Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is extremely reliable and cost effective way to route end users to Internet applications by translating names like www.example.com into the numeric IP addresses like 192.0.2.1 that computers use to connect to each other. Amazon Route 53 supports both IPv4 and IPv6. Our exam tips on Amazon Route 53 covers all core concepts and topics you need to learn in order to prepare yourself for all three Associate Exams. These are:
- AWS Certified Solutions Architect – Associate
- AWS Certified Developer – Associate
- AWS Certified SysOps Administrator – Associate
DNS is used to convert friendly domain names such as https://mycompany.com into an Internet Protocol IP address such as https://220.127.116.11. There are two types if IP Addressing –
- IPv4 has a 32-bit address field
- IPv6 is the new version of IP Adress available, and the address space is 128-bit field
Note that IPv6 is now used in Route 53, VPCs and EC2s
Top Level Domain Name
The top level domain names are controlled by the Internet Assigned Numbers Authority (IANA) in a root zone database which is essentially a database of all available top level domains. These include things like .com or .net
SOA (Start of Authority)
The Start f Authority stores basic properties of the domain name and the zone that the domain is in. It contains the following information
- The primary name server for the domain, which is ns1.dnsprovider.com or the first name server in the vanity name server list for vanity name servers.
- The responsible party for the domain, which is admin.dnsprovider.com.
- A time-stamp that changes whenever you update your domain.
- The number of seconds before the zone should be refreshed.
- The number of seconds before a failed refresh should be retried.
- The upper limit in seconds before a zone is considered no longer authoritative.
- The negative result TTL (for example, how long a resolver should consider a negative result for a sub-domain to be valid before retrying).
These are name server records that are used by Top Level Domain Names servers to direct traffic to other DNS servers which contain authoritative records. For example, you can create a route 53 zone, you will be provided 4 NS records. Next, you need to configure your domain name to point to these NS Records and then you can use Route 53 to manage all your DNS records for the Domain Name.
A zone file is a text file that contains a mapping between domain names and IP Addresses. Zone files reside on name servers and define the resources available under a specific domain.
Hosted Zones are collections of resource records sets hosted by Amazon Route 53. Similar to standard DNS zone files, a hosted zone is used to manage records under a single domain name. Hosted zones will have metadata and configuration information. There are two types of hosted zones:
- Private – These are used to provide configuration information on how to route traffic for a domain and its sub-domains within one or more Amazon Virtual Private Clouds (VPCs) Additionally:
- Amazon VPC Settings – To use privately hosted zones, you must set the following Amazon VPC settings to true:
- Amazon Route 53 Health Checks – In a private hosted zone, you can associate Amazon Route 53 health checks only with failover resource record sets.
- Split-View DNS – You can configure split-view DNS, if for example, you want to maintain internal and external versions of the same website or application (for example, for testing purposes), you can configure public and private hosted zones to return different internal and external IP addresses for the same domain name
- You can associate a VPC with more than one private hosted zone, but the namespaces must not overlap
- You cannot create NS records in a private hosted zone to delegate responsibility for a sub-domain
- Custom DNS Servers – If you have configured custom DNS servers on Amazon EC2 instances in your VPC, you must configure those DNS servers to route your private DNS queries to the IP address of the Amazon-provided DNS servers for your VPC
- Amazon VPC Settings – To use privately hosted zones, you must set the following Amazon VPC settings to true:
- – Public – These are used to provide configuration information on how to route traffic for a domain and its sub-domains on the Internet
Important Note – CNAME records are not allowed for hosted zones in Amazon Route 53. You need to use Alias Record (See Below)
Domain names need to be unique across the Internet. Domain registrars are responsible for ensuring this and management of all domain names. Registrars can associate domain names directly under one or more top-level domains. Route 53 now offers Domain Registration service and management. This is a recent change and so you no longer need to host your domain name with third party registrars and can manage all DNS functions from within Route 53. Route 53 support domain name registrations for both generic TLDs and geographical TLDs.
Types of Records
- A Record – This is you basic record which enables point a domain name to an IP Address
- TTL – Time to Live which is the length of time in seconds that you want the DNS resolver to cache values for a resource record before submitting another request to Route 53 to get current values for a record. During the TTL period, the DNS resolver will respond to requests from its cache. Amazon Route 53 changes based on the number of DNS queries made and so a longer TTL can help reduce your charges. However, you have to be careful that you don’t have stale records out on the Internet.
- If you are doing any DNS migrations, you should reduce the TTL. By default, most TTL is valid for 2 days!
- CNAMES – These are Canonical Name that can be used to resolve one domain name to another. Instead of having multiple A records all pointing to an IP address, you can setup CNAME records to point one domain name to another
- Alias Records are similar to CNAME records that can map one DNS name www.example.com to another. However, Alias records are special in that unlike CNAME records, you can map an Alias Record to a Zone Apex, e.g. company.com, i.e. without the hostname like ‘www’. You cannot do the same with a CNAME record.
- Alias resource record set contains a pointer to a CloudFront distribution, an Elastic Beanstalk environment, an ELB Classic or Application Load Balancer, an Amazon S3 bucket that is configured as a static website, or another Amazon Route 53 resource record set in the same hosted zone.
- Amazon Elastic Load Balancers come with a DNS name and you are not provided with an IP Address. You can, therefore, use a CNAME or Alias Record (if you are using Route 53) to host your DNS zone and then configure your company domain name to point to the Elastic Load Balancer. With Alias records, you can route DNS queries to your load balancer for the zone apex of your domain (for example, example.com).
- Amazon Route 53 doesn’t charge for DNS queries for alias record.
- Amazon Route 53 will automatically recognise changes in the records sets that the alias records refer to. So if an Alias Record points to an ELB and if the IP Address of that ELB changes, Amazon Route 53 will reflect those changes in the answers for the zone apex name. For example, suppose an alias resource record set for example.com points to an ELB load balancer at lb1-1234.us-east-2.elb.amazonaws.com. If the IP address of the load balancer changes, Amazon Route 53 will automatically reflect those changes in DNS answers for example.com without any changes to the hosted zone that contains resource record sets for example.com.
- Note: An alias resource record set only works inside Amazon Route 53. This means that both the alias resource record set and its target must exist in Amazon Route 53
- Mail Exchanger (MX) – Mail Exchange (MX) records are used to define mail servers for a domain and ensure that email messages are correctly routed to the right mail server. MX Records need to point to an ‘A’ record which then points to the IP Address of your Mail Server or Load Balancer in front of your mail servers.
Route 53 Routing Policies
Route 53 provides you with 5 different routeing policies. These are:
Simple Routing Policy
Default routeing policy when you create a new resource. You can use simple routeing policy when you a single resource that performs a given function for your domain. For example, Route 53 will respond to DNS queries based only on the values in the resource record set. E..g responding with the IP address of an A record. There is no additional redundancy or intelligence built in; essentially, you would use it to connect to a single web server for your domain name.
Weighted Routing Policy
Weighted Routing enables you to associate multiple resources with a single DNS name. With weighted routing policy, you have multiple resources that perform a function, for example, you host an eCommerce website and you want Amazon Route 53 to direct a certain percentage of traffic to one resource and remaining traffic to another resource. Typical use cases include:
- You host your websites in both the UK and Irish regions and want to direct 60% of your traffic to instances hosted in the London region, but only 40% of the traffic to instances in the Irish region.
- You are conducting A/B testing and want to direct 10% of your traffic to a different load balancer that sends traffic to instances hosting a new version of your website. You will then conduct some analysis and gain feedback from customers on how they find the new user interface.
In order to configure weighted routeing you will need to:
- Create two or more resource record sets that have the same DNS name and type
- Assign each resource record set to a unique identifier and a relative weight
Amazon Route 53 will search for a resource record set or groups of resource records sets and select one record from the group using the following formula
Weight for a given resource record set
Sum of the weights of the resource record sets in the group
Latency Based Routing
You can route traffic based on the lowest network latency for your end users so that your end users can experience a faster response time. You would use this form of routing when you have resources that serve the same functions located in different availability zones or regions. The typical use case here is where you are trying to ensure that users across the globe get access to your resources as fast as possible regardless of location. That means even if you happen to be equidistant from two load balancers serving the same resources, Amazon Route 53 will direct your traffic to the resource which offers the lowest latency in connectivity
Failover Based Routing
You can use Amazon Route 53 to configure an active-passive failover. In this configuration, you have a default resource which accepts all traffic and if it happens to fail, then traffic is routed to the alternatively passive resource. When setting up the active resource, you need to configure Amazon Route 53 to monitor the health of your primary endpoints using health checks. Health Checks instruct Amazon Route 53 to send requests to endpoints and you can specify:
- which protocol to use
- which IP address and port
- which domain name and path to check
Amazon Route 53 then monitors the health of your active resource and if that fails the failover routing policy will be applied and DNS will fail over to your passive resource.
The following failover options are available:
- Active-active failover: used when you want your resources to need to be available the majority of the time. When a resource becomes unavailable, Amazon Route 53 can detect that it’s unhealthy and stop including it when responding to queries.
- Active-passive failover: used when you want a primary group of resources to be available the majority of the time and you want a secondary group of resources to be on standby in case all of the primary resources become unavailable. When responding to queries, Amazon Route 53 includes only the healthy primary resources. If all of the primary resources are unhealthy, Amazon Route 53 begins to include only the healthy secondary resources in response to DNS queries.
- Active-active-passive and other mixed configurations: You can combine alias and non-alias resource record sets to produce a variety of Amazon Route 53 behaviours.
Important Note – You cannot create failover resource record sets for private hosted zones!
This type of routing policy enables you to route traffic based on the geographical location of your users. For example, you can configure users in the UK to be directed to resources based on the London Region and users across Europe to be directed to the resources hosted by the Frankfurt Region.
This is particularly useful when you want to direct traffic that belongs to a specific geographical area to resources that have been configured specifically for them such as language and currency. Another use case is where you need to ensure that only traffic from certain geographical regions can access your content for example where you have restrictions on distribution rights
GeoLocation can be specified by
- State within the US
Geolocation works by mapping IP addresses to the locations and here this can sometimes cause issues, when some IP Address ranges may not be mapped to a specific location. You need to create a default resource record set to handle DNS queries from locations that cannot be identified, or where you do not specify geolocation records sets for. Note that if there is no default resource record set then Amazon Route 53 will return a ‘no – answer’ response for queries from those locations.
Amazon Route 53 health checks monitor the health and performance of your AWS resources such as instances. You can specify intervals when Amazon Route 53 submits automated requests over the Internet to your application, server, or other resources to verify that it’s reachable, available and functional. You can also configure an Amazon CloudWatch alarm for each health check. In production environments, you can deploy web servers for example across multiple regions and multiple availability zones. If a health check determines that the underlying resource is unhealthy, Amazon Route 53 routes traffic away to other health resources.
Additional Study Resource
In addition to the above core concepts, tips and keynotes, you must review the AWS Route 53 FAQs and you can also review our additional exam keynotes.
180 Practice Exam Questions – Get Prepared for your Exam Day!
Our Exam Simulator with 180 practice exam questions comes with comprehensive explanations that will help you prepare for one of the most sought-after IT Certifications of the year. Register Today and start preparing for your AWS Certified Solutions Architect – Associate Exam.