[AWS SAA-C02 Study Note] Route53

DNS

The phone book of Internet

translate domain names to IP addresses

allows your computer to find specific servers on the Intenet automatically depending what domain name you browse to

IP

IP Addresses are what uniquely identifies each computer on a network, and allows communication between them using the IP

IPv4, IPv6

Domian Registrars

DR are authorities who have the ability to assign domain names under one or more top-level domains

after registration all domain names can be found publically in a central WhoIS database

Top-level Domains

top-level domain names are controlled by the Internet Assigned Numbers Authority (IANA)

All available top-level domains are stored in a publically database at:

http://www.iana.org/domains/root/db

AWS’s top-level domain .aws

Start of Authority (SOA)

Every domain must have an SOA record.

SOA is a way for the domain admins to provide information about the domain.

A zone file can contain only one SOA record.

A Records

Address Records (A Records) are one of the fundamental types of DNS records

An A Record allows you to convert the name of a domain directly into an IP address. They can also be used on the root (naked domain name) itself.

{
	"ResourceRecordSets": [
	{
		"TTL": 300,
		"Type": "A",
		"Name": "testing-domain.com",
		"ResourceRecords": [
			{ "Value": "52.216.8.34" }
		]
	}
	]
}

CNAME Records

CNAME are another fundamental DNS records used to resolve one domain name to another - rather than an IP address.

{
	"ResourceRecordSets": [
	{
		"TTL": 300,
		"Type": "CNAME",
		"Name": "testing-domain.com",
		"ResourceRecords": [
			{ "Value": "www.testing-domain.com" }
		]
	}
	]
}

the advantages of CNAMES is they are unlikely to change where IP addresses can change over time (if its a dynamic IP address)

NS Records

Name Server (NS) records are used by top-level domain servers to direct traffic to the DNS servers to direct traffic to the DNS server containing the authoritative DNS records. Typically multiple name servers are provided for redundancy.

{
	"Type": "NS",
	"ResourceRecordSets": [
	{
		"TTL": 172800,
		"Name": "testing-domain.com",
		"ResourceRecords": [
			{ "Value": "ns-245.awsdns-30.com" },
			{ "Value": "ns-523.awsdns-01.net" },
			{ "Value": "ns-1586.awsdns-06.co.uk" }
		]
	}
	]
}

Time To Live (TTL)

length of time that DNS record gets cached on the resolving server or the users own local machine.

The lower TTL → The faster that changes to DNS records will propagate across Intenet

unit of TTL is second in Ipv4

DNS Cheat Sheet

Route53

Route53 is a DNS service (like Godaddy or NameCheap)

you can:

• register and manage domains
• create various records sets on a domain
• implement complex traffic flows ex. Blue/Green deploy, failovers
• continuously monitor records via health checks
• resolve VPC’s outside of AWS

Usecase

1. income Internet traffic
2. route traffic to our web-app backed by ALB
3. route traffic to an istance we use to tweek our AMI
4. route traffic to API gateway which powers our API
5. route traffic to CloudFront which serves S3 static hosted website
6. Route traffic to an Elastic IP (EIP) which is a static IP that hosts our company Minecraft server

Record Sets

AWS have their own special Alias record which extends DNS functionality

Routing Policies

7 types of routing policies

Traffic Flow

a visual editor lets you create sophisticated routing configurations for your resources using existing routing types

$50 per policy record / month

1. Simple Routing Policy

default policy

• you have 1 record and provide multiple IP addresses
• when multiple values are specified for a record, Toute53 will return all values back to the user in a random order

2. Weighted Routing Policy

split up traffic based on different “weights” assigned.

allows you to send a certain percentage of overall traffic to one server.

ex. ALB running experimental features you could test against a small amount of traffic at random to minimize the impact.

3. Latency Based Routing Policy

based on region

4. Failover Routing Policy

allow you to create active/passive setups in situations where you want a primary site in one location, and a secondary data recovery site in another.

Automatically monitors health-checks from your primary site to determine the health of end-points. If primary one is determined to be in a failed state, all traffic is automatically directed to the secondary location.

5. Geolocation Routing Policy

direct traffic based on the geographic location of where the request originated from.

ex. let you route all traffic coming from north America to servers located in NA regions.

6. Geoproximity Routing Policy

direct traffic based on the geograhic location of your users and your AWS resources

!!! [difference] you can route more or less traffic to a specific resource by specifying a ‘Bias’ value.

Bias values expand or shrink the size of the geographic region from which traffic is routed to. (You must use Route53 Traffic Flow to use this policy)

7. Multi-Value Answer Policy

let you configure Route53 to return multiple values such as IP address for your web-server, in response to DNS queries.

Route53 performs health-check on resources and only returns values of ones deemed healthy.

= Simple Route Policy + Health Check

Health Checks

• Checks health every 30s by default. Could be reduced to every 10s
• A HC can initial a failover if status is returned unhealthy
• A CloudWatch Alarm can be created to alert you of status unhealthy
• A HC can monitor other health checks to create a chain of reactions

Resolver

also known as .2 resolver

A regional service that lets you route DNS queries between your VPCs and your network

DNS solution for Hybrid Environments (On-Premise and Cloud)

Route53 Cheat Sheet