Route 53 & DNS Flashcards
What is the AWS term for zones in Route 53
Hosted zones
What does the AWS term “recordset” refer to?
A set of DNS records
How many nameservers does Route 53 host a given zone on?
Four nameservers
What type of DNS records manage the delegation process by pointing to authoritative nameservers for a given domain?
NS records
What type of DNS records resolve DNS names to IPv6 addresses?
AAAA records
What type of DNS records resolve DNS names to IPv4 addresses?
A records
What does CNAME stand for, and what does this type of record do?
Canonical name. They allow hostname to hostname mappings.
How do you map a CNAME to an IP address?
You can’t. CNAME records cannot do this (common exam question)
What type of DNS record can you use to add arbitrary information to your zone?
A TXT record
What is a typical use of TXT records?
Proof that you manage a given domain, by getting you to add a predefined TXT record.
How many regions is Route 53 available in?
Trick question. Route 53 is a global service.
True or False: Public hosted zones are accessible from VPCs.
True.
True or False: in R53 you can associate private hosted zones with VPCs in other AWS accounts.
True.
True or False: You can only associate private hosted zones with VPCs in other AWS accounts using the CLI or API.
True.
True or False: Private hosted zones are accessible from any of your VPCs.
False. They are accessible only from VPCs that have an association with that private zone.
What must you do in order to enable access to a private hosted zone from a VPC?
Associate that VPC with the private hosted zone.
In the context of AWS, what is the main limitation of CNAME records?
They cannot be used on naked/apex records (eg. catagram.io).
What Route 53 record type allows mapping a naked/apex record to an A/AAAA record?
The ALIAS record.
True or False: you can use an ALIAS record to map an A record to an AAAA record.
False. The from/to types must be the same type.
True or False: ALIAS records are a standard DNS feature.
False. ALIAS records are only supported by Route 53.
What is the shorter interval for R53 health checkers?
10 seconds.
You are in the us-east-1 region and have configured a R53 health check. Where will the health checkers be located?
Health checkers are ALWAYS distributed globally.
This is to gain a comprehensive picture of a host’s reachability.
True or False: ALIAS records are only for mapping naked/apex names to AWS resources.
False. ALIAS records can map both normal and naked/apex names.
How many DNS records per hostname does Simple Routing support? How many values can each record have?
One record per hostname.
That record can have multiple values (eg. IP addresses).
What is the drawback of simple routing in Route 53?
It doesn’t support health checks.
The A/AAAA record will return all values (IP addresses) irrespective of the health of the underlying server/application.
What is the default interval for R53 health checkers?
30 seconds.
What are calculated health checks?
These are checks of other checks.
What three types of things can a R53 health-check check?
- An endpoint (eg. a web server)
- Calculated checks (the status of health checks)
- The status of a CloudWatch alarm.
True or False: health checks can be performed on any internet-accessible host.
True.
What percentage of health checkers must succeed in order for a resource to be considered healthy?
18%
What protocols/methods are supported by R53 health checks?
TCP, HTTP/HTTPS, and HTTP/HTTPS with string matching.
How does R53 failover routing work?
A health check is performed on the primary resource. If it’s healthy, then the primary record is returned. If it’s unhealthy, the secondary record is returned.
With R53 failover routing, what is typically used as the secondary resource?
Typically the secondary record points to an S3 bucket configured as a static website, containing a “down for maintenance” static page.
How does R53 multi-value routing work?
Up to 8 records are returned. Any unhealthy records won’t be returned to the querying host.
What happens in R53 multi-value routing if there are more than 8 records configured?
8 healthy records will be randomly chosen from.
In R53 multi-value routing, how are health checks configured?
Each record is independent and can have an associated health check.
What is the premise of R53 weighted routing?
Each record is assigned a weight value which determines how often it is returned, in proportion to the total of all weights.
With R53 weighted routing, what happens if all weights are zero? Why?
All records are returned. This is a measure to prevent the accidental disabling of all records.
With R53 weighted routing, what happens if all non-zero weighted records are unhealthy and one or more zero-weighted records are healthy?
The healthy zero-weighted records are returned.
What is the premise of R53 latency based routing?
Each record (for the same name) is mapped to an AWS region. AWS then uses an IP database to ascertain the location of the client, and serves up the DNS record with the lowest expected latency for that client.
Typically when would you choose R53 latency based routing?
When optimising for performance and user experience.
How many records (per name) per region can be used with R53 latency based routing?
One record (per name) per region.
With R53 latency based routing, what happens if the best record’s health check has failed?
R53 returns the next-lowest-latency record.
What is the premise of R53 geolocation routing?
It returns the record that is most relevant to the client’s location. It does this by discerning the client’s location and attempting to match this to the record’s configured location tag, which can be a US State, Country, Continent, Default, or it can be empty.
How does R53 geolocation routing work?
DNS records are tagged with a location field, which an be a US State, Country, Continent, Default, or empty. AWS ascertains the location of the user. It then attempts to match this against DNS records with the same location as the user, and only if there’s a match, is a DNS answer returned.
With R53 geolocation routing, what happens if there’s no match between all records for the host, and the client’s location?
If a record is configured as Default, that record is returned. If no Default is configured, “NO ANSWER” is returned to the requestor.
What are three use cases for R53 geolocation routing?
- Restricting content by territory.
- Language-specific or region-specific content.
- Load balancing across regional endpoints.
True or False: R53 geolocation routing returns the closest record.
False!
It returns the most relevant record, location-wise.
True or False: R53 geolocation routing returns the most relevant record, location-wise.
True.
What is the aim of R53 geoproximity routing?
It aims to provide records that are as close to your end users as possible.
How does R53 geoproximity routing work?
Resources are configured with an AWS Region value or a lat+long value. AWS ascertains the location of the user and routes traffic to the closest record available.
In R53 geoproximity routing, what does the bias value do?
It allows you to expand or shrink the user catchment area around a resource - the area whose users will be routed to that resource.
Does R53 geoproximity routing work with non-AWS resources?
Yes.
With R53 geoproximity routing, what value is used to give the location of non-AWS resources?
Lat + long
What VPC IP address does R53 DNS use?
The .2 VPC address.
What other .2 address(es) can the R53 resolver be reached on?
The .2 address in each subnet.
What kinds of zones can be accessed through the .2 address?
Public zones, and associated private zones.
Is the R53 resolver accessible through site-to-site VPN or Direct Connect?
No. It is only accessible from within the VPC.
How are DNS endpoints presented in a subnet?
As Elastic Network Interfaces.
What do Inbound DNS endpoints do?
They allow DNS queries to your VPC from an on-prem network or another VPC.
What do Outbound DNS endpoints do?
They allow DNS queries from your VPC to an on-prem network or another VPC.
What do Outbound DNS endpoint rules do?
They control which requests are forwarded.
How many ENIs does an R53 Endpoint consist of?
Two
How many IP addresses are there per R53 Endpoint ENI?
One
