Route 53 Flashcards

1
Q

What does the DNS ‘A’ record type do?

A

Maps a hostname to IPv4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does the DNS ‘AAAA’ record type do?

A

Maps a hostname to IPv6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the DNS ‘CNAME’ record type do?

A

Maps a hostname to another hostname (the target must have an ‘A’ or ‘AAAA’ record, cannot create a CNAME for the top node of a DNS namespace e.g. example.com but www.example.com is ok).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does the DNS ‘NS’ record type do?

A

Name servers for the hosted zone, controls how traffic is routed for a domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a hosted zone?

A

A container for records that define how to route traffic to a domain and its sub-domains. Can be public or private.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What DNS record type is TTL not required for?

A

Alias

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the difference between a CNAME and an Alias DNS record type?

A

CNAME points a hostname to any other hostname, but only for a non-root domain (dev.something.com). An Alias points a hostname to an AWS resource and does work for root domains. Ideal for pointing to a load balancer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are some example targets of a DNS Alias?

A

Elastic Load Balancers, Amazon CloudFront, Amazon API Gateway, Elastic Beanstalk, S3 Websites, Another Route53 Record (on same hosted zone)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Can you set an Alias DNS record for an EC2 DNS name?

A

No

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the simple routing policy in Route 53?

A

Route traffic to a single resource. Can specify multiple values, a random one is chosen by the client (DNS response returns all)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the weighted routing policy in Route 53?

A

Control the percentage of the requests that go to each resource. Determines what IP is returned.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the latency-based routing policy in Route 53?

A

Selects the resource that has the least latency (can be used to select the closest location)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the Route 53 health check feature?

A

For public resources only, checks the health of resources, if a resource goes down automated DNS failover happens

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

In terms of Route 53 and health checks, how can you check the health of a private resource (something on a VPC)?

A

Create a cloud watch metric and associate a cloud watch alarm, then create a health check that checks the alarm itself

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the failover routing policy in Route 53?

A

When the primary resource is healthy it is returned as the DNS result, otherwise the secondary is returned. Uses health check (required for primary resource).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is the geolocation routing policy in Route 53?

A

Routing is based on users actual location, not based on latency. A default record should exist in case no location matched.

17
Q

What is the geoproximity routing policy in Route 53?

A

Routing based on how close a user is to a resource, a bias can be set to change the balance, for example two resources on opposite sides of a country, a positive bias on resource A will shift more traffic to A vs B.

18
Q

What is the IP based routing policy in Route 53?

A

Routing based on clients IP address, provide a list of CIDRs and the corresponding resources to map to. Use case: optimise performance, reduce network costs

19
Q

What is the multi-value routing policy in Route 53?

A

Route traffic to multiple resources, Route 53 returns multiple resources. Can be associated with health checks (return only healthy options). Have up to 8 records returned. Client side load balancing only, not a replacement for ELB.

20
Q

What is a VPC?

A

Virtual Private Cloud - private network to deploy your resources. You have a VPC per region.

21
Q

What is a VPC subnet?

A

A partition of your network within a VPC at the AZ level. You can have private or public subnets. Route Tables define access.

22
Q

How would you allow a resource in a private subnet to access the internet to download updates?

A

Add a NAT gateway in the public subnet, resources in the private subnet talk to the NAT gateway

23
Q

What is a NAT gateway?

A

Allows instances in your private subnets to access the internet while remaining private

24
Q

What is the ACL or NACL?

A

(Network) access control list - controls traffic from and to subnet using allow and deny rules, rules only include IP addresses

25
Q

What is VPC peering?

A

Lets you connect one VPC to another to make them behave as if they were on the same network. Must not have overlapping CIDR

26
Q

What are VPC Endpoints?

A

Allow you to connect to AWS services using a private network instead of public internet. Gives you enhanced security and lower latency.

27
Q

What two ways lets you connect an on-prem data centre to a VPC?

A

Site-to-site VPN and Direct Connect

28
Q

A web application hosted on a fleet of EC2 instances managed by an Auto Scaling Group. You are exposing this application through an Application Load Balancer. Both the EC2 instances and the ALB are deployed on a VPC with the following CIDR 192.168.0.0/18. How do you configure the EC2 instances’ security group to ensure only the ALB can access them on port 80?

A

Add an inbound rule with port 80 and ALB’s security group as the source

29
Q
A