· You can configure DNS query logging capabilities including:
· Date-time stamp
· Domain-name query type
· Location, etc
· Amazon Route 53 uses anycast to help end users DNS queries get answered from the optimal route 53 location given network conditions. As a result, your users get high availability and improved performance with Route 53.
· You can import zones from other DNS providers
· You can create multiple hosted zones for the same domain name.
· Amazon Route 53 offers ALIAS records which are an Amazon Route 53 extension to DNS. Alias records route traffic to selected AWS resources including:
· ELB
· Cloudfront distributions
· Elastic Beanstalk environments
· API Gateway
· VPC interface endpoints
· S3 buckets configured for websites.
· Amazon supports wildcards for all record types except NS records.
· Amazon does not have a default TTL for records. You must specify it.
· You can use alias records for your ELB, Cloudfront distributions, or S3 website buckets.
· You can associate multiple IP addresses with a single record for load balancing of geographically-distributed web servers.
· DNS records propagate to the worldwide network of authoritative DNS servers within 60 sec under normal conditions.
· You can record API call history in CloudTrail. Do not use Cloud Trail logs to roll back changes to your hosted zones because reconstruction of your zone history may be incomplete.
· Amazon Route 53 supports DNSSEC.
· Amazon Route 53 supports IPv6 with AAAA and PTR records.
· You can point your zone Apex (example.com) to an alias record to the DNS name for your ELB – ex my-loadbalancer-1234.us-west-2.elb.amazonaws.com.
· Amazon Route 53 supports alias records for the three types of load balancers.
· ALB
· NLB
· Classic LB
· There is no additional charge to do so.
· You can point your zone apex to a website hosted on S3 – use S3 endpoint. No charge to do so. Use an alias record.
· Zone apex’s can also be pointed to a CloudFront Distribution – no charge.
· Zone records can be pointed to API gateway also using alias records.
· Zone records can be pointed to an Amazon VPC endpoint.
· For CloudFront distributions and S3 buckets configure to host static websites, use an alias record instead of CNAME – it’s free to do so.
· Weighted Round-Robin – use to specify the frequency with which different response are served.
· ie. Record 1 – weight 3 - 75% of traffic goes there. Record 2 – weight 1- 25% of traffic goes there.
· Weight can be between 0 and 255.
· Latency-based routing is used for applications with a global audience. Ex:
· Used for apps that run in multiple regions
· It can use multiple edge locations world-wide
· It routes end users to the AWS region that provides the lowest latency.
· GEO DNS routing directs request to specific endpoints based on the geographic location from where the request originates.
· You can create localized content
· Present the right pages in the right language
· Have localized content.
· Three levels of granularity – continent, country, state, and then a global record when a users location doesn’t match any of the specific DNS records.
· You can combine with latency-based routing and DNS failover.
· You can have GEO DNS records for a continent overlapping with in a country and states. For each user’s location.
· For each user’s location, Route 53 will return the most specific Geo DNS record that includes a location. For a location if no state record exists, Route 53 will return a country record. If no country record exists, it returns a continent record. If no continent record exists, then a global record is returned.
· There is no charge for Geo DNS – you pay for hosted zones and queries.
· Latency-Based vs Geo DNS
|
Latency Based Routing |
GEO DNS |
|
Routing based on latency measurements between a viewer’s location and AWS data centers. |
Routing decision based on geography. |
|
Use if the goal is to minimize end user latency |
User for compliance, localization requirements, or other use cases that require stable routing for specific geography. |
· Amazon supports multiple values in response to DNS queries to improve availability. It supports up to 8 health checks in response to each DNS query.
· Use to route traffic randomly to multiple sources such as web servers. Create one multi-value answer record for each resource and associate it with a health check record.
· Global Traffic management Service
· User to improve performance and availability by naming multiple endpoints around the world.
· Routes based on
· Latency
· Endpoint health
· Health checks
· Geo-proximity
· Geography
· Uses traffic policies – policy record. A traffic policy is a set of rules that you define to route end user request to one of your application endpoints.
· You can user the same policy to manage more than one DNS domain – 2 ways
· Create additional policies using the policy (record?) – there is an add charge for this.
· Create CNAME records for other domain names that use the policy.
· You cannot use policy CNAMES for an apex record
· There is a charge for the policy record but not for checking the policy.
· Route 53 is billed per record.
· Traffic flow supports all Route 53 DNS routing policies in:
· Latency
· Endpoint health
· Multi-value answers
· Weighted round robin
· Geo-proximity with traffic biasing.
· Private DNS is an authoritative DNS within your VPC without exposing your DNS records to the Internet. Use case – manage my organizations private IP addresses within a VPC.
· You must have a VPC and you can use it for multiple VPCs. You can associate VPCs and private hosted zones under another account.
· DNS failover can be configured for private hosted zones if they have public Ips. If that have private Ips, then you cannot configure health checks. You can create a cloud watch metric for a health check.
· DNS Failover – 2 components
· Health checks
· Failover
It returns an answer for resources that are answerable and reachable from the outside world.
DNS Query -------------------à Primary Site (IP1) – Unhealthy (this could be an S3 bucket)
--------------------à Backup Site (Ips) – Healthy (this could be an S3 bucket)
ß-------------------
Query returns IP(2) because it is healthy.
· You can setup health checks for parts of an app running outside of AWS – i.e legacy applications in your own data center.
· Route 53 does not make routing decisions based on the load or available traffic capacity of your endpoints. It will not consider the load on healthy endpoints. i.e. It will not consider the load on healthy endpoints.
· How many health checks need to fail before the endpoint is considered failed? - Three consecutive health checks. This can change between 1 and 10.
· Traffic resumes after three passed health checks.
· Health checks happen every 30 seconds. You can set a fast interval to 10 sec.
· If no healthy end points remain, no failover – it acts as if all are healthy.
· Health checks support for HTTP, HTTPS, and TCP. HTTPS does not check the SSL cert. However, health checks support Server Name Indication (SNI).