Route 53

Question 1

Route 53 is highly available, fully managed and Authoritative DNS - what does Authoritative mean here?

Answer 1

The customer can update the DNS records

Question 2

What is Route 53 in the scope of DNS?

Answer 2

A Domain Registrar - allows the creation of domain names that are translated to IP addresses.

Question 3

What type of information does each Route 53 record contain?

Answer 3

The information that allows you to route traffic for a domain

Question 4

What specific information does each Route 53 record contain?

Answer 4

• Domain/subdomain Name (e.g., example.com)
• Record Type (e.g., A or AAAA)
• Value (e.g., 12.34.56.78)
• Routing Policy (how Route 53 responds to queries)
• TTL (the amount of time the record is cached at DNS Resolvers)

Question 5

What record types does Route 53 support?

Answer 5

Must know - A, AAAA, CNAME, NS
Advanced - CAA, DS, MX, NAPTR, PTR, SOA, TXT, SPF, SRV

Question 6

What is the purpose of record type A?

Answer 6

Maps a hostname to IPv4

Question 7

What is the purpose of record type AAAA?

Answer 7

Maps a hostname to IPv6

Question 8

What is the purpose of record type CNAME?

Answer 8

Maps a hostname to another hostname, where the target is a domain name that has an A or AAAA record

Question 9

Give an example of where you would not be able to create a CNAME record

Answer 9

Can’t create a CNAME record for the top node of a DNS namespace (Zone Apex) - e.g., can’t create for example.com, but you can for www.example.com

Question 10

What is the purpose of record type NS?

Answer 10

Name Servers for the Hosted Zone - these control how traffic is routed for a domain

Question 11

What is a hosted zone?

Answer 11

A container for records that define how to route traffic to a domain and its subdomains

Question 12

What is a public hosted zone?

Answer 12

Contains records that specify how to route traffic on the Internet (public domain names)

Question 13

What is a private hosted zone?

Answer 13

Contain records that specify how you route traffic within one or more VPCs (private domain names)

Question 14

How much does a hosted zone cost per month with AWS?

Answer 14

$0.50

Question 15

TTL is mandatory for all DNS records except…

Answer 15

Alias records

Question 16

Describe the basic DNS flow

Answer 16

1. Web browser wants to access example.com
2. Local DNS server queries the Root DNS server for the .com NS
3. Local DNS server then queries the Top Level Domain (TLD) DNS server for the example.com NS
4. Local DNS server then queries the Sub Level Domain (SLD) DNS server for the example.com IP address

Question 17

What are the trade-offs of different record TTLs? Give a strategy for handling a record change.

Answer 17

High TTL (e.g., 24hr)
- Less traffic on Route 53
- Possibly outdated records
Low TTL (e.g. 60sec)
- More traffic on Route 53 so more expensive
- Records are outdated for less time
- Easy to change records

When wanting to change records, can decrease TTL then change the records so that Clients quickly pick up the change. After a certain amount of time, increase the TTL again (if you know the record will not be changing again soon)

Question 18

What does the Record TTL do?

Answer 18

Tells the client how long to cache the DNS record (i.e., the resolved IP address)

Question 19

State the difference between CNAME and Alias

Answer 19

CNAME:
- Points a hostname to any other hostname
- Only for non-root domain (e.g., application.example.com but not example.com)

Alias:
- Points a hostname to an AWS resource
- Works for root domain and non root domain
- Free
- Native health check

Question 20

What type of record is an Alias?

Answer 20

A or AAAA for AWS records

Question 21

Give a limitation of Alias records

Answer 21

You can’t set the TTL

Question 22

What routing policies does Route 53 support?

Answer 22

Simple, Weighted, Failover, Latency based, Geolocation, Multi-Value Answer, Geoproxitimity (using Route 53 Traffic Flow Feature)

Question 23

What is the difference between Route 53 routing and Load balancer routing?

Answer 23

Route 53 routing involves routing DNS queries (translating hostnames into endpoints).
Load balancer involves routing a request to an application on an instance.

Question 24

Describe the Simple Routing Policy

Answer 24

Route traffic to a single resource - Route 53 will return one/many values (IP addresses) within a record, and if there are many values, the client will randomly choose one.

Question 25

Give a limitation of the Simple Routing Policy

Answer 25

Can’t be associated with Health Checks.

Question 26

Describe the Weighted Routing Policy

Answer 26

Control the % of requests that go to a specific resource.

Question 27

What is a requirement when using a Weighted Routing Policy?

Answer 27

DNS records must have the same name and type

Question 28

Can Weighted Routing Policy be associated with Health Checks?

Answer 28

Yes. Yes it can.

Question 29

Give a use case of Weighted Routing Policy.

Answer 29

Load balancing between regions, testing new application versions.

Question 30

How would you stop sending traffic to a resource using a Weighted Routing Policy?

Answer 30

Assign a weight of 0 to the record for that resource.

Question 31

How would you send equal traffic to all resources using a Weighted Routing Policy?

Answer 31

Assign all records a weight of 0.

Question 32

Describe Latency-based Routing Policy

Answer 32

Redirect to the resource that has the least latency close to us.

Question 33

What is Latency based on in the Latency-based Routing Policy?

Answer 33

Based on traffic between users and the AWS regions

Question 34

Can Latency Routing Policy be associated with Health Checks?

Answer 34

Yes - also has failover capacity

Question 35

What type of HTTP resource can Route 53 Health Checks be assigned to?

Answer 35

Public resources

Question 36

What can a Health Check monitor?

Answer 36

Can monitor an endpoint, other health checks or cloudwatch alarms.

Question 37

How does a Health Checker monitor an endpoint?

Answer 37

• About 15 global health checkers will send a HTTP request to /health, looking for a 2xx or 3xx status code

Question 38

What Endpoint Health Checker parameters can be specified?

Answer 38

• Set a threshold determining healthy vs unhealthy (default is 3)
• Set an interval for the health check (30 sec, 10 sec can be set at a higher cost).

Question 39

What protocols does the Endpoint Health Checker support?

Answer 39

HTTP/S and TCP

Question 40

Other than an HTTP response code, how else can you specify whether an Endpoint is deemed healthy?

Answer 40

Health Check can be setup to pass/fail based on the text in the first 5120 bytes of the response.

Question 41

What is the %age threshold for a health checker to deem an endpoint ‘healthy’?

Answer 41

> 18% is healthy.

Question 42

What is a requirement for using Route 53 Health Checkers?

Answer 42

Configure your router/firewall to allow incoming requests from Route 53 Health Checkers

Question 43

Describe what a Calculated Health Check is

Answer 43

Combine the results of multiple Health Checks into a single Health Check.

Question 44

What Calculated Health Checker parameters can be specified?

Answer 44

Number of Child Health Checks to be monitored - up to 256.
Specify how many of the health checks need to pass to make the parent pass.

Question 45

Give a use case of a Calculated Health Check?

Answer 45

Perform maintenance to your website without causing all health checks to fail.

Question 46

How to you perform Health Checks on Private resources?

Answer 46

Create a CloudWatch Metric and associate a CloudWatch Alarm, then create a Health Check that checks the alarm itself.

Question 47

Why can you not perform Health Checks on private endpoints?

Answer 47

Route 53 Health Checkers are outside the VPC - cannot access private endpoints.

Question 48

Describe the Failover Routing Policy

Answer 48

• Designate a Primary and Secondary EC2 instance (secondary if for disaster recovery)
• Mandatory Health check on primary, if this fails then traffic is routed to secondary backup instance.

Question 49

Describe the Geolocation Routing Policy

Answer 49

• Routing is based on user location
• Specify by Continent, Country or US state (if any overlap, most precise location is chosen)
• Should create a ‘Default’ record (in case there is no match on location)
• Can be associated with Health checks

Question 50

Give a use case for the Geolocation Routing Policy

Answer 50

• Website localization
• Restrict content distribution
• Load balancing

Question 51

Describe the Geoproximity Routing Policy

Answer 51

• Route traffic to your resources based on the location of users and resources
• Can shift more traffic to resources based on a defined bias (more bias to a region means more traffic and vice versa)

Question 52

With Geolocation Routing Policy, how can you specify the location?

Answer 52

• AWS resources are specified by region
• Non-AWS resources are specified by latitude and longitude

Question 53

What does Geolocation Routing Policy require?

Answer 53

Route 53 Traffic Flow

Question 54

What does a Traffic Flow Policy do?

Answer 54

• Acts as a configuration file for complex Routing decision trees
• Can be applied to different Route 53 Hosted Zones (different domain names)

Question 55

What is Route 53 Traffic Flow?

Answer 55

A visual editor to manage complex routing decision trees.

Question 56

Describe the Multi-Value Routing Policy

Answer 56

• Route traffic to multiple resources
• Route 53 will return multiple values/records (up to 8 healthy resources)

Question 57

What is another way of describing the Multi-Value Routing Policy?

Answer 57

Client side load balancing

Question 58

What is the difference between Multi-Value Routing Policy returning many values and Simple Routing Policy returning many values

Answer 58

Simple Routing Policy does not allow health checks - may return unhealthy records

Question 59

How would you use a 3rd party Domain Registrar with Route 53 as the DNS Service?

Answer 59

• Register domain on 3rd party
• Create public Hosted Zone on Route 53
• Copy Name Servers (NS) across from Route 53 to 3rd party registrar