Route 53 & DNS

Question 1

What is the AWS term for zones in Route 53

Answer 1

Hosted zones

Question 2

What does the AWS term “recordset” refer to?

Answer 2

A set of DNS records

Question 3

How many nameservers does Route 53 host a given zone on?

Answer 3

Four nameservers

Question 4

What type of DNS records manage the delegation process by pointing to authoritative nameservers for a given domain?

Answer 4

NS records

Question 5

What type of DNS records resolve DNS names to IPv6 addresses?

Answer 5

AAAA records

Question 6

What type of DNS records resolve DNS names to IPv4 addresses?

Answer 6

A records

Question 7

What does CNAME stand for, and what does this type of record do?

Answer 7

Canonical name. They allow hostname to hostname mappings.

Question 8

How do you map a CNAME to an IP address?

Answer 8

You can’t. CNAME records cannot do this (common exam question)

Question 9

What type of DNS record can you use to add arbitrary information to your zone?

Answer 9

A TXT record

Question 10

What is a typical use of TXT records?

Answer 10

Proof that you manage a given domain, by getting you to add a predefined TXT record.

Question 11

How many regions is Route 53 available in?

Answer 11

Trick question. Route 53 is a global service.

Question 12

True or False: Public hosted zones are accessible from VPCs.

Answer 12

True.

Question 13

True or False: in R53 you can associate private hosted zones with VPCs in other AWS accounts.

Answer 13

True.

Question 14

True or False: You can only associate private hosted zones with VPCs in other AWS accounts using the CLI or API.

Answer 14

True.

Question 15

True or False: Private hosted zones are accessible from any of your VPCs.

Answer 15

False. They are accessible only from VPCs that have an association with that private zone.

Question 16

What must you do in order to enable access to a private hosted zone from a VPC?

Answer 16

Associate that VPC with the private hosted zone.

Question 17

In the context of AWS, what is the main limitation of CNAME records?

Answer 17

They cannot be used on naked/apex records (eg. catagram.io).

Question 18

What Route 53 record type allows mapping a naked/apex record to an A/AAAA record?

Answer 18

The ALIAS record.

Question 19

True or False: you can use an ALIAS record to map an A record to an AAAA record.

Answer 19

False. The from/to types must be the same type.

Question 20

True or False: ALIAS records are a standard DNS feature.

Answer 20

False. ALIAS records are only supported by Route 53.

Question 21

What is the shorter interval for R53 health checkers?

Answer 21

10 seconds.

Question 22

You are in the us-east-1 region and have configured a R53 health check. Where will the health checkers be located?

Answer 22

Health checkers are ALWAYS distributed globally.
This is to gain a comprehensive picture of a host’s reachability.

Question 23

True or False: ALIAS records are only for mapping naked/apex names to AWS resources.

Answer 23

False. ALIAS records can map both normal and naked/apex names.

Question 24

How many DNS records per hostname does Simple Routing support? How many values can each record have?

Answer 24

One record per hostname.
That record can have multiple values (eg. IP addresses).

Question 25

What is the drawback of simple routing in Route 53?

Answer 25

It doesn’t support health checks.
The A/AAAA record will return all values (IP addresses) irrespective of the health of the underlying server/application.

Question 26

What is the default interval for R53 health checkers?

Answer 26

30 seconds.

Question 27

What are calculated health checks?

Answer 27

These are checks of other checks.

Question 28

What three types of things can a R53 health-check check?

Answer 28

1. An endpoint (eg. a web server)
2. Calculated checks (the status of health checks)
3. The status of a CloudWatch alarm.

Question 29

True or False: health checks can be performed on any internet-accessible host.

Answer 29

True.

Question 30

What percentage of health checkers must succeed in order for a resource to be considered healthy?

Answer 30

18%

Question 31

What protocols/methods are supported by R53 health checks?

Answer 31

TCP, HTTP/HTTPS, and HTTP/HTTPS with string matching.

Question 32

How does R53 failover routing work?

Answer 32

A health check is performed on the primary resource. If it’s healthy, then the primary record is returned. If it’s unhealthy, the secondary record is returned.

Question 33

With R53 failover routing, what is typically used as the secondary resource?

Answer 33

Typically the secondary record points to an S3 bucket configured as a static website, containing a “down for maintenance” static page.

Question 34

How does R53 multi-value routing work?

Answer 34

Up to 8 records are returned. Any unhealthy records won’t be returned to the querying host.

Question 35

What happens in R53 multi-value routing if there are more than 8 records configured?

Answer 35

8 healthy records will be randomly chosen from.

Question 36

In R53 multi-value routing, how are health checks configured?

Answer 36

Each record is independent and can have an associated health check.

Question 37

What is the premise of R53 weighted routing?

Answer 37

Each record is assigned a weight value which determines how often it is returned, in proportion to the total of all weights.

Question 38

With R53 weighted routing, what happens if all weights are zero? Why?

Answer 38

All records are returned. This is a measure to prevent the accidental disabling of all records.

Question 39

With R53 weighted routing, what happens if all non-zero weighted records are unhealthy and one or more zero-weighted records are healthy?

Answer 39

The healthy zero-weighted records are returned.

Question 40

What is the premise of R53 latency based routing?

Answer 40

Each record (for the same name) is mapped to an AWS region. AWS then uses an IP database to ascertain the location of the client, and serves up the DNS record with the lowest expected latency for that client.

Question 41

Typically when would you choose R53 latency based routing?

Answer 41

When optimising for performance and user experience.

Question 42

How many records (per name) per region can be used with R53 latency based routing?

Answer 42

One record (per name) per region.

Question 43

With R53 latency based routing, what happens if the best record’s health check has failed?

Answer 43

R53 returns the next-lowest-latency record.

Question 44

What is the premise of R53 geolocation routing?

Answer 44

It returns the record that is most relevant to the client’s location. It does this by discerning the client’s location and attempting to match this to the record’s configured location tag, which can be a US State, Country, Continent, Default, or it can be empty.

Question 45

How does R53 geolocation routing work?

Answer 45

DNS records are tagged with a location field, which an be a US State, Country, Continent, Default, or empty. AWS ascertains the location of the user. It then attempts to match this against DNS records with the same location as the user, and only if there’s a match, is a DNS answer returned.

Question 46

With R53 geolocation routing, what happens if there’s no match between all records for the host, and the client’s location?

Answer 46

If a record is configured as Default, that record is returned. If no Default is configured, “NO ANSWER” is returned to the requestor.

Question 47

What are three use cases for R53 geolocation routing?

Answer 47

1. Restricting content by territory.
2. Language-specific or region-specific content.
3. Load balancing across regional endpoints.

Question 48

True or False: R53 geolocation routing returns the closest record.

Answer 48

False!
It returns the most relevant record, location-wise.

Question 49

True or False: R53 geolocation routing returns the most relevant record, location-wise.

Answer 49

True.

Question 50

What is the aim of R53 geoproximity routing?

Answer 50

It aims to provide records that are as close to your end users as possible.

Question 51

How does R53 geoproximity routing work?

Answer 51

Resources are configured with an AWS Region value or a lat+long value. AWS ascertains the location of the user and routes traffic to the closest record available.

Question 52

In R53 geoproximity routing, what does the bias value do?

Answer 52

It allows you to expand or shrink the user catchment area around a resource - the area whose users will be routed to that resource.

Question 53

Does R53 geoproximity routing work with non-AWS resources?

Answer 53

Yes.

Question 54

With R53 geoproximity routing, what value is used to give the location of non-AWS resources?

Answer 54

Lat + long

Question 55

What VPC IP address does R53 DNS use?

Answer 55

The .2 VPC address.

Question 56

What other .2 address(es) can the R53 resolver be reached on?

Answer 56

The .2 address in each subnet.

Question 57

What kinds of zones can be accessed through the .2 address?

Answer 57

Public zones, and associated private zones.

Question 58

Is the R53 resolver accessible through site-to-site VPN or Direct Connect?

Answer 58

No. It is only accessible from within the VPC.

Question 59

How are DNS endpoints presented in a subnet?

Answer 59

As Elastic Network Interfaces.

Question 60

What do Inbound DNS endpoints do?

Answer 60

They allow DNS queries to your VPC from an on-prem network or another VPC.

Question 61

What do Outbound DNS endpoints do?

Answer 61

They allow DNS queries from your VPC to an on-prem network or another VPC.

Question 62

What do Outbound DNS endpoint rules do?

Answer 62

They control which requests are forwarded.

Question 63

How many ENIs does an R53 Endpoint consist of?

Answer 63

Two

Question 64

How many IP addresses are there per R53 Endpoint ENI?

Answer 64

One