Route 53
Icon
About
A highly available, scalable, fully managed and Authoritative (i.e., you can update the DNS records) DNS.
Route 53
is also a Domain Registrar and can register your domain name in the service.The only AWS service that provides 100% availability SLA.
Each record of the domain consists of,
Domain/SubDomain Name - (domain name like
example.com
).RecordType - (DNS Record Types).
Value - (IP addresses/DNS entry).
Routing Policy
TTL - (Cache duration at DNS resolver end).
Domain Registrar
Domain Registrar in AWS ecosystem is Amazon Registrar.
Domain Registrar is not same as DNS service. They may have DNS capability.
Hosted Zone
A container for records, and records contain information about how you want to route traffic for a specific domain, such as
example.com
, and its subdomains (acme.example.com
,zenith.example.com
).A hosted zone and the corresponding domain have the same name.
Any type of hosted zone created charges
$0.50
per month per hosted zone. And separate charged for domain registration.There are two types of hosted zones.
Public Hosted Zone
Contains records that specify how to route the traffic on the Internet.
Can be queried by resources anywhere on internet.
Private Hosted Zone
Contains records that specify how to route the traffic within one or more VPCs (private domain names).
Can only be queried by resources in your VPC.
Record Types
There are several types of DNS records.
Some of them are as
A
,AAAA
,CNAME
,NS
etc.
CNAME
Points a hostname to any other hostname.
CNAME
records can only be made for non root domain. They cannot be created for top node of DNS (Zone Apex).
Alias
Points a hostname to an AWS resource.
This is an extension specific to Route53 domain registrar.
Works for both root and non-root domain.
Free of charge, does not incur charges on querying.
Cannot set
TTL
for these record, this is set automatically by Route53.Alias can have following target
Elastic load balancer
CloudFront Distributions
API Gateway
ElasticBeanStalk environments
S3 Websites
VPC Interface Endpoints
Global Accelerator accelerator
Route 53 record in the same Hosted Zone.
Note that only one target can be specified for these type of records.
Alias cannot be set for a EC2 DNS name.
Alias Records are always of type
A
orAAAA
.They also have native health checks support.
Routing Policy
A routing policy, determines how
Amazon Route 53
responds to queries.Types of routing policy
Simple -> Can only have one record for alias, does not allow health checks.
Weighted
Failover
Latency Based
Geolocation
Multi-Value
Geoproximity
IP Based
More details about types of routing policies and how to choose them can be found here.
Health checks
Configuring health checks enables Automatic DNS failover.
These health checks are only for public health resources.
About 15 global health checkers will check for the endpoint health.
Parameters such as for healthy or unhealthy threshold (3 by default), interval for health checks (30 seconds but can be 10 seconds for fast health checks), protocol etc can be configured.
These health checkers support protocol such as
HTTP
,HTTPS
andTCP
.If
18%
of health checkers report the endpoint is healthy, then Route53 considers the resource as healthy.Health checks are considered good when response are of status
2xx
and3xx
. It can also set up to setup pass/fail based on text in first 5120 bytes of the response.Ensure the router/firewall has rules to allow incoming requests from Route 53 health checkers.
Ability to configure the global health checker from a specific region is available.
Not supported by simple routing policy.
The ip ranges of these global health checkers can be found here
Health checks are integrated with Cloud Watch metrics.
Calculated health checks
Combine the results of multiple health checks into a single health check.
One can combine the multiple health checks using
AND
,OR
orNOT
.Upto 256 child health checks can be monitored at a time.
Parent health check pass ratio can be configured based on the number of child health checks that have passed.
Private resource health checks
As Route53 health checkers are outside the VPC, they cant access private VPC or on-premise resource.
Private resources can be configured with
CloudWatch
Metric and associate them with aCloudWatch
Alarm.This configured
CloudWatch
Alarm can be attached to the health checker so that health check checks theCloudWatch
alarm itself.
Traffic Flow
Traffic flow allows to configure complicated DNS Policy.
This feature is not included in Free tier.
It provides a visual UI editor to manage complex routing decision trees.
Last updated