DNS has Record Set Types:
A record --> Domain URL points to IP address at TCP Level [ dummy.com -> StaticIP_LoadBalancer]
CNAME record --> dummy.com -> Alternate.com
NS record -> its not actually a website, but at Nameserver Level [Not very usual[
Showing posts with label Route 53. Show all posts
Showing posts with label Route 53. Show all posts
Sunday, June 20, 2021
SSL can be embedded in DNS - DNS is Network level , Not Http Level
DNS is LEVEL4 - N/W Layer
HTTPS/SSL is Layer 7(6) - Above 4
So, DNS is merely Server resolving , it does not know anything at SSL TLS HTTPS level
So, We direct DNS to Load Balancer
Load Balancer has a listener which redirects traffic internally
Load Balancer is at TCP Port 80
TCP Port 80 redirects to Port 443 at Load balancer Level
here at LB SSL offloading Happens
PFX File, CER File is issued to "DNS Name " and "Subject Alternative Names" to FQDN of Host Backends
DNS has Record Set Types:
A record
CNAME record
NS record
Thursday, April 8, 2021
DNS Route 53 and ELB - AWS - Routing Policies
https://medium.com/awesome-cloud/aws-amazon-route-53-routing-policies-overview-285cee2d4d3b
https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html
When you create a record, you choose a routing policy, which determines how Amazon Route 53 responds to queries:
Simple routing policy – Use for a single resource that performs a given function for your domain, for example, a web server that serves content for the example.com website.
Failover routing policy – Use when you want to configure active-passive failover.
Geolocation routing policy – Use when you want to route traffic based on the location of your users.
Geoproximity routing policy – Use when you want to route traffic based on the location of your resources and, optionally, shift traffic from resources in one location to resources in another.
Latency routing policy – Use when you have resources in multiple AWS Regions and you want to route traffic to the region that provides the best latency.
Multivalue answer routing policy – Use when you want Route 53 to respond to DNS queries with up to 8 healthy records selected at random.
Weighted routing policy – Use to route traffic to multiple resources in proportions that you specify.
- ELB is one of many AWS services that have a regional scope and can span across zones in a given region.
- Other services like Route 53 is global in scope, as shown below, and provides services to multiple Regions.
Thursday, April 1, 2021
AWS Route 53 - DNS, Elastic Load Balancer, Name Server, Domain Registrar, Hosted Zone, A Record, C Record
Why is Route 53 So called ?
TCP/UDP protocol have a default port 53 for DNS Queries
TCP/UDP protocol have a default port 53 for DNS Queries
-------------------------------------------------------
Domain Registrar
DNS
Health Monitoring
-------------------------------------------------------
Networking & Content Delivery -> Route 53
-------------------------------------------------------
Register a Domain Name ?
-------------------------------------------------------
Register a Domain Name ?
Root Level Domain -> .com, .org, .edu. .net
Geographic Level Domain -> .co.in, .co.in
Domain Registrar -> Domain Name Purchased from
GoDaddy is an example.
"Route 53" is also a Domain Registrar
https://root-servers.org/ - Root Server
https://www.iana.org/ - For IP Addresses
Top Level Domain - Root Name Server
"Route 53" is Name Server
Domain Registrar knows which same Set of "Name Servers" your domain points to
Remove current NS and Update NS. It takes max 24 hours before these changes are effective
Who operates them? ROOT NAME Servers
The root servers are operated by 12 different organizations:
- A VeriSign Global Registry Services
- B University of Southern California, Information Sciences Institute
- C Cogent Communications
- D University of Maryland
- E NASA Ames Research Center
- F Internet Systems Consortium, Inc.
- G US DoD Network Information Center
- H US Army Research Lab
- I Netnod
- J VeriSign Global Registry Services
- K RIPE NCC
- L ICANN
- M WIDE Project
Many of these organizations have been operating root servers since the creation of the DNS. The list shows the Internet’s early roots as a US-based research and military network.
https://www.youtube.com/watch?v=JkEYOt08-rU [BEST DNS Video]
----------------------------------------------------------------------------------------------
Route 53 Has Hosted Zone
If You have external Domain Registrar(Go Daddy) - You need a create a Hosted Zone
You need to configure - AWS Provided Name Server in External Registrar Website.
If you have Route 53 as Domain Registrar, Hosted Zone is created by default
AWS Route 53 can have 500 Hosted Zones by default and 10,000 Record Resource Sets
Connect Domain Name with Route 53 Hosted Zone - This is called Delegation
If You migrate Domain across Registrar, it usually takes around 48 Hours because DNS Systems cache it for 48 Hours
AWS Supports 2 Types of Domains - Generic TLD(.com, .net/Geographic TLD
If AWS does not contains that domain, You cannot transfer then it to AWS
You need Authorization Code from Existing Domain Registrar
https://www.youtube.com/watch?v=G20A82dB5w0&list=PLBGx66SQNZ8a_y_CMLHchyHz_R6-6i-i_&index=85 [AWS Route 53 - II]
https://www.youtube.com/watch?v=Qf8BNGq2r6w&list=PLBGx66SQNZ8a_y_CMLHchyHz_R6-6i-i_&index=86 [AWS Route 53 - III]
Start of Authority, Hosted Zone
Route 53 - "Hosted Zone" - is a collection of records for Specific domain
Hosted Zone is a container which holds information about how you want to route traffic for domain and its sub domains.
www.techguftgu.com - Subdomains of techguftgu.com
info.techguftgu.com - techguftgu.com
support.techguftgu.com - techguftgu.com
Public Hosted Zone
Private Hosted Zone - Only works within VPC
When You create new Hosted Zone, It creates "Name Server" Record
and "Start of Authority" Record
SOA - Start of Authority
4 NameServers - Unique in 1 Hosted Zone
Do Not Change Name Servers Record
.com - Generic TLD
.net - Generic TLD
.org - Generic TLD
.in/.uk - Geographical
Unique Set of 4 TLD Name servers collectively known as - "Delegation Set"
"Route 53" - Acts as "Authoritative Servers"
ns-1234.awsdns-39.com - Example of
ns-3678.awsdns-12.org
ns-2947.awsdns-39.net
Its possible to have Hosted Zone having same Names
But they will have different Records/Different Name Servers
When You register, name Servers will be updated with "External Domain Registrar"
-------------------------------------------------------------------------------------------------
nslookup
Put above command name in cmd prompt
Enter IP , Get FQDN
Enter FQDN, Get IP address
mail.google.com
docs.aws.amazon.com
-------------------------------------------------------------------------------------------------
Some Registrar allow you to specify IP Adress
Some Registrar allow you to specify FQDN - Fully Qualified Domain Name
-------------------------------------------------------------------------------------------------
You can Transfer Domain from 1 AWS Account to Another
For this drop a mail to Support Team @ AWS
You cannot Transfer "Hosted Zone" from 1 AWS Account to another
You can have Domain in 1 AWS Account and Hosted Zone in another Aws Account
--------------------------------------------------------------------------------------------------
Types of Records in "Hosted Zone"
- A Record -> Domain Name to IPv4 Address -> 32 Bits
- AAAA Record -> DNS Name to IPv6 Address -> 128 Bits -> Quad Ipv4
- C Record -> Canonical Name - Alias of Domain
- NS Record -> NameServer Record -> 4 Nameserver for 4 TLD Domains - ORG, NET, COM, Geographical (.in, .uk) (Authoritative Name Server)
- SOA Record -> Start of Authority - Meta Info about DNS Hosted Zone
- MX Record -> Mail Server Record
NS Record - > 4 Nameservers which we need to update in - Domain Registrar
4 Name Server for each of Top level domains
CName - Cannot be made for "Root Domain" - Zone Apex
techguftgu.com ---- CNAME X
techguftgu.com ---- subdomain.techguftgu.com ---> CNAME - Yes
SOA Record -> "Hosted Zone" can have only 1 SOA Record
Email from domain of Owner
Authoritative Server
Name of Owner
Serial Number - No of Times You have incremented
Subscribe to:
Posts (Atom)