Forwarding Rules – Hybrid and Multi-account DNS – ANS-C01 Study Guide

Forwarding Rules

Conditional forwarding rules are required to tell the Route 53 Resolver what domain names you want to forward to remote resolvers such as an on-premise DNS server. A forwarding rule is needed for each domain to which you want queries to be forwarded.

In the Route 53 console dashboard, select Rules in the left pane under Resolvers. Click Create Rule and follow the prompts. Figure 3.14 shows an example of the rule creation dialog box in the rule console of Route 53.

Configuring Records in Route 53

Hosted zones act as a container that will hold the various records used in your DNS deployment. While there are more than 90 different types of records, only around 10 are actually used with any frequency. In this section, we will learn how to configure these records in a Route 53 hosted zone. Figure 3.15 shows the web console zones to select when adding records to a hosted zone.

FIGURE 3.14 Resolver forwarding rules

A Record

The most common DNS record type is the A record, which maps a fully qualified domain name to an IP address. Figure 3.16 shows the configuration screen to create an A record, and you will notice that it is very basic. You need the domain name, and the IP address can change the TTL if you desire. When a DNS lookup for an IPv4 host name is received, Route 53 will look at the fully qualified domain name and return the translated IP address in the A record.

FIGURE 3.15 Route 53 record types

AAAA Record

The AAAA, or as it is often called, the quad A record, is for IPv6 translations. This is the same concept as the A record except it is used for IPv6 addresses. Figure 3.17 shows the AAAA record configuration screen in Route 53.

CNAME

The CNAME, or canonical name, record points one domain name to another domain name or subdomain but never to an IP address. This redirects name lookups to an alternate domain name or AWS resource such as an EC2 or RDS database endpoint. Figure 3.18 shows the configuration dialog in the Route 53 graphical console.

FIGURE 3.16 A record

FIGURE 3.17 AAAA record

FIGURE 3.18 CNAME record

MX Record

Mail Exchange, or MX, records define the email server names that can accept email that’s sent to your domain, as shown in Figure 3.19. This record defines where to map incoming mail for this domain. It is a best practice to point to an email server name and not its IP address. There is usually more than one server configured for resiliency, and they are given a numerical priority where the lowest number is the highest priority.

SOA Record

SOA, or Start of Authority, records contain basic information about the domain and hosted zone including the Route 53 name server that created the SOA record, the email address of the administrator for your organization, and a serial number that can be incremented whenever you update a record. There is a value that tells the secondary DNS servers how often to refresh their zone records and a retry interval the secondary server must wait to retry a failed transfer. Figure 3.20 shows the configuration screen from the web interface.

The SOA record is automatically created by Route 53 when a public hosted zone is first defined. These are AWS defined and do not need to be changed unless directed to by AWS Support.

FIGURE 3.19 MX record

FIGURE 3.20 Start of Authority record