Route 53 Flashcards
What does the DNS ‘A’ record type do?
Maps a hostname to IPv4
What does the DNS ‘AAAA’ record type do?
Maps a hostname to IPv6
What does the DNS ‘CNAME’ record type do?
Maps a hostname to another hostname (the target must have an ‘A’ or ‘AAAA’ record, cannot create a CNAME for the top node of a DNS namespace e.g. example.com but www.example.com is ok).
What does the DNS ‘NS’ record type do?
Name servers for the hosted zone, controls how traffic is routed for a domain
What is a hosted zone?
A container for records that define how to route traffic to a domain and its sub-domains. Can be public or private.
What DNS record type is TTL not required for?
Alias
What is the difference between a CNAME and an Alias DNS record type?
CNAME points a hostname to any other hostname, but only for a non-root domain (dev.something.com). An Alias points a hostname to an AWS resource and does work for root domains. Ideal for pointing to a load balancer.
What are some example targets of a DNS Alias?
Elastic Load Balancers, Amazon CloudFront, Amazon API Gateway, Elastic Beanstalk, S3 Websites, Another Route53 Record (on same hosted zone)
Can you set an Alias DNS record for an EC2 DNS name?
No
What is the simple routing policy in Route 53?
Route traffic to a single resource. Can specify multiple values, a random one is chosen by the client (DNS response returns all)
What is the weighted routing policy in Route 53?
Control the percentage of the requests that go to each resource. Determines what IP is returned.
What is the latency-based routing policy in Route 53?
Selects the resource that has the least latency (can be used to select the closest location)
What is the Route 53 health check feature?
For public resources only, checks the health of resources, if a resource goes down automated DNS failover happens
In terms of Route 53 and health checks, how can you check the health of a private resource (something on a VPC)?
Create a cloud watch metric and associate a cloud watch alarm, then create a health check that checks the alarm itself
What is the failover routing policy in Route 53?
When the primary resource is healthy it is returned as the DNS result, otherwise the secondary is returned. Uses health check (required for primary resource).
What is the geolocation routing policy in Route 53?
Routing is based on users actual location, not based on latency. A default record should exist in case no location matched.
What is the geoproximity routing policy in Route 53?
Routing based on how close a user is to a resource, a bias can be set to change the balance, for example two resources on opposite sides of a country, a positive bias on resource A will shift more traffic to A vs B.
What is the IP based routing policy in Route 53?
Routing based on clients IP address, provide a list of CIDRs and the corresponding resources to map to. Use case: optimise performance, reduce network costs
What is the multi-value routing policy in Route 53?
Route traffic to multiple resources, Route 53 returns multiple resources. Can be associated with health checks (return only healthy options). Have up to 8 records returned. Client side load balancing only, not a replacement for ELB.
What is a VPC?
Virtual Private Cloud - private network to deploy your resources. You have a VPC per region.
What is a VPC subnet?
A partition of your network within a VPC at the AZ level. You can have private or public subnets. Route Tables define access.
How would you allow a resource in a private subnet to access the internet to download updates?
Add a NAT gateway in the public subnet, resources in the private subnet talk to the NAT gateway
What is a NAT gateway?
Allows instances in your private subnets to access the internet while remaining private
What is the ACL or NACL?
(Network) access control list - controls traffic from and to subnet using allow and deny rules, rules only include IP addresses
