Linux Diary: DNS and Route 53

What is DNS?

Domain Name system which translates the human friendly hostnames into the machine IP addresses

www.google.com => 172.217.18.36

DNS is the backbone of the internet

DNS uses hierarchial naming structure

.com

example.com

www.example.com

api.example.com

DNS terminologies:

Domain Registrar: Amazon Route 53, GoDaddy,etc

DNS REcords: A,AAAA,CNAME,NS,...

Zone File: contains DNS records(match hostnames to IP addresses)

Name Server: resolves DNS queries(Authoritative or Non-Authoritative)

Top level Domain (TLD): .com,.us,.in,.gov,.org,...

Second level Domain(SLD): amazon.com,google.com,...

http://api.www.example.com ---> FQDN

//api.www.example.com. ---> root

.com --TLD

.example.com -- SLD

.www.example.com -- Sub Domain

api.www.example.com -- Domain Name

http -- protocol

first register in route 53 server.

route 53--register domain and checkout and complete order

this will create a new entry in hosted zones and related NS and SOA records

create a record and provide name(like test.domaincreated.com) and record type and IP or other value.

testing:

sudo yum install -y bind-utils

nslookup test.domaincreated.com

dig test.domaincreated.com

let's say we create 3 ec2 instances on different regions and installs webservers like nginx in them.

<public_ip1> ap-southeast-1

<public_ip2> us-east-1

<public_ip3> eu-central-1

Load balancers -- application load balancer --all zones selected, new security group with 80 allowed, and create a target group with above three instances.

Records TTL (time to live):

Within this time won't query the DNS again, uses the old resolved record only.

if high ttl, bill will be less as the bill will be based on number of rquests to route53.

except for alias records, TTL is mandatory for each DNS record.

this can be set when we are creating records above.

Route 53, cname and alias records.

A record points to ip address.

CNAME

-- points a hostname to any other hostname (app.mydomain.com => blabla.anything.com)

-- only for non root domain name (aka something.mydomain.com)

Alias records

-- points a hostname to an AWS resource (app.mydomain.com => blabla.amazonaws.com)

-- works for ROOT domain and NON ROOT domain(aka mydomain.com)

-- free of charge

-- native health check

-- extension to DNS functionality.

-- automatically recognises changes in the resource ip addresses

-- unlike CNAME, it can be used for the top node of a DNS namespace (Zone Apex) eg: example.com

-- it is always of type A/AAAA for aws resources (ipv4/ipv6)

-- you can't set the TTL, set automatically by route53

Alias record targets:

- elastic load balancers

- clourdfront distributions

- API gateway

- elastic beanstack environments

- s3 websites

- vpc interface endpoints

- global accelerator

- route53 record in the same hosted zone

- you cannot set an ALIAS record for an EC2 DNS name

routing policies:

-- not load balancer traffix routing of traffic.

-- only to respond DNS queries

-- policies(simple,weighted,failover,latency based,geolocation,multi-value answer,geoproximity(using rpute53 traffic flow feature))

simple:

-- route traffix to a single reosource, can specifymultiple values in same record,if multiple values are returned, one will be picked randomly by client.can specify only one if alias is enabled.no health checks

weighted:

--% of requests that go to each specific reousrce. Like 70% to first ec2 instance,etc

-- traffic(%)=weight of a specific record/sum of all the weights for all records

-- weight doesn't need to sum upto 100

--dns records must have same name and type

--can be associated with health checks

-- use cases: load balancing between regions,testing new app versions..

--assign a weight of 0 to a record to stop sending traffic to a resouce

--if all records have weight 0, then all records will be returned equally

Latency based:

-- Redirect to the resouce that has the least latency close to us

-- super helpful when latency for the users is proximity