Route 53 Flashcards
What is the process that takes place when translating a DNS url to an IP?
-With your browser you access example.com.
-Your PCs local DNS server, queries the Root DNS server for the IP of the .com NS.
-Then your local DNS server queries the .com NS, which will be a TLD DNS Server (Top Level Domain DNS Server) for the ip of example.com NS.
-Finally, your local DNS Server, queries the DNS Server for example.com, (Which is a SLD DNS Server. SLD Standing for second level domain), for the example.com website IP Address. And your browser will be able to access the site.
TLDR: if you want to know the example.com A record, first the Root DNS Server will point you to the .com nameserver, then that one being the TLD DNS Server will point you to the example.com nameserver. Then that one being the SLD DNS Server for example.com, will know the A record for the example.com site, and will give you its ip. Finally having the ip you will be able to enter the website, and your local dns server will store it in its cache.
What type of DNS record points to a DNS Server?
NS
Which is the Root DNS Server?
The one that resolves the Top Level Domain records and points you tothe right nameserver: .com .net .org, etc. depending on the site you are trying to access
Which is the TLD DNS Server?
The one that resolves the Second Level Domain records and points you to the right nameserver: example.com example2.net, etc. depending on the site you are trying to access
Which is the SLD DNS Server?
The one that should have the dns record you are looking for, like example.com or web.example.com. The example.com NS will have the example.com A record if it exists.
The SLD DNS Server will point you to the ip of example.com
What is Route 53?
An authoritative DNS (Domain name system).
And a Domain Registrar.
What is a domain registrar?
Where you purchase your domains.
What are the main features of Route 53?
It’s a Global Service. Hosted Zones are global and aws managed towards your aws resources.
It’s highly available.
Scalable
Fully managed by AWS.
Resource Health Checks
It has 100% availability SLA
It’s a registrar too
What does a Route 53 DNS Records contain?
Record name: Domain or subdomain-name
Id
Record type: A, CNAME, etc.
The value (IP Address)
Routing Policy
TTL: Time to live: How long the record is kept in the cache of the resolvers.
What is a AAAA record?
For mapping hostname to ipv6
What is a CNAME record?
For mapping hostname to another hostname.
Where can you not create a CNAME record?
At the apex or root of a zone. Where you have the NS, or A records for example.
For example, you can create a CNAME record for asd.asd.com but not for asd.com.
How does Route 53 divides internal records and external records?
It has public hosted zones and private hosted zones
What are private hosted zones?
Contain records that specify how you route traffic within one VPC (or more VPCs).
Example: intranet2.zonamerica.com or app1.company.internal
How are DNS Zones called in Route 53?
Hosted Zones.
Whats differences are ther in how private and public hosted zones work?
These 2 work exactly the same way, but public hosted zone allows anyone from the internet to query your records, whereas the private hosted zone is only queried from your VPC.
How do you buy a domain in Route 53?
You go to Route 53 > Registered domains > Register domains
Then you choose the name, pricing varies depending on the TLD.
Then you choose duration, (1 or more years). Enable auto renewal.
And finally contact information. You can enable privacy protection to hide the contact information from internet queries for your domain.
What is a SOA Record?
It’s the start of authority, contain useful info for the DNS zone.
How does TTL work?
When a client makes a dns request to route 53, depending on the configured TTL for the record, route 53 asks the client to keep that record in its cache for that time. So it doesn’t request it again until that time has expired.
In route 53 low TTL is more expensive because it implies more request traffic. You get charged for each request in route 53.
What is a good use case for CNAME record in AWS?
To map an aws resources’ hostname to a subdomain of your domain:
you have: lb-1234.us-east-2.elb.amazonaws.com and you want: myapp.mydomain.com
What are alias records?
These are specific records to AWS Route 53.
These records point a hostname to an aws services resources
What extension to DNS functionality does Route 53 provide?
How does it work?
Aliases: Records that map hostnames to aws services resources.
Alias records are always type A or AAAA.
It recognises aws resource ip address changes in real time.
You can’t set TTL.
What is the main difference in CNAME and Alias records functionality?
Alias records can be used at the root/apex of the zone.
Can you set an Alias Record for an EC2 instance DNS Name?
No.
What are some limitations of Route 53 Aliases?
Can’t map to EC2 instance hostname.
What are route 53 routing policies?
They define how route 53 responds to DNS queries.
Route 53 Supports the following Routing Policies:
* Simple
* Weighted
* Failover
* Latency based
* Geolocation
* Multi-Value Answer
* Geoproximity (using Route 53 Traffic Flow feature)
Explain simple routing policy
Can route traffic to one or multiple values. Not much else.
What is a dns value?
the response the dns server sends to a query. Typically an ip address.
Can a dns record have multiple values?
Yes. When this happens, the client chooses a random value to access.
Do simple routing policies have health checks?
NO.
How do weighted routing policies work?
They control the percentage of requests that go to each specific resource (The resource could be for example an A record for an IP address value).
You configure this by giving a weight number to the resources. Same weight means same priority, lower weight lower, higher weight higher.
Example:
A record weighted.example.com with value 10.0.0.2 that has a weight of 70.
Then an A record weighted.example.com too, with value 10.0.0.3 that has a weight of 30.
Then 70% of requests for the weighted.example.com DNS name will go to 10.0.0.2, and 30% to 10.0.0.3.
Then you could create more records for “weighted” to different IPs with different weights.
What is the required criteria for weighted routing policy records?
They must have the same record name and be the same record type
What are weighted routing policies use cases?
Load balancing requests between regions.
Or testing new app version by sending a small percentage to it.
what happens if all records have a weight of 0?
All have the same weight
what happens if only one record has a weight of 0?
It gets 0% of requests. Meaning zero.
What does latency routing policy do?
Redirects a request to the resource that has lower latency for the user
How do you configure latency routing policies?
You set a record name, type, and value. Then you choose the latency routing policy, and you specify a region.
Hoe do latency routing policy records work?
You give a region to the value of the record.
You create many records for the same record name, to different values, each with a specific region. Then Route 53 will choose the lowest latency one. AWS chooses based on client latency to each aws region.
Can you use health checks on private hosted zones?
Yes. But since the health checkers live outside your VPC, you would need to allow access to them, thus making your VPC public.
What you could do to avoid this, is configure a health check that checks a cloud watch alarm specifically made for your endpoint.
So the idea is that the health checkers interact only with the cloud watch alarm and not with your private resources.
What are Route 53 Health Checks?
Health checks are a monitoring resource associated with cloud watch metrics. They are used by route 53 to do automated DNS failover.
You have preset health checks but you can use specific cloud watch alarms which gives you full control of your health checks.
What is a fast health check?
Its an option you have to do health checks every 10 seconds, which is faster than the standard 30 seconds, but it has higher cost.
How do DNS health checks work?
15 health checkers from different aws regions will check your resource every 30 seconds. If > 18% of these report the endpoint healthy. Then route 53 considers it healthy. Otherwise it will be unhealthy.
The health checks are done in a specific protocol.
Which protocol can health checks work with?
HTTP, HTTPS, or TCP.
What do you need in networking side for health checks to work?
The endpoint that will be checked by the health checkers needs to have incoming traffic allowed from the Route 53 health checkers IP address ranges
What are calculated health checks?
A type of health check that combines the results of different health checks into a single one.
These will be called child health checks and parent health check.
How do you combine child health checks?
You make a parent health check with different child health checks. You can use OR, AND and NOT conditions to combine the child health checks, to check how to decide if the parent health check will be healthy.
What kinds of monitoring can you do with Route 53 health checks?
An endpoint
A group of other health checks
CState of CloudWatch alarms
How do failover routing policies work in route 53?
You need to configure a health check for an endpoint.
It this endpoint becomes unhealthy, then route 53 will automatically failover it to your defined secondary endpoint. And route 53 will respond to dns requests with the secondary endpoint instead.
How do you create failover records in route 53?
First create a record and choose failover routing policy. Then in creation you need to set the type of failover record. It can be primary or secondary. Then you need to select the health check you will use to deem this record healthy or unhealthy.
Then you need to create a similar record, with the same record name, and a different record value. And you will set it as secondary. Now if the primary record you created becomes unhealthy, the DNS server will start using the secondary one.
Which type of record routing policy requires health checks?
Failover, for its primary records.
What is geolocation routing policy
Load balance depending on user location
What is default record in geolocation routing policy?
A normal type of geolocation record that has no specific country or continent. You use it in case a user does not match any other geolocation policies you have.
Example: you have policies for asia and europe. A client targeting this record from america will be routed to the value of the default policy, since he doesnt match the other 2.
How does geolocation routing policy work?
You create a record, and set the routing policy to geolocation. Now it lets you choose a continent or country. Users from that continent or country will match with this policy and will be routed by Route 53 to the value of this policy.
Which Route 53 routing policy works with regions?
Latency
Which Route 53 routing policy works with countries and continents?
Geolocation
Which Route 53 routing policy works with percentages?
Weighted. It works with values for weight which are translated to percentages.
What is geoproximity routing policy in route 53?
It routes records based on proximity from users’ location to resources’ location.
Users are routed to their geographically closest endpoint configured in your hosted zone.
How do you set your endpoint location in geoproximity policy?
For every case of geoproximity policy, you can set your endpoint location by specifying exact lat-long coordinates for the endpoint.
You can just specify an aws region for the endpoint, or you can specify an aws local zone.
What is route 53 traffic flow?
An advanced Route 53 feature for creating multiple policies and records with diagrams. When creating geoproximity policies it has a map feature that shows the coverage of each record compare to the others. Great for setting up geoproximity policies correctly.
What is bias in geoproximity routing?
Bias is a value you set in a record to tip the balance of geoproximity. You can have zero bias, positive bias (1 to 99) or negative bias (-1 to -99) Bias increases the geographical area that an endpoint will cover compared to other endpoints’ areas.
How do you shift more traffic to a specific region using route 53 geoproximity routing?
Increasing a regions’ endpoint bias
What is IP based routing policy?
You map user public ip ranges to specific endpoints
What is Multi Value routing policy?
returns multiple values to a dns query. Client will choose which one to use. Through health checks you can avoid returning an unhealthy value.
How can multi value records be associated with health checks?
You have a multi value record with multiple endpoints, and if you can configure health checks to only return values of healthy endpoints.
Whats the difference between a simple routing policy with multiple values and a multi value routing policy?
Simple routing policy records don’t allow health checks. Multi value records do.
It could happen that a simple policy record value is returned by the dns server but is unhealthy.
What do you need to add in the domain registar website when you buy a domain?
You need to specify your DNS Server NS records.
You have purchased mycoolcompany.com on Amazon Route 53 Registrar and would like the domain to point to your Elastic Load Balancer my-elb-1234567890.us-west-2.elb.amazonaws.com. Which Route 53 Record type must you use here?
-CNAME
-Alias
Alias. Can’t use CNAME on root or apex of the Zone.
Why is it good to have a higher TTL?
To not overload your DNS Server with requests.
