Amazon Route 53 — Exam Tips
Prepare for the AWS Certified Solutions Associate Exam with exam tips available IaaS Academy.
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is extremely reliable and cost effective way to route end users to Internet applications by translating names like www.example.com into the numeric IP addresses like 192.0.2.1 that computers use to connect to each other. Amazon Route 53 supports both IPv4 and IPv6. Our exam tips on Amazon Route 53 covers all core concepts and topics you need to learn in order to prepare yourself for all three Associate Exams. These are:
- AWS Certified Solutions Architect — Associate
- AWS Certified Developer — Associate
- AWS Certified SysOps Administrator — Associate
- IPv4 has a 32-bit address field
- IPv6 is the new version of IP Adress available, and the address space is 128-bit field
Note that IPv6 is now used in Route 53, VPCs and EC2s
Top Level Domain Name
The top level domain names are controlled by the Internet Assigned Numbers Authority (IANA) in a root zone database which is essentially a database of all available top level domains. These include things like .com or .net
SOA (Start of Authority)
The Start f Authority stores basic properties of the domain name and the zone that the domain is in. It contains the following information
- The primary name server for the domain, which is ns1.dnsprovider.com or the first name server in the vanity name server list for vanity name servers.
- The responsible party for the domain, which is admin.dnsprovider.com.
- A time-stamp that changes whenever you update your domain.
- The number of seconds before the zone should be refreshed.
- The number of seconds before a failed refresh should be retried.
- The upper limit in seconds before a zone is considered no longer authoritative.
- The negative result TTL (for example, how long a resolver should consider a negative result for a sub-domain to be valid before retrying).
These are name server records that are used by Top Level Domain Names servers to direct traffic to other DNS servers which contain authoritative records. For example, you can create a route 53 zone, you will be provided 4 NS records. Next, you need to configure your domain name to point to these NS Records and then you can use Route 53 to manage all your DNS records for the Domain Name.
A zone file is a text file that contains a mapping between domain names and IP Addresses. Zone files reside on name servers and define the resources available under a specific domain.
Hosted Zones are collections of resource records sets hosted by Amazon Route 53. Similar to standard DNS zone files, a hosted zone is used to manage records under a single domain name. Hosted zones will have metadata and configuration information. There are two types of hosted zones:
- Private — These are used to provide configuration information on how to route traffic for a domain and its sub-domains within one or more Amazon Virtual Private Clouds (VPCs) Additionally:
- Amazon VPC Settings — To use privately hosted zones, you must set the following Amazon VPC settings to true:
- Amazon Route 53 Health Checks — In a private hosted zone, you can associate Amazon Route 53 health checks only with failover resource record sets.
- Split-View DNS — You can configure split-view DNS, if for example, you want to maintain internal and external versions of the same website or application (for example, for testing purposes), you can configure public and private hosted zones to return different internal and external IP addresses for the same domain name
- You can associate a VPC with more than one private hosted zone, but the namespaces must not overlap
- You cannot create NS records in a private hosted zone to delegate responsibility for a sub-domain
- Custom DNS Servers — If you have configured custom DNS servers on Amazon EC2 instances in your VPC, you must configure those DNS servers to route your private DNS queries to the IP address of the Amazon-provided DNS servers for your VPC
- Public — These are used to provide configuration information on how to route traffic for a domain and its sub-domains on the Internet
Important Note — CNAME records are not allowed for hosted zones in Amazon Route 53. You need to use Alias Record (See Below)
Domain names need to be unique across the Internet. Domain registrars are responsible for ensuring this and management of all domain names. Registrars can associate domain names directly under one or more top-level domains. Route 53 now offers Domain Registration service and management. This is a recent change and so you no longer need to host your domain name with third party registrars and can manage all DNS functions from within Route 53. Route 53 support domain name registrations for both generic TLDs and geographical TLDs.
Types of Records
- A Record — This is you basic record which enables point a domain name to an IP Address
- TTL — Time to Live which is the length of time in seconds that you want the DNS resolver to cache values for a resource record before submitting another request to Route 53 to get current values for a record. During the TTL period, the DNS resolver will respond to requests from its cache. Amazon Route 53 changes based on the number of DNS queries made and so a longer TTL can help reduce your charges. However, you have to be careful that you don’t have stale records out on the Internet.
- If you are doing any DNS migrations, you should reduce the TTL. By default, most TTL is valid for 2 days!
- CNAMES — These are Canonical Name that can be used to resolve one domain name to another. Instead of having multiple A records all pointing to an IP address, you can setup CNAME records to point one domain name to another
- Alias Records are similar to CNAME records that can map one DNS name www.example.com to another. However, Alias records are special in that unlike CNAME records, you can map an Alias Record to a Zone Apex, e.g. company.com, i.e. without the hostname like ‘www’. You cannot do the same with a CNAME record.
- Alias resource record set contains a pointer to a CloudFront distribution, an Elastic Beanstalk environment, an ELB Classic or Application Load Balancer, an Amazon S3 bucket that is configured as a static website, or another Amazon Route 53 resource record set in the same hosted zone.
- Amazon Elastic Load Balancers come with a DNS name and you are not provided with an IP Address. You can, therefore, use a CNAME or Alias Record (if you are using Route 53) to host your DNS zone and then configure your company domain name to point to the Elastic Load Balancer. With Alias records, you can route DNS queries to your load balancer for the zone apex of your domain (for example, example.com).
- Amazon Route 53 doesn’t charge for DNS queries for alias record.
- Amazon Route 53 will automatically recognise changes in the records sets that the alias records refer to. So if an Alias Record points to an ELB and if the IP Address of that ELB changes, Amazon Route 53 will reflect those changes in the answers for the zone apex name. For example, suppose an alias resource record set for example.com points to an ELB load balancer at lb1–1234.us-east-2.elb.amazonaws.com. If the IP address of the load balancer changes, Amazon Route 53 will automatically reflect those changes in DNS answers for example.com without any changes to the hosted zone that contains resource record sets for example.com.
- Note: An alias resource record set only works inside Amazon Route 53. This means that both the alias resource record set and its target must exist in Amazon Route 53
- Mail Exchanger (MX) — Mail Exchange (MX) records are used to define mail servers for a domain and ensure that email messages are correctly routed to the right mail server. MX Records need to point to an ‘A’ record which then points to the IP Address of your Mail Server or Load Balancer in front of your mail servers.
Route 53 Routing Policies
Route 53 provides you with 5 different routeing policies. These are:
Simple Routing Policy
Default routeing policy when you create a new resource. You can use simple routeing policy when you a single resource that performs a given function for your domain. For example, Route 53 will respond to DNS queries based only on the values in the resource record set. E..g responding with the IP address of an A record. There is no additional redundancy or intelligence built in; essentially, you would use it to connect to a single web server for your domain name.
Weighted Routing Policy
Weighted Routing enables you to associate multiple resources with a single DNS name. With weighted routeing policy, you have multiple resources that perform a function, for example, host an eCommerce website and you want Amazon Route 53 to direct a certain percentage of traffic to one resource and remaining traffic to another resource. Typical uses cases include:
- You host your websites in both the UK and Irish regions and want to direct 60% of your traffic to instances hosted in the London region, but only 40% of the traffic to instances in the Irish region.
- You are setting A/B testing and want to direct 10% of your total traffic to a different load balancer that sends traffic to instances hosting a new version of your website and which you will use to conduct some analytics on and gain feedback from customers on how they find the new UI
In order to configure weighted routeing you will need to:
- Create two or more resource record sets that have the same DNS name and type
- Assign each resource record set to a unique identifier and a relative weight
Amazon Route 53 will search for a resource record set or groups of recourse records sets and select one record from the group using the following formula
Weight for a given resource record set ______________________________________________________
Sum of the weights of the resource record sets in the group
Originally published at iaasacademy.com on February 24, 2017.