtual network for Azure Database Migration Service access to the source and target databases.”
Validate connectivity from inside the DMS VNet
- Create a temporary test VM in the same subnet as the DMS instance.
- From that VM, attempt to connect to the source MySQL flexible server using the same hostname, port, username, and password configured in DMS.
- If the VM cannot connect, the issue is purely networking/firewall and must be fixed before DMS will work.
Recreate or reconfigure the DMS project after connectivity is fixed
- In the DMS project wizard:
  - On Select source, ensure the correct source server name, port, username, and password are used.
  - On Select target, choose the target flexible server and provide the correct credentials.
- Then select the databases and tables to migrate and start the migration once validation passes.

Efficient approach for the 20 TB reporting database:

For very large MySQL databases, use the DMS physical migration approach (Preview) with Percona XtraBackup to minimize downtime and improve performance:

Use DMS physical online data migration
- DMS supports physical backup file–based migration from on-premises or VMs to Azure Database for MySQL flexible server using Percona XtraBackup.
- This method is designed for large workloads and can restore the source server to the target flexible server with minimal downtime.
Prepare target flexible server for high-throughput migration
- For faster data loads, configure the target flexible server with:
  - A General Purpose or Business Critical SKU with sufficient vCores (for example, 16 vCores or higher during migration).
  - Ensure the MySQL version on the target is greater than or equal to the source.
  - Set Availability Zone to “No preference” unless a specific zone is required.
- After migration completes, scale down to the desired size.
Co-locate storage and target for performance
- For physical migration, deploy the Azure Blob Storage used for backup files and the target flexible server in the same region to improve import performance.
Create and run the DMS physical migration project
- Create a DMS instance (Premium 4 vCores is recommended; it is free for 183 days from creation).
- Place DMS in a VNet with access to the source MySQL server (or backup location) and the target flexible server.
- Create a MySQL physical migration project in DMS and follow the steps to:
  - Point to the backup files created by Percona XtraBackup.
  - Restore them into the target flexible server.
- Monitor the migration and perform post-migration validation.
General migration flow
- Create and configure source and target servers and networking.
- Create the DMS instance.
- Create a migration project specifying source, target, and objects to migrate.
- Run the full load and then perform validation.
- Perform a manual cutover/switchover once satisfied with the data.

For the 309 GB transactional database, the standard online data migration to Azure Database for MySQL – Flexible Server via DMS is appropriate once the cross-tenant connectivity issue is resolved. For the 20 TB reporting database, the physical migration with Percona XtraBackup is more efficient and scalable.

References:

Share via

Cross tenant database migration - mysql flexible server

2 answers

Your answer