Domain Name System
The Phonebooke of the Internet
DNS translates domain names to IP address, so browsers can find Internet resources.
Domain Name System(DNS) is the service which handles coverting a domain name into a routable Internet Protocol (IP) address
This is what allows your computer to find specific server on the internet automatically depending what domain name you browse to.
Internet Protocol (IP)
IP Address are what uniquely identifies each computer on a network, and allows communication between them using the Internet Protocol(IP).
IPv4 Internet Protocol Version 4
Example: 52.216.8.34
Address space is 32-bits with up to 4,294,967,296 available addresses (running out.)
IPv6 Internet Protocol Version 6
Example: 2001:0db8:85a3:0000:0000:8a2e:0370:7334
Address space is 128-bits with up to 340 undecillion potential addresses (1+36 Zeros) Invented to solve available address limitations of IPv4.
Domain Registrars
Domain registrars are authorities who have the ability to assign domain names under one or more top-level domains.
Domains get registered through InterNIC, which is a service provided by the Internet Corporation for Assigned Names and Numbers (ICANN), and enforces the uniqueness of domain names all over the internet.
After registration all domain names can be found publically in a central WhoIS databases.
Top-Level Domains
The last word within a domain name represents the top-level domain name. (example .com)
The second word within a domain name is known as the second-level domain name. (example .co.uk)
Top-level domain names are controlled by Internet Assigned Numbers Authority(IANA)
All available top level domains are stored in a publically available databases at http://www.iana.org/domains/root/db
AWS has their own top level domain .aws
Start of Authority(SOA)
Every domain must have an SOA record. The SOA is a way for the Domain Admin to provide information about the domain.
e.g. how often it is updated. what is the admin’s email address and etc.
A zone file can contain only one SOA Record.
Format:
[authority-domain] [domain-of-zone-admin] [zone-serial-number] [refresh-time] [retry-time] [expire-time] [negative caching TTL]
Example:
ns.example.net. hostmaster.example.com. 1 7200 900 7209600 86400
AWS Example:
ns-415.awsdns-51.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
Address Records(A Records)
Address Records are one of the fundamental types of DNS records.
An A Record allows you to convert the name of a domain directly into an IP address. They can also be used on the root (naked domain name) itself.
We have testing-domain.com (naked domain name) using an A record to directly to a web-server IP address of 52.216.8.34
{
"ResourceRecordSets": [
{
"TTL": 300,
"Type": "A",
"Name": "testing-domain.com",
"ResourceRecords": [
{ "Value": "52.216.8.34"}
]
}
]
}
CNAME Records
Canonical Names (CNAME) are another fundamental DNS record used to resolve one domain name to another - rather than an IP address.
The advantage of CNAMES is they are unlikely to change where IP addresses can change over time (if its a dynamic IP address)
We have testing-domain.com (naked domain name) using an A record to redirect our www.testing.domain.com
{
"ResourceRecordSets": [
{
"TTL": 300,
"Type": "CNAME",
"Name": "testing-domain.com",
"ResourceRecords": [
{ "Value": "www.testing.domain.com"}
]
}
]
}
Name Server (NS) Records
Name Server Records are used by top-level domain servers to direct traffic to the DNS server containing the authoritative DNS records. Typically multiple name servers are provided for redundancy.
If you were managing your DNS records with Route53. The NS records for your domain name would be pointing at the AWS servers.
These servers are where the DNS records can be found for this domain name.
{
"Type": "NS",
"ResourceRecordSets": [
{
"Name": "testing-domain.com",
"TTL": 172800,
"ResourceRecords": [
{ "Value": "ns-245.awsdns-30.com."},
{ "Value": "ns-523.awsdns-31.net."},
{ "Value": "ns-1586.awsdns-06.co.uk."},
{ "Value": "ns-1373.awsdns-43.org."}
]
}
]
}
Time to Live (TTL)
Time-to-live is the lenth of time that a DNS record gets cached on the resolving server or the users own local machine.
The lower the TTL - the faster that changes to DNS records will propagate across the internet.
TTL is always measured in seconds under IPv4.
Route53
Highly available and scalable could Domain Name System. Register and manage domains, create DNS routing rules e.g. failovers.
Introduction
Route53 is a DNS is a Domain Name Service think Godaddy or NameCheap but with more synergies with AWS Services.
You can:
- register and manage domains
- create various records sets on a domain
- Implement complex traffic flows e.g. Blue/green deploy, failovers.
- Continuously monitor records via health checks.
- resolve VPC’s outside of AWS
Use Case
Use Route53 to get your custom domains to point to your AWS Resources.
- Incoming internet traffic
- Route traffic to our web-app backed by ALB
- Route traffic to an instance we use to tweak our AMI
- Route traffic to API gateway which powers our API
- Route traffic to CloudFront which serves our S3 static hosted website.
- Route traffic to an Elastic IP (EIP) which is a static IP that hosts our company Minecraft server
Record Sets
We create record sets which allows us to point our naked domain and subdomains via Domain records.
For example we can send our www subdomain using an A record to point a specific IP address.
In most cases you want to be using Alias when routing traffic to AWS resources.
Routing Policies
There are 7 different types of Routing Policies available inside Route53
- Simple Routing
default routing policy, multiple addresses result in random selection. - Weighted Routing
route traffic based on weighted values to split traffic - Latency-Based Routing
route traffic to region resource with lowest latency - Failover Routing
route traffic if primary endpoint is unhealthy to secondary endpoint - Geolocation Routing
route traffic based on the location of your users - Geo-proximity Routing
route traffic based on the location of your resources and, optionally, shift traffic from resources in one location to resources in another. - Multi-value Answer Routing
respond to DNS queries with up to eight healthy records selected random.
Traffic Flow
A visual editor lets you create sophisticated routing configurations for your resources using existing routing types.
Supports versioning so you can roll out or roll back updates.
Simple Routing Policies
Simple Routing Policies are the most basic routing policies in Route53 Default Policy
- You have 1 record and provide multiple IP address
- When multiple values are specified for a record, Route53 will return all values back to the user in a random order.
For example if you had a record for www.example.com with 3 different IP address values, user would be directly randomly to 1 of them when visiting the domain.
Weighted Routing Policies
Weighted Routing Policies let you split up traffic based on different ‘weights’ assigned.
This allows you to send a certain percentage of overall traffic to one server, and have any other traffic apart from that directed to a completely different server.
For example if you had an ALB running experimental features you could test against a small amount traffic at random to minimize the impact of affect.
Latency Based Routing Policies
Latency Based Routing allows you to direct traffic based on the lowest network latency possible for your end-user based on region.
Requires a latency resource record to be set for the EC2 or ELB resources that hosts your application in each region.
For example, You have two copies of your web-app backed by ALB. One in California, US and another in Montreal, Canada. An request comes in from Toronto, it will be touted to Montreal since it will have lower latency.
Failover Routing Policies
Failover Routing Policies allow you to create active/passive setups in situations where you want a primary site in one location, and a secondary data recovery site in another.
Route53 automatically monitors health-check from your primary site to determine the health of endpoints. If an endpoint is determined to be in a failed state, all traffic is automatically directed to the secondary location.
For example, we have a primary and secondary web-app backed by ALB. Route53 determines our primary is unhealthy and fails over to secondary ALB.
Geolocation Routing Policies
Geolocation Routing Policies allow you to direct traffic based on the geographic location of where the request originated from.
For example this would let you route all traffic coming from North America to servers located in North American regions, where queries from other regions could be directed to servers hosted in that region.(potentially with pricing and language specific to that region)
Geo-proximity Routing Policies
Geo-proximity Routing Policies allow you to direct traffic based on the geographic location of your users, and your AWS resources.
You can route more or less traffic to a specific resource by specifying a ‘Bias’ value.
Bias values expand or shrink the size of the geographic region from which traffic is routed to.
You must use Route53 Traffic Flow in order to use geoproximity routing policies.
In the Route53 Traffic Flow you can select any regions and visualize the bias.
You can select all current region or custom coordinates over region
Multi-Value Answer Policies
Multi-Value Answer Policies let you configure Route53 to return multiple values such as IP address for your web-servers, in response to DNS queries.
Multiple values can be specified for almost any record. Route53 automatically perform health-checks on resources and only return values of ones deemed healthy.
Similar to Simple Routing, however with an added health check for your record set resources.
Health checks
- Check health every 30s by default. Can be reduce to every 10s
- A health check can initial a failover if status is returned unhealthy.
- A ClouldWatch Alarm can be created to alert you of status unhealthy
- A health check can monitor other health checks to create a chain of reactions.
Can create up to 50 health checks for AWS endpoints that are within or linked the same AWS account.
Resolver
Formally known as .2 resolver
A regional service that lets you route DNS queries between your VPCs and your network.
DNS Resolution for Hybrid Environment (On-Premise and Cloud)
1111
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
