AWS Domain Name System
AWS Domain Name System
Domain Name System Concepts:
DNS is a globally distributed service uses a hierarchical name structure which are separated by dot (.). DNS is divided in to Top –Level Domain (TLD), Second –Level Domain (SLD) and many lower levels domain below SLD.
Example: www.dclessons.com and www.racks .dclessons.com, in both the TLD is (.COM) and dclessons is SLD.
Amazon provides the DNS services via Amazon Route 53 which is authoritative DNS system of Amazon. It works same as another DNS service like answers DNS queries, Translate the domain names to IP address, CNAME , A Record , Etc.
TLD is the most general part and is present farthest portion to the right, some example are .com, .net, .org, .gov, .edu etc.
ICANN (Internet Corporation for Assigned names and Numbers) has given management control to certain parties, which then distribute domain names under TLD. These Domains names are then registered with Inter NIC (Network Information Center) which ensures the uniqueness of the domain names across internet. Each domain name which is registered, then further registered in a central database called WholS database.
A domain name is a URL which provides a certain name for certain purpose and is uniquely available over internet.
Example: dclessons.com, is a domain name which is for certain purpose and is uniquely available over internet.
Host defines individual host, services, and any resources in domain name, which are accessible through a domain.
Example: if any certain API is to be accessible via internet under domain name, then we can provide the URL like: api.dclessons.com or any SFTP services then stfp.dclessons.com. So api or SFTP just represents a host, Services.
As we know that DNS work in hierarchal manner and allow large domains to be extended to multiple sub domains. A TLD can have multiple sub domains under them like dclessons is the sub domain under (.com) TLD.
Each SLD can also have sub domains under it, example www.racks .dclessons.com, here racks is the sub domain under SLD.
The difference between host and sub domains is that, host represents any computer, services, or resources but subdomain extend parent SLD, which is sub dividing domain itself.
Fully Qualified Domain Name (FQDN):
It is the absolute domain name and ends with dot( .) like www.dclessons.com. Which indicates root of the DNS hierarchy.
Example: Explained in below figure: DNS 9-1
It is just like DNS or we can say that Name server is Computer designated name server which translate domain names to IP address. These name servers works like DNS and has capability to re direct the DNS request from itself to another name server, they can only answer the queries about domain s which they control.
It is the simple text file that contains the mapping between domain names and IP address. It resides in the name servers and defines the resources under specific domain.
Top level Domain (TLD) Name Registers: It is an organization that manages and reserves the Internet domain names. A domain name registrar must be accredited by a generic TLD, and/ or Country code TLD.
Top Level Domain name Servers:
After root servers returns IP address of the server responsible for TLD of a request , the requestor send the new request to that address and which further sends request to name server responsible for that domain to locate that domain ID.
Domain Level Name Servers:
Now if the requestor has IP address of the name server that is responsible for proving the actual IP address of that domain ex dclessons.com, the requestor will send the new request to name server asking about IP address of that Domain name ex dclessons.com .
Name server check the zone file and find the IP address associated or mapped to dclessons.com. and thus provides to requestor.
DNS Resolution Steps:
- A user will usually have a few resolving name servers configured on their computer system. The resolving name servers are typically provided by an Internet Service Provider (ISP) or other organization. There are several public resolving DNS servers that you can query. These can be configured in your computer either automatically or manually.
- When you type a domain name into your browser, your computer first checks its host file to see if it has that domain name stored locally. If it does not, it will check its DNS cache to see if you have visited the site before. If it still does not have a record of that domain name, it will contact a DNS server to resolve the domain name.
- Root servers handle requests for information about TLDs. When a request comes in for a domain that a lower-level name server cannot resolve, a query is made to the root server for the domain.
- In order to handle the incredible volume of resolutions that happen every day, these root servers are mirrored and replicated. When requests are made to a certain root server, the request will be routed to the nearest mirror of that root server.
- The root servers won’t actually know where the domain is hosted. They will, however, be able to direct the requester to the name servers that handle the specifically-requested TLD.
- For example, if a request for dclessons.com is made to the root server, it will check its zone files for a listing that matches that domain name, but it will not find one in its records. It will instead find a record for the .com TLD and give the requesting entity the address of the name server responsible for .com addresses.
- Resolving name servers compress the requesting process for the end user. The clients simply have to know to ask the resolving name servers where a resource is located, and the resolving name servers will do the work to investigate and return the final answer.
Each zone files contains A records, which is mapping between a domain name and IP address or defines resources for the domain such as mail servers or name servers. Following are the records types discussed below.
Start of Authority (SOA) Record:
It identifies the base DNS information about the domain. Each Zone contain single SOA record. SAO records stores following information.
- The name of the DNS server for that zone
- The administrator of the zone
- The current version of the data file
- The number of seconds that a secondary name server should wait before checking for updates
- The number of seconds that a secondary name server should wait before retrying a failed zone transfer
- The maximum number of seconds that a secondary name server can use data before it must either be refreshed or expire
- The default TTL value (in seconds) for resource records in the zone
A and AAAA:
- A: A record is used to map a host to IPV4 address.
- AAAA: AAAA records is used to map a host to IPV6 address.
CNAME (Canonical name):
It is the type of resource record that define an alias of A record of your server or AAAA record of your server.
Mail Exchange or MX records are used to define the mail servers used for a domain and that ensure that email message are routes or sent correctly. It is pointed to a host defines by A or AAAA record.
Name Servers records are used by TLD servers to direct traffic to the DNS server that manage or contain that DNS records.
It is said as reverse of A record. It maps an IP address to a DNS name and is basically used to check if server name is associated with IP address from where the connection was initiated.
Amazon Route 53:
Amazon Route 53 is a cloud based DNS service which Amazon provides for it cloud services. It performs following three function.
- Domain Registration
- DNS service
- Health checking via sending automated request over internet for your application to verify if its reachable, available.
If any website is created, its domain name must be registered, and if it is registered with another registrar then it must be transferred to Amazon Route 53. Amazon supports domain registration with various other TLD’s like .com, .org, etc. and geographic TLD’s like .be, .in, .us etc.
Domain Name System (DNS) Service:
When someone enters your domain name in a browser or sends you an email, a DNS request is forwarded to the nearest Amazon Route 53 DNS server in a global network of authoritative DNS servers. Amazon Route 53 responds with the IP address that you specified.
If you register a new domain name with Amazon Route 53, Amazon Route 53 will be automatically configured as the DNS service for the domain, and a hosted zone will be created for your domain. You add resource record sets to the hosted zone, which define how you want Amazon Route 53 to respond to DNS queries for your domain.
If you registered your domain with another domain registrar, that registrar is probably providing the DNS service for your domain. You can transfer DNS service to Amazon Route 53, with or without transferring registration for the domain.
Hosted Zone contains resources records sets that are under single domain name. There are two types of hosted zones.
- Private Hosted Zones: It is a container that contains information about how to route traffic for a domain and its sub domain within one or more VPC.
- Public Hosted Zones: Public hosted zones contains information about how you want to route traffic on internet for a domain and its sub domains.
Supported Record types:
Amazon Route 53 supports following Record types.
When you create resource record, you have to choose routing policies which tells how Amazon Route 53 responds to queries. Routing policies are simple, weighted, latency based, failover.
- Simple: When a new resource record is created, this default route policy is attached if you don’t choose any another route policy. This policy is used when a single resource resource record performs a given function for your domain.
- Weighted: In weighted policy we can associate multiple resources (EC2 instance) or Elastic load balancer with a single DNS name. It is used multiple resources that perform same function (example web servers that serves same website) and if we want Amazon Route 53 to route traffic to those resources in proportion. For example, you may use this for load balancing between different AWS regions.
For this to work we need to create weighted resource record sets that have same DNS name and type and assign each resource record set a unique identifier and relative weight.
- Latency Based: Latency-based routing allows you to route your traffic based on the lowest network latency for your end user. Use the latency routing policy when you have resources that perform the same function in multiple AWS Availability Zones or regions and you want Amazon Route 53 to respond to DNS queries using the resources that provide the best latency
- Failover: Use a failover routing policy to configure active-passive failover, in which one resource takes all the traffic when it’s available and the other resource takes all the traffic when the first resource isn’t available. Note that you can’t create failover resource record sets for private hosted zones.