Route 53 Flashcards
What does DNS mean?
Domain Name Server
What does DNS do?
translates human friendly hostnames into machine IP addresses
DNS hierarchical naming structure
.com
example.com
www.example.com
api.example.com
What is a domain registrar example and what do they do?
Amazon Route 53, GoDaddy
And you register your domain names
What are DNS record types?
A
AAAA
CNAME
NS
What is a Zone File?
contains DNS records
What is a Name Server?
resolves DNS queries (Authoritative or Non-Authoritative)
What are Top Level Domains (TLD)?
.com
.us
.in
.gov
.org
What are second level domains? (SLD)
amazon.com
google.com
2 words between the dots
Break down http://api.www.example.com.
the dot after com is Root
.com = TLD (Top Level Domain)
.example = SLD (Second Level Domain)
.www = Sub Domain
api = FQDN (Fully Qualified Domain Name)
http = Protocol
http://api.www.example.com = URL
How does DNS work?
You have an EC2 instance (example) that hosts web server example.com with its IP address.
Web browser asks Local DNS server for example.com
If its not cached, the Local DNS server will ask the Root DNS server.
If the root DNS server does not know, it will tell the Local DNS Server to contact the TLD DNS Server (.com). Root DNS Server is familiar with .com.
The TLD DNS Server tells the Local DNS Server to contact the SLD DNS Server (second level domain) which is amazon registrar, route 53, goDaddy).
The SLD DNS server sends the result back to the Local DNS Server. The Local DNS server caches the result and then sends it to your web browser.
The web browser can now access that web server.
What is an Amazon Route 53?
Highly Available, scalable fully managed and Authoritative DNS
What does Authoritative DNS mean?
customer (you) can update DNS records.
Example of Authoritative DNS
You have an EC2 instance that can only be accessed through its public IP.
You create a record on your Route 53 and when you search for the name you chose it connects you to the server.
Is Route 53 a domain registrar as well?
Yes
Does Route 53 allow to check the health of your resources?
Yes
What is Route 53 SLA availability?
100% - only one in AWS
What does each record contain in Route 53?
Domain/subdomain name - example.com
Record Type - A or AAAA
Value - 12.34.56.78
Routing Policy - how Route 53 responds to queries
TTL (Time To Live) - amount of time the record is cached at DNS Resolvers
What type of records does Route 53 support?
A
AAAA
CNAME
NS
What is an A record?
Maps a hostname to IPv4
e.g. example.com -> IP
What is AAAA record?
maps hostname to IPv6
What is a CNMA record?
Maps a hostname to another hostname
Must haves for a CNAME to work?
Target must have A or AAAA record
What can you not do with CNAME?
Create a CNAME record for the top node of a DNS namespace (Zone Apex)
e.g. cant create for example.com but can create for www.example.com
What is an NS record?
Name Servers for the Hosted Zone
DNS names or IP addresses of servers which can respond to your DNS queries of the hosted zone
What does NS record control?
How traffic is routed for a domain
What are Route 54 Hosted Zones?
Containers that hold records which define how to route traffic to domain and subdomains
How many Hosted Zones are there?
2
What are Public Hosted Zones?
contain records that specify how to route traffic on the internet (public domain names)
What are Private Hosted Zones?
contains records that specify how you route traffic within one or more VPCs (private domain names)
How much do you pay per hosted zone?
$0.50 per month
Difference between Public & Private Hosted Zones?
Public is for resources that are public (S3, CloudFront, EC2, ALB)
Private is for resources inside your VPC - private resources with private domain names
What is a Record TTL?
Time To Live
How does TTL work?
The client asks Route 53 for a website. Route 53 sends the address of the website back to the client and includes TTL (e.g. 300s).
What that means is that the client will cache the result for 300 seconds. Which means that if you request the same info in the next 300 seconds, the client will not ask Route 53 for that information.
What does High TTL (24hr) mean? And what is one downside?
That it will have less traffic on Route 53
Outdated records - have to wait 24hr for it to update
What does Low TTL (e.g. 60s) mean? What is one upside/downside
More traffic to Route 53 (more expensive since you pay per request)
Records are outdated for less time
Easy to change the records
Is TTL mandatory for every DNS record?
Yes except Alias record
Which record is TTL not mandatory for?
Alias record
Difference between CNAME and ALIAS?
ALIAS works for ROOT DOMAIN and NON ROOT DOMAIN where as CNAME only works for NON ROOT DOMAIN
Give an example of CNAME
I want to change my load balancer domain which is
* lb1-1234.eu-east-2.elb.amazonaws.com to myapp.mydomain.com
Give an example of not being able to Point CNAME to a ROOT DOMAIN
for example I cannot have google.example.com point to example.com because example.com is ROOT DOMAIN
What can you do with an ALIAS?
You can point host name to an AWS resource
e.g.
app.mydomain.com -> blabla.amazonaws.com
What are 2 benefits of Alias?
free
can perform health check
Architecture example of Alias Record
Route 53 with Alias record enabled. Allows example.com to be added to the aws load balancer name.
When you search example.com it takes you to the ALB
What record type are Alias records always?
A/AAA (IPv4/IPv6)
What can you NOT set with Alias records?
TTL
Targets for Alias Records?
ELB
CloudFront distributions
API Gateway
Elastic Beanstalk env
S3 Websites
VPC Interface Endpoints
Global Accelerator accelerator
Route 53 record in the same hosted zone
What can you NOT set an Alias record for?
EC2 DNS name
What does a Routing Policy do?
Defines how Route 53 responds to DNS queries
Routing Policies of Route 53?
Simple
Weighted
Failover
Latency based
Geolocation
Multi-value Answer
Geoproximity (Route 53 Traffic Flow feature)
Simple Routing Policy
Typically for a single resource
Can specify multiple values in the same record
How do multiple values of Simple routing policy work?
Client asks Route 53 for foo.example.com. Route 53 sends back 3 A record IP addresses and the client chooses one randomly.
What happens when you enable Alias for Simple routing policy?
Can only specify one AWS resource
What can a simple routing policy not do?
Health Checks
What is a Weighted Routing Policy?
You can control the % of the requests that go to each specific resource
How do you assign each record a relative weight? (calculation)
traffic % = weight for specific record / sum of all weights for all records
What do DNS records must have for Weighted routing policy?
same name and type
Can you have health checks on Weighted Routing policies?
yes
Use cases for Weighted Routing Policies?
load balancing between regions
testing new app versions
What happens if you assign 0 weight to a resource?
stop sending traffic
What happens if all records have 0 weight?
all records will be returned equally
How does Latency-Based Routing Policy work?
You connect to the ALB which is the closest to you. Meaning you have the least latency.
Latency is based on traffic between users and AWS Regions.
For example, a user in Germany could be directed to the US if the latency is lower than the ALB in Germany
Can Latency-based Routing Policies have health checks?
Yes
Can Latency-based Routing Policies have failover capabilities?
Yes
What are Health Checks in Route 53?
HTTP Health Checks are only for Public resources
Are health checks in route 53 available for public or private resources?
Public
Why do you perform a Health Check in Route 53?
It creates automatic DNS Failover
What are the 3 Health Checks you can have?
- Monitor an endpoint (app, server)
- Monitor other health checks (calculated health checks)
- Health Checks for Cloud Watch alarms (full control) - throttles of DynamoDB, alarms on RDS, custom metrics (helpful for private resources)
How do you get health checks for private resources since HTTP Health Checks are only for Public resources?
By using HealthChecks that monitor CloudWatch alarms
How many global health checkers check for end point health?
15
What are the health check options you have?
healthy/unhealthy threshold
interval of checks
protocols : HTTP/S, TCP
What happens if >18% of health checkers report the endpoint is heathy?
Route 53 considers it healthy
Can you choose which locations you want Route53 to use?
Yes
When do health checks pass ? (response type)
2xx or 3xx
Can you set health checks to pass / fail based on the first 5120 bytes of the response?
Yes
What can you do with Route 53 and your router/firewall?
Can configure to allow allow incoming requests from Route 53 health checkers
How do Calculated Health Checks work?
They combine results multiple health checks into a single health check
Can use OR, AND, or NOT when defining health checks
Calculated Health Check architecture
You have a Parent Health Check, and three child health checks in Route 53. Each of those child health checks monitors 1 EC2 instance each
How many Child health checks can you monitor with Parent Calculated Health Checks?
256 Child Health Checks
What can you specify with Parent health check in order to pass?
how many of the child health checks pass
Usage of Calculated Health Checks
Perform maintenance to your website without causing all health checks to fail
How do you monitor health of Private Hosted Resources (zones)?
By creating a CloudWatch Metric and associated a CloudWatch Alarm, then create a health check that checks the alarm itself
Why can you not use Route 53 health checks for private VPC or on-premise resources?
They live outside in the public web
Failover (Active-Passive) Routing Policy architecture
You have Client -> Amazon Route 53.
You have 2 EC2 instances, primary and secondary - DR
Route 53 does health checks for Primary, as soon as it is unhealthy, traffic is routed to the Secondary.
How does Geolocation Routing Policies work?
Routing is based on location.
Specify location by continent, country or by US state
What should the Geolocation RP have in case there is no match on location?
A Default record
What are the use cases for a Geolocation RP?
website localisation
restrict content distribution
load balancing
Can Geolocation RP associate with health checks?
Yes
How would you use a geo location?
For e.g. In Germany go to this IP which uses the german version of my app. In France, do the same for the french version.
Everywhere else, go to the English version of the app.
How does Geoproximity Routing Policy work?
Route traffic to your resources based on the geographic location of users and resources
What does ability to shift more traffic to resources baed on the defined bias mean?
Change the size of geographic region by specifying bias values
1 to 99 & -1 to -99 = expand is more, shrink is less traffic to resource
What can Geoproximity resources be?
AWS resources (specify AWS region)
Non-AWS resources (specify latitude and longitude)
How can you use Geoproximity Routing Policy?
Need to use Route 53 Traffic Flow (advanced)
When is Geoproximity Routing really helpful?
When you want to shift traffic from one region to another by increasing the Bias
How does IP based Routing work?
Routing is based on IP address
How does IP based Routing work?
You provide a list of CIDRs for your clients and the corresponding endpoints/locations (user-IP-to-endpoint mappings)
Use cases of IP based routing
Optimise performance, reduce network costs
Example of IP based routing
Route end users from a particular ISP to a specific endpoint
IP based Routing architecture (example)
You have Route 53 connected to CIDR collection = location | 203.0.113.0/24
CIDR collection is connected with records.
If a user with the IP address of 203.0.113.56 tries to connect, it will get sent to the Instance with the value associated to the location.
When do you use Multi-Value RP?
when routing traffic to multiple resources
Can Multi-value RP be associated with Health Checks?
Yes
How many health records can be returned for each Multi-value query?
up to 8
Can you replace ELB with Multi-Value?
No
If you buy domain on 3rd party registrar, how can you still use Route 53 as the DNS service provider?
By creating a Hosted Zone in R53
And then update NameServer records on 3rd party website to use Route53 Name Servers
What is a domain registrar?
You buy the domain name
