Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service.
Amazon Route 53 provides three main functions:
Domain registration: allows you to register domain names
Domain Name System (DNS) service: translates friendly domains names like www.example.com into IP addresses like 192.0.2.1. Responds to DNS queries using a global network of authoritative DNS servers, which reduces latency, and can route Internet traffic to CloudFront, Elastic Beanstalk, ELB, or S3. There’s no charge for DNS queries to these resources.
Health checking; can monitor the health of resources such as web and email servers. Sends automated requests over the Internet to the application to verify that it’s reachable, available, and functional. CloudWatch alarms can be configured for the health checks to send notification when a resource becomes unavailable. Can be configured to route Internet traffic away from resources that are unavailable.
Supported DNS Resource Record Types
A (Address) Format: is an IPv4 address in dotted decimal notation for e.g. 192.0.2.1
AAAA Format: is an IPv6 address in colon-separated hexadecimal format
CNAME Format: is the same format as a domain name
The DNS protocol does not allow you to create a CNAME record for the top node of a DNS namespace, also known as the zone apex. For example, if you register the DNS name example.com, the zone apex is example.com. You cannot create a CNAME record for example.com, but you can create CNAME records for www.example.com, newproduct.example.com, and so on.
In addition, if you create a CNAME record for a subdomain, you cannot create any other records for that subdomain. For example, if you create a CNAME for www.example.com, you cannot create any other records for which the value of the Name field is www.example.com.
MX (Mail Xchange) Format; contains a decimal number that represents the priority of the MX record, and the domain name of an email server.
NS (Name Server) Format: An NS record identifies the name servers for the hosted zone. The value for an NS record is the domain name of a name server.
PTR Format: A PTR record Value element is the same format as a domain name.
SOA (Start of Authority) Format: SOA record provides information about a domain and the corresponding Amazon Route 53 hosted zone.
SPF (Sender Policy Framework) Format: SPF records were formerly used to verify the identity of the sender of email messages, however is not recommended. Instead of an SPF record, a TXT record that contains the applicable value is recommended.
SRV Format: An SRV record Value element consists of four space-separated values.The first three values are decimal numbers representing priority, weight, and port. The fourth value is a domain name for e.g. 10 5 80 hostname.example.com
TXT (Text) Format: A TXT record contains a space-separated list of double-quoted strings. A single string include a maximum of 255 characters. In addition to the characters that are permitted unescaped in domain names, space is allowed in TXT strings.
If you want to route traffic randomly to multiple resources such as web servers, you can create one multivalue answer record for each resource and, optionally, associate an Amazon Route 53 health check with each record.
Route 53 supports alias resource record sets, which enables routing of queries to a CloudFront distribution, Elastic Beanstalk, ELB, an S3 bucket configured as a static website, or another Route 53 resource record set.
Alias records are not standard for DNS RFC and are a Route 53 extension to DNS functionality.
Alias record is similar to a CNAME record, but can create an alias record both for the root domain or apex zone, such as example.com, and for subdomains, such as www.example.com. CNAME records can be used only for subdomains.
Route 53 automatically recognizes changes in the resource record sets that the alias resource record set refers to for e.g. for a site pointing to an load balancer, if the ip of the load balancer changes, Route 53 will reflect those changes automatically in the DNS answers without any changes to the hosted zone that contains resource record sets.
If an alias resource record set points to a CloudFront distribution, a load balancer, or an S3 bucket, the time to live (TTL) can’t be set; Route 53 uses the CloudFront, load balancer, or Amazon S3 TTLs.
Hosted Zone is a "container for records", which include information about how to route traffic for a domain (such as example.com) and all of its subdomains (such as www.example.com, retail.example.com, and seattle.accounting.example.com).
A hosted zone has the "same name" as the corresponding domain.
Routing Traffic to the Resources: Create a hosted zone with either a public hosted zone or a private hosted zone:
Public Hosted Zone – for routing internet traffic to your resources for a specific domain and its subdomains
Private hosted zone – for routing traffic within an VPC
Create records in the hosted zone; Records define where to route traffic for each domain name or subdomain name.
Name of each record in a hosted zone must end with the name of the hosted zone.
Enables you to access an internal version of your website using the same domain name that is used publicly.
You can maintain both a private and public hosted zone with the same domain name for split-view DNS with Route 53.
Ensure that DNS resolution and DNS hostnames are enabled on the source VPC.
DNS queries will respond with answers based on the source of the request. From within the VPC, answers will come from the private hosted zone, while public queries will return answers from the public hosted zone.
Simple routing policy is a simple round robin policy and can be applied when there is a single resource doing the function for the domain for e.g. web server that serves content for the website
AWS Route 53 responds to the DNS queries based on the values in the resource record set for e.g. ip address in an A record
Route traffic to different resources in specified proportions (weights) for e.g., 75% one server and 25% to the other during a pilot release
Weights can be assigned any number from 0 to 255.
Can be applied when there are multiple resources that perform the same function for e.g., webservers serving the same site
Weighted resource record sets let you associate multiple resources with a single DNS name.
Common use cases include; load balancing, A/B testing ( sending a small portion of traffic to a server on which you’ve made a software change) and piloting new versions of software.
To create a group of weighted resource record sets, two or more resource record sets can be created that have the same combination of DNS name and type, and each resource record set is assigned a unique identifier and a relative weight.
When processing a DNS query, Route 53 searches for a resource record set or a group of resource record sets that have the specified name and type.
Route 53 selects one from the group. Probability of any one resource record set being selected depends on its weight as a proportion of the total weight for all resource record sets in the group.
Respond to the DNS query based on which data center gives the user the lowest network latency.
Latency-based routing policy can be used when there are multiple resources performing the same function and Route 53 needs to be configured to respond to the DNS queries with the resources that provide the fastest response with lowest latency.
Latency resource record set can be created for the EC2 resource in each region that hosts the application. When Route 53 receives a query for the corresponding domain, it selects the latency resource record set for the EC2 region that gives the user the lowest latency.
Route 53 then responds with the value associated with that resource record set for e.g., you might have web servers for example.com in the EC2 data centers in Ireland and in Tokyo. When a user browses to example.com from Singapore, Route 53 will pick up the data center (Tokyo) which has the lowest latency from the users location.
Latency between hosts on the Internet can change over time as a result of changes in network connectivity and routing. for e.g. if the latency from the user in Singapore to Ireland improves, the user can be routed to Ireland
Latency based routing cannot guarantee users from the same geographic will be served from the same location for any compliance reason
Latency resource record sets can be created using any record type that Route 53 supports except NS or SOA.
Failover routing policy allows active-passive failover configuration, in which one resource takes all traffic when it’s available and the other resource takes all traffic when the first resource isn’t available.
Route 53 health checking agents will monitor each location/endpoint of the application to determine the availability.
Failover routing policy is applicable for Public hosted zones only.
Lets you route traffic based on the physical distance between your users and your resources if you're using Route 53 traffic flow.
You can also route more or less traffic to each resource by specifying a positive or negative bias.
When you create a traffic flow policy, you can specify either an AWS Region (if you're using AWS resources) or the latitude and longitude for each endpoint.
Multivalue answer routing lets you configure Amazon Route 53 to return multiple values, such as IP addresses for your web servers, in response to DNS queries.
You can specify multiple values for almost any record, but multivalue answer routing also lets you check the health of each resource, so Route 53 returns only values for healthy resources.
It's not a substitute for a load balancer, but the ability to return multiple health-checkable IP addresses is a way to use DNS to improve availability and load balancing.
To route traffic approximately randomly to multiple resources, such as web servers, you create one multivalue answer record for each resource and, optionally, associate a Route 53 health check with each record.
Route 53 responds to DNS queries with up to eight healthy records and gives different answers to different DNS resolvers.
If a web server becomes unavailable after a resolver caches a response, client software can try another IP address in the response.
Note the following:
If you associate a health check with a multivalue answer record, Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.
If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.
If you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.
When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.
For example, suppose you manage an HTTP web service with 12 web servers that each have their own IP address. No one web server could handle all of the traffic, but if you create a dozen multi-value answer records, Amazon Route 53 responds to DNS queries with up to eight healthy records in response to each DNS query. Amazon Route 53 gives different answers to different DNS resolvers. If a web server becomes unavailable after a resolver caches a response, client software can try another IP address in the response.
To respond to DNS queries based on the geographic location of the users.
Lets you choose the resources that serve your traffic based on the geographic location of your users (the origin of DNS queries). When you use geolocation routing, you can localize your content and present some or all of your website in the language of your users. You can also use geolocation routing to restrict distribution of content to only the locations in which you have distribution rights. You can also balance load across endpoints in a predictable, easy-to-manage way, so each end-user location is consistently routed to the same endpoint.
Common use cases include; localization of content and presenting some or all of the website in the users language, restrict distribution of content to only the locations in which you have distribution rights, balancing load across endpoints in a predictable, easy-to-manage way.
Geolocation routing policy allows geographic locations to be specified by continent, country, or by state (only in US).
Priority goes to the smallest geographic region.
Geolocation works by mapping IP addresses to locations, which might not mapped to a exact geographic location.
A default resource record set can be created to handle these queries and also the ones which do not have an explicit record set created.
Route 53 returns a “no answer”response for queries from those locations, if a default resource record set if not created.
Two geolocation resource record sets that specify the same geographic location cannot be created.
Route 53 supports the edns-client-subnet extension of EDNS0 to improve the accuracy of geolocation routing.
Route 53 Resolver provides automatic DNS resolution within the VPC.
By default, Resolver answers DNS queries for VPC domain names such as domain names for EC2 instances or ELB load balancers. However, on-premises instances cannot resolve Route 53 DNS entries and Route 53 cannot resolve on-premises DNS entries.
DNS resolution between AWS VPC and on-premises network can be configured over a Direct Connect or VPN connection.
Route 53 Resolver is regional.
To use inbound or outbound forwarding, create a Resolver endpoint in the VPC.
As part of the definition of an endpoint, specify the IP addresses to forward inbound DNS queries to or the IP addresses that outbound queries to originate from. For each IP address specified, Resolver automatically creates a VPC elastic network interface.
DNS resolvers on on-premises network can forward DNS queries to Resolver in a specified VPC. This enables DNS resolvers to easily resolve domain names for AWS resources such as EC2 instances or records in a Route 53 private hosted zone.
Route 53 Resolver can be configured to forward queries that it receives from EC2 instances in the VPCs to DNS resolvers on on-premises network. To forward selected queries, Resolver rules can be created that specify the domain names for the DNS queries that you want to forward (such as example.com), and the IP addresses of the DNS resolvers on on-premises network that you want to forward the queries to.
If a query matches multiple rules (example.com, acme.example.com), Resolver chooses the rule with the most specific match.
Route 53 Resolver makes hybrid cloud easier for enterprise customers by enabling seamless DNS query resolution across your entire hybrid cloud.
Create DNS endpoints and conditional forwarding rules to allow resolution of DNS namespaces between your on-premises data center and Amazon Virtual Private Cloud (VPC).
When you create a VPC using Amazon VPC, Route 53 Resolver automatically answers DNS queries for local VPC domain names for EC2 instances (ec2-192-0-2-44.compute-1.amazonaws.com) and records in private hosted zones (acme.example.com).
For all other domain names, Resolver performs recursive lookups against public name servers.
You also can integrate DNS resolution between Resolver and DNS resolvers on your network by configuring forwarding rules. Your network can include any network that is reachable from your VPC, such as the following:
The VPC itself
Another peered VPC
An on-premises network that is connected to AWS with AWS Direct Connect, a VPN, or a network address translation (NAT) gateway.
Route 53 Resolver includes the Amazon DNS Server (AmazonProvidedDNS) which is available by default in all Amazon VPCs and responds to DNS queries from AWS resources for public records, Amazon VPC-specific DNS names, and Amazon Route 53 private hosted zones.
Customers with workloads leveraging both Amazon VPCs and on-premises resources also need to resolve private DNS records hosted on-premises.
Similarly, these on-premises resources may need to resolve names hosted on AWS.
These customers can now have bi-directional query resolution regardless of where the names are hosted through the use of Route 53 Resolver rules and endpoints.