Route 53 Flashcards
What are the DNS Terminologies?
- Domain Registrar: Amazon Route 53, GoDaddy, …
- DNS Records: A, AAAA, CNAME, NS, …
- Zone File: contains DNS records
- Name Server: resolves DNS queries (Authoritative or Non-Authoritative)
- Top Level Domain (TLD): .com, .us, .in, .gov, .org, …
- Second Level Domain (SLD): amazon.com, google.com, …
How does DNS works?
local dns - root dns - tld dns - sld dns server
What is Amazon Route 53?
A highly available, scalable, fully managed and Authoritative DNS, also a Domain Registar.
Can Route53 check the health of resources?
yes it can
Whats the availabilty of R53?
100%
What are in a R53 Record?
- Domain/subdomain Name – e.g., example.com
- Record Type – e.g., A or AAAA
- Value – e.g., 12.34.56.78
- Routing Policy – how Route 53 responds to queries
- TTL – amount of time the record cached at DNS Resolvers
What are the R53 supported records?
- (must know) A / AAAA / CNAME / NS
- (advanced) CAA / DS / MX / NAPTR / PTR / SOA / TXT / SPF / SRV
What is an A record?
A – maps a hostname to IPv4
What is an AAAA record?
AAAA – maps a hostname to IPv6
What is an CNAME record?
- CNAME – maps a hostname to another hostname
- The target is a domain name which must have an A or AAAA record
- Can’t create a CNAME record for the top node of a DNS namespace (Zone
Apex) - Example: you can’t create for example.com, but you can create for
www.example.com
What is a NS record?
- NS – Name Servers for the Hosted Zone
Whate types of Hosted Zones are in R53?
- Public Hosted Zones – contains records that specify how to route
traffic on the Internet (public domain names)
application1.mypublicdomain.com - Private Hosted Zones – contain records that specify how you route
traffic within one or more VPCs (private domain names)
application1.company.internal
Do you have to pay for Hosted Zones
Yes, $0.5 per month per zone
What is TTL?
It stands for Time to live. Defines the cache time for a record.
* High ttl - less traffic, can be outdated
* Low ttl - more cost, easy to change record
Is TTL mandatory?
Yes it is except for Alias records.
Whats the difference between CNAME and Alias?
*CNAME: points a hostname to another hostname, ONLY FOR NON ROOT DOMIAN
* Alias: points a hostname to an AWS Resource, root and non root domains, free, native health checks
Whats the type of the Alias record?
It A/AAAAl.
What can be the target of the Alias record?
- Elastic Load Balancers
- CloudFront Distributions
- API Gateway
- Elastic Beanstalk environments
- S3 Websites
- VPC Interface Endpoints
- Global Accelerator accelerator
- Route 53 record in the same hosted zone
YOU CANT SET ALIAS FOR AN EC2 DNS name
What are R53 Routing Policies?
Define how Route 53 responds to DNS queries.
What are the supported R53 policies?
- Simple
- Weighted
- Failover
- Latency based
- Geolocation
- Multi-Value Answer
- Geoproximity (using Route 53 Traffic Flow feature)
What is a simple R53 policy?
- Typically, route traffic to a single resource
- Can specify multiple values in the same record
- If multiple values are returned, a RANDOMone is chosen by the client
- CAN’T be associated with health checks
What is a Weighted R53 policy?
- Control the % of the requests that go to each specific resource
- DNS records must have the same name and type
Can be associated with Health Checks - Use cases: load balancing between regions, testing new application versions…
- Assign a weight of 0 to a record to stop sending traffic to a resource
- If all records have weight of 0, then all records will be returned equally
What is a Latency-based R53 policy?
- Redirect to the res. that has the least latency close to us
- Latency is based on traffic between user and AWS Regions
- Can be ass. with health checks
What are R53 Health Checks?
- HTTP Health Checks are only for public resources
- Health Check => Automated DNS Failover:
1. Health checks that monitor an endpoint (application, server, other AWS resource)
2. Health checks that monitor other health checks (Calculated Health Checks)
3. Health checks that monitor CloudWatch Alarms (full control !!) – e.g., throttles of DynamoDB, alarms on RDS, custom metrics, - Health Checks are integrated with CW metrics
How does Monitor an endpoint work?
- About 15 global health checkers will check the endpoint health
- Health Checks pass only when the endpoint responds with the 2xx and 3xx status codes
- Health Checks can be setup to pass / fail based on the text in the first 5120 bytes of the response
- Configure you router/firewall to allow incoming requests from Route 53 Health Checkers
How does Calcualted Health Check work?
- Combine the results of multiple Health Checks into a single Health Check
- You can use OR, AND, or NOT
- Can monitor up to 256 Child Health Checks
How to Health Check Private Hosted Zones?
You can create a CloudWatch Metric and associate a CloudWatch Alarm, then create a Health Check that checks the alarm itself.
How does Failover policy work?
You have to setup a Primary and a Secondary endpoint and it will automatically roll over if the primary is Unhealthy.
What is Geolocation policy, how does it work?
- This routing is based on user location
- Specify location by Continent, Country or by US State (if there’s overlapping,
most precise location selected) - Should create a “Default” record (in case there’s no match on location)
- Can be associated with health checks
How does Geoproximity policy work?
- Route traffic to your resources based on the geographic location of users and
resources - Ability to shift more traffic to resources based on the defined bias
- To change the size of the geographic region, specify bias values
- You must use the R53 Traffic Flow feature
What is IP-based routing policy?
- Routing is based on clients’ IP addresses
- You provide a list of CIDRs for your clients and the corresponding endpoints/locations
(user-IP-to-endpoint mappings) - Example: route end users from a particular ISP to a specific endpoint
What is the Multi-Value policy?
- Use when routing traffic to multiple resources
- Can be assigned with Health Checks
- Up to 8 healthy records are returned for each query
- Client choose randomly
Can you use a domain name that wasn’t bought in Amazon Registar?
Yes you can, but you have to set the R53 dns servers in the 3rd party provider site.
