AWS Route 53
Route 53 is the AWS DNS service.
authoritative DNS – you the customer can update the dns records
is also a domain registrar
AWS provides 100% SLA guarantee availability
You define how you route traffic to a specific domain.
record type eg A or AAAA
value ie ip number
TTl – time to live for the record caching time
different record types
A, AAA, CNAME, NS – essential to know
A – maps hostname to ipv4 address
AAAA – maps hostname to ipv6 address
CNAME – maps hostname to another hostname
you cannot create CNAMES for top record of domain eg example.com but you can for eg www.example.com
NS – the name servers for the hosted zone
are a container for dns records
public hosted zones
for internet available ips. Any client can request
private hosted zones
for not publicly available ips, within VPCs which can only be accessed within the subnet
this enables you to make ips resolvable within the private network ie internally, not publicly via internet.
otherwise they work the same way – public hosted and private hosted.
you pay 50c per month per hosted zone
from your CLI you can then check your domain registration and ip records with
nslookup or dig
do apt install bind-utils -y to install them if not installed yet on the machine.
dig <your domain name and machine>
nslookup <your domain name and machine>
TTL Time To Live
set in seconds
TTL: client will cache a lookup for the set TTL time period, this is to relieve DNS server from too much request and response traffic
less traffic, lower costs
but possibly not up-to-date records
more traffic, more costly
records more likely to be fully accurate
CNAME vs Alias
you need to use Alias for mapping to an alias hostname, not CNAME!
sometimes you may want to map a hostname to another hostname
CNAME does this, but only for non-root domains ie eg www.example.com not example.cmm
The CNAME maps to the root domain name only!
Alias: this works for both root and non-root domains
always either A for ipv4 or AAAA for ipv6
you cannot set the TTL for Alias, this is set by Route 53 automatically
you can use as aliases things like
elastic load balancers ELB
VPC interface endpoints
Route 53 record IN THE SAME HOSTED ZONE
Important: You *cannot* set an ALIAS for an EC2 DNS name!
Route 53 routing policies
you set the routing policy in the Route 53 Dashboard for the dns record
you can specify multiple records in the same record but then a random one is chosen by the client
can’t be associated with health checks
you set a % of requests to go to each resource you specify
eg to different EC2 instances
to do this you assign each record a relative weight
the weights don’t need to add up to 100
but the DNS records involved must have same name and type
CAN be associated with Health Checks
use cases: load balancing between regions, testing new application versions
NOTE if you assign a weight of 0 to a record then the resource will not receive any traffic!
Also, if ALL records have a weight of 0 then all records will be equal! ie balanced responses
you want to redirect to the resource with the least latency, ie closest to us in terms of SPEED of internet
latency based on traffic between users and AWS Regions
so depends on traffic speed, not necessarily same as geographical closeness
Can use Health Checks
HTTP Health Checks are only for PUBLIC resources
If one region is down, then we can use a Health Check in Route 53.
These provide for automated DNS failover
the check can be against:
an endpoint eg app server
an other health check eg calculated health checks
cloudwatch alarms eg for dynamodb, rds
To pass an HTTP health check the endpoint must respond with 2xx or 3xx status codes
you can combine up to 256 health checks into a single health check using OR, AND, or NOT
and define how many must pass
How to perform health checks for private hosted zones
use a CloudWatch Metric and Alarm then create a Health Check that monitors the alarm!
Failover Policy (Active-Passive Failover)
you associate your DNS record with a health check – essential for this
but you can only have one primary and one secondary record
so, you need to first set up your health check for each machine,
then you reference them in your dns records
policy: set to failover, and the type: primary or secondary
and then associate the respective health check you have defined.
then do the same for the secondary record and instance.
this is where user is physically based
restrict content distribution
simple load balancing method
enables you to specify “bias values” for specific geo regions
1- 99: more traffic to the resource
-1 to -99: less traffic to the resource
can be for AWS resources, specifying aws-region or non-AWS resources , specified by latitude/longitude
this can be useful when you need to shift traffic from one region to another
multi-value or multi-value answer is similar to an ELB but it is a client-side load balancer in effect.
used to route traffic to multiple resources but the client chooses which to use
can associate with Health Checks – up to 8 checks for each multi-value query
NOT a substitute though for an ELB!
Route 63 Traffic Policies
You can use these to define your DNS policy.
These make it easier to set policies.