Tuesday, July 14, 2020

Route 53


Route 53
-             Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service. You can use Route 53 to perform three main functions in any combination: domain registration, DNS routing, and health checking

Concepts:
-         FQDN – Fully Qualified Domain Name
-         DNS: Glue record – who to delegate sub-domain to. “.”->”amazon”->”.com”
-         DNS Zone – area of admin authority, “.com”
-         Zone file – contains DNS mappings / rules. Can be exported from a service provider, imported into R53
-         Primary Name Server – hold the read/write copy (others – read copy only), highest authority in the zone
-         Name Servers – respond to DNS queries; DNS Resolvers. Nameserver is a server on the Internet specialized in handling queries regarding the location of the domain name's various services. In easy words, name servers define your domain's current DNS provider. 
-         Authoritative Name Server for the domain – has the accurate info about domain. Ex: need to move a website into AWS from another provider – R53 becomes the Authoritative Name Server. Can have a primary and a secondary NS, for regional access; info is synced.

Route 53 offers combination of:
-         Register a domain
-         Act as DNS – routes requests to your domain. Even if the domain is not on AWS!
-         Checks health of your resources – notifies of web server failures etc.

Register Domain w R53
-         R53 makes itself the DNS service for the domain
-         Creates a hosted zone that has same name as the domain
-         Assigns 4 name servers to the hosted zone - these severs inform browsers where to find your resources
-         Gets name servers from the hosted zone and adds them to the domain
-         Supports: Generic Top-Level Domains, Geographic-Level domains
-         Example: moving from GoDaddy to AWS – R53 NS details (Delegation set) need to be imported into GoDaddy. GoDaddy will inform the higher level (.com) of the new location. New requests will go directly to AWS. TTL 48 hrs – time it takes to propagate the new DNS detail globally.

R53 Hosted Zone
-         R53 creates Name Server (NS) record – automatically adds 4 name severs to re-route net traffic to your website location - delegation set (ex: ns-1208.awsdns-23.org, ns-1669.awsdns-16.co.uk, ns-473.awsdns-59.com, ns-543.awsdns-03.net). These names get copied into your website registrar’s DNS service Name Server records overriding current entries – to make sure browser calls get rerouted to AWS. If registrar requires IP’s: use dig on Linux or nslookup on Windows

DNS Record Types
-         A Record – maps domain name to IPv4 address
-         AAAA Record – maps domain name to IPv6 address
-         CNAMEre-direct, maps an alias to a hostname. A CNAME record must always point to another domain name, never directly to an IP address. Used for re-direction. Can only create CNAME for a sub-domain (support.me.com) not the top node
-        
DNS Name – delegate zone to a nameserver; defines which one of the nameservers is authoritative
-        SOA record – Start of Authority record. - Contains: who is the owner, name of Authoritative Server, serial number of zone data (gets incremented w every change), TTL
-         MX record – mail exchange, where to deliver mail for the domain users

Alias
-         specific to AWS. Used to route queries ONLY to a AWS service that have IP changing – Load balancers (CLB/ALB/NLB), CloudFront distribution, S3 Bucket endpoint, ElasticBeanstalk environment. Can use alias to point to other records in same Hosted Zone. 
-          Alias CAN NOT point to apex domain name.
-         Queries to alias are free; queries to CNAME are chargeable
-         Alias returns what it is pointed to, IP or multiple IPS, etc.
-         CAN NOT change TTL of an alias – the TTL is defined by the destination (CloudFront, Elastic BeanStalk, ELB, S3)
-         Alias need to match the target record type. If target is a CNAME, Alias has to be of type CNAME
-         If IP of the destination changes, Alias automatically responds with the new IP to subsequent queries


No comments:

Post a Comment