Route53
Chapter 13: Amazon Route 53 - DNS Service
Section titled “Chapter 13: Amazon Route 53 - DNS Service”Highly Available and Scalable DNS
Section titled “Highly Available and Scalable DNS”13.1 Overview
Section titled “13.1 Overview”Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service.
Route 53 Overview+------------------------------------------------------------------+| || +------------------------+ || | Route 53 | || | (DNS Service) | || +------------------------+ || | || +---------------------+---------------------+ || | | | || v v v || +----------+ +----------+ +----------+ || | Domain | | DNS | | Health | || | Registration| | Routing | | Checks | || | | | Policies | | | || +----------+ +----------+ +----------+ || || Domain Registration: Register and manage domains || DNS Routing: Route traffic to AWS resources || Health Checks: Monitor endpoint health || |+------------------------------------------------------------------+13.2 DNS Concepts
Section titled “13.2 DNS Concepts”DNS Hierarchy
Section titled “DNS Hierarchy” DNS Hierarchy+------------------------------------------------------------------+| || Root (.) || | || +----------------+----------------+ || | | | || TLD TLD TLD || (.com) (.org) (.net) || | | | || +----+----+ +----+----+ +----+----+ || | | | | | | || Domain Domain Domain Domain Domain Domain || example.com a.com b.org c.org d.net e.net || | || +--+--+ || | | || www api || || FQDN: www.example.com. (Fully Qualified Domain Name) || |+------------------------------------------------------------------+Record Types
Section titled “Record Types” DNS Record Types+------------------------------------------------------------------+| || Record Type | Description || ------------|--------------------------------------------------|| A | Maps domain to IPv4 address || AAAA | Maps domain to IPv6 address || CNAME | Maps domain to another domain (alias) || MX | Mail exchange servers || NS | Name servers for the zone || PTR | Maps IP to domain (reverse DNS) || SOA | Start of authority record || SRV | Service location (port, weight, priority) || TXT | Text records (SPF, DKIM, verification) || CAA | Certificate authority authorization || || Route 53 Specific: || ------------|--------------------------------------------------|| Alias | Maps to AWS resources (special record type) || |+------------------------------------------------------------------+13.3 Route 53 Routing Policies
Section titled “13.3 Route 53 Routing Policies”Simple Routing
Section titled “Simple Routing” Simple Routing Policy+------------------------------------------------------------------+| || Use Case: Single resource || +----------------------------------------------------------+ || | | || | DNS Query: www.example.com | || | | | || | v | || | +----------+ | || | | Route 53 | | || | +----------+ | || | | | || | v | || | +----------+ | || | | 1.2.3.4 | <-- Single IP returned | || | +----------+ | || | | || +----------------------------------------------------------+ || || Configuration: || { || "Name": "www.example.com", || "Type": "A", || "TTL": 300, || "ResourceRecords": ["1.2.3.4"] || } || |+------------------------------------------------------------------+Weighted Routing
Section titled “Weighted Routing” Weighted Routing Policy+------------------------------------------------------------------+| || Use Case: Load distribution, A/B testing || +----------------------------------------------------------+ || | | || | DNS Query: www.example.com | || | | | || | v | || | +----------+ | || | | Route 53 | | || | +----------+ | || | | | || | +----------------+----------------+ | || | | | | | || | v v v | || | +----------+ +----------+ +----------+ | || | | Region A | | Region B | | Region C | | || | | Weight: 3| | Weight: 2| | Weight: 1| | || | | (50%) | | (33%) | | (17%) | | || | +----------+ +----------+ +----------+ | || | | || +----------------------------------------------------------+ || || Configuration: || Record 1: Weight 3 -> Region A || Record 2: Weight 2 -> Region B || Record 3: Weight 1 -> Region C || || Probability: Weight_i / Sum(All Weights) || |+------------------------------------------------------------------+Latency-Based Routing
Section titled “Latency-Based Routing” Latency-Based Routing Policy+------------------------------------------------------------------+| || Use Case: Route to lowest latency endpoint || +----------------------------------------------------------+ || | | || | User Location: US-East | || | | | || | v | || | +----------+ | || | | Route 53 | | || | | Measures | | || | | Latency | | || | +----------+ | || | | | || | +----------------+----------------+ | || | | | | | || | v v v | || | +----------+ +----------+ +----------+ | || | | US-East | | EU-West | | AP-South | | || | | Latency: | | Latency: | | Latency: | | || | | 10ms | | 120ms | | 250ms | | || | | SELECTED | | | | | | || | +----------+ +----------+ +----------+ | || | | || +----------------------------------------------------------+ || || Note: Route 53 maintains latency data between regions || and user locations || |+------------------------------------------------------------------+Failover Routing
Section titled “Failover Routing” Failover Routing Policy+------------------------------------------------------------------+| || Use Case: Active-passive failover || +----------------------------------------------------------+ || | | || | DNS Query: www.example.com | || | | | || | v | || | +----------+ | || | | Route 53 | | || | | Health | | || | | Checks | | || | +----------+ | || | | | || | +----------------+----------------+ | || | | | | || | v v | || | +----------+ +----------+ | || | | Primary | | Secondary| | || | | (Active) | | (Passive)| | || | | Health:OK| | Standby | | || | +----------+ +----------+ | || | | ^ | || | | Failover Scenario | | || | v | | || | +----------+ +----------+ | || | | Primary | -- Health FAIL ----> | Secondary| | || | | (Down) | | (Active) | | || | +----------+ +----------+ | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+Geolocation Routing
Section titled “Geolocation Routing” Geolocation Routing Policy+------------------------------------------------------------------+| || Use Case: Location-based routing (country/continent) || +----------------------------------------------------------+ || | | || | User Location: Germany | || | | | || | v | || | +----------+ | || | | Route 53 | | || | | Geo | | || | | Lookup | | || | +----------+ | || | | | || | +----------------+----------------+ | || | | | | | || | v v v | || | +----------+ +----------+ +----------+ | || | | US | | EU | | APAC | | || | | Endpoint | | Endpoint | | Endpoint | | || | | | | SELECTED | | | | || | +----------+ +----------+ +----------+ | || | | || +----------------------------------------------------------+ || || Location Sources: || - Country (e.g., DE, US, JP) || - Continent (e.g., Europe, Asia) || - Default (catch-all) || |+------------------------------------------------------------------+Geoproximity Routing
Section titled “Geoproximity Routing” Geoproximity Routing Policy+------------------------------------------------------------------+| || Use Case: Route based on location with bias || +----------------------------------------------------------+ || | | || | Bias: Shift traffic to/from region | || | | || | Without Bias: | || | +----------+ +----------+ | || | | Region A | | Region B | | || | | 50% | | 50% | | || | +----------+ +----------+ | || | | || | With Bias (Region A: +50): | || | +----------+ +----------+ | || | | Region A | | Region B | | || | | 75% | | 25% | | || | | Bias:+50 | | | | || | +----------+ +----------+ | || | | || | Bias Range: -99 to +99 | || | Positive: More traffic to region | || | Negative: Less traffic to region | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+Multivalue Answer Routing
Section titled “Multivalue Answer Routing” Multivalue Answer Routing Policy+------------------------------------------------------------------+| || Use Case: Return multiple IPs, client-side load balancing || +----------------------------------------------------------+ || | | || | DNS Query: www.example.com | || | | | || | v | || | +----------+ | || | | Route 53 | | || | +----------+ | || | | | || | v | || | Returns up to 8 healthy IPs: | || | +----------+ | || | | 1.2.3.4 | | || | | 1.2.3.5 | | || | | 1.2.3.6 | | || | +----------+ | || | | | || | v | || | Client selects one IP (random or round-robin) | || | | || +----------------------------------------------------------+ || || Features: || - Up to 8 healthy records returned || - Health checks per record || - Client-side load balancing || - Simple DNS caching || |+------------------------------------------------------------------+13.4 Route 53 Alias Records
Section titled “13.4 Route 53 Alias Records” Alias Records vs CNAME+------------------------------------------------------------------+| || CNAME Record || +----------------------------------------------------------+ || | | || | Limitations: | || | - Cannot use for root domain (example.com) | || | - Additional DNS query required | || | - Not integrated with AWS services | || | | || | Example: | || | www.example.com -> my-alb.us-east-1.elb.amazonaws.com | || | | || +----------------------------------------------------------+ || || Alias Record (Route 53 Specific) || +----------------------------------------------------------+ || | | || | Benefits: | || | - Works for root domain (example.com) | || | - No additional DNS query | || | - Free (no query charges) | || | - Automatic IP updates | || | | || | Supported AWS Resources: | || | - CloudFront distributions | || | - Elastic Load Balancers | || | - API Gateway | || | - S3 website buckets | || | - VPC interface endpoints | || | - Global Accelerator | || | | || | Example: | || | example.com -> ALB (Alias) | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+13.5 Health Checks
Section titled “13.5 Health Checks” Route 53 Health Checks+------------------------------------------------------------------+| || Health Check Types || +----------------------------------------------------------+ || | | || | 1. Endpoint Health Check | || | - Monitor specific endpoint | || | - HTTP/HTTPS/TCP | || | - String matching | || | | || | 2. Calculated Health Check | || | - Combine multiple health checks | || | - AND/OR logic | || | - Parent/child relationship | || | | || | 3. CloudWatch Alarm Health Check | || | - Use CloudWatch alarm as health status | || | - Complex metrics | || | | || +----------------------------------------------------------+ || || Health Check Configuration || +----------------------------------------------------------+ || | | || | Settings: | || | - Protocol: HTTP/HTTPS/TCP | || | - Port: 80/443/custom | || | - Path: /health | || | - Interval: 10s (fast) or 30s (standard) | || | - Failure threshold: 3 consecutive failures | || | - String matching: "OK" in response body | || | | || | Locations: | || | - Multiple AWS regions | || | - Can specify which locations to use | || | | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+13.6 Route 53 Resolver (DNS Resolver)
Section titled “13.6 Route 53 Resolver (DNS Resolver)” Route 53 Resolver+------------------------------------------------------------------+| || Inbound Resolver Endpoint || +----------------------------------------------------------+ || | | || | On-Premises -> AWS VPC | || | | || | On-Premises AWS VPC | || | +------------+ +------------+ | || | | DNS Query | | Resolver | | || | | for VPC IP |--------->| Endpoint | | || | +------------+ | (Inbound) | | || | +------------+ | || | | | || | v | || | +------------+ | || | | VPC Resource| | || | +------------+ | || | | || +----------------------------------------------------------+ || || Outbound Resolver Endpoint || +----------------------------------------------------------+ || | | || | AWS VPC -> On-Premises | || | | || | AWS VPC On-Premises | || | +------------+ +------------+ | || | | EC2 | | DNS Server | | || | | DNS Query |--------->| (On-Prem) | | || | +------------+ +------------+ | || | | | || | v | || | +------------+ | || | | Resolver | | || | | Endpoint | | || | | (Outbound) | | || | +------------+ | || | | || +----------------------------------------------------------+ || || Resolver Rules: || +----------------------------------------------------------+ || | - Forwarding rules: Forward specific domains | || | - System rules: Default VPC DNS | || | - Priority: 1-9999 (lower = higher priority) | || +----------------------------------------------------------+ || |+------------------------------------------------------------------+13.7 Practical Configuration
Section titled “13.7 Practical Configuration”Route 53 with Terraform
Section titled “Route 53 with Terraform”# ============================================================# Route 53 Zone# ============================================================
resource "aws_route53_zone" "main" { name = "example.com"
tags = { Name = "main-zone" }}
# ============================================================# A Record (Simple)# ============================================================
resource "aws_route53_record" "www" { zone_id = aws_route53_zone.main.zone_id name = "www.example.com" type = "A" ttl = 300
records = ["1.2.3.4"]}
# ============================================================# Alias Record to ALB# ============================================================
resource "aws_route53_record" "alb" { zone_id = aws_route53_zone.main.zone_id name = "example.com" type = "A"
alias { name = aws_lb.main.dns_name zone_id = aws_lb.main.zone_id evaluate_target_health = true }}
# ============================================================# Weighted Routing# ============================================================
resource "aws_route53_record" "weighted_us" { zone_id = aws_route53_zone.main.zone_id name = "api.example.com" type = "A"
weighted_routing_policy { weight = 70 }
set_identifier = "us-east" records = ["1.2.3.4"]}
resource "aws_route53_record" "weighted_eu" { zone_id = aws_route53_zone.main.zone_id name = "api.example.com" type = "A"
weighted_routing_policy { weight = 30 }
set_identifier = "eu-west" records = ["5.6.7.8"]}
# ============================================================# Latency Routing# ============================================================
resource "aws_route53_record" "latency_us" { zone_id = aws_route53_zone.main.zone_id name = "app.example.com" type = "A"
latency_routing_policy { latency_region = "us-east-1" }
set_identifier = "us-east" records = ["1.2.3.4"]}
resource "aws_route53_record" "latency_eu" { zone_id = aws_route53_zone.main.zone_id name = "app.example.com" type = "A"
latency_routing_policy { latency_region = "eu-west-1" }
set_identifier = "eu-west" records = ["5.6.7.8"]}
# ============================================================# Failover Routing# ============================================================
resource "aws_route53_record" "primary" { zone_id = aws_route53_zone.main.zone_id name = "failover.example.com" type = "A"
failover_routing_policy { type = "PRIMARY" }
set_identifier = "primary" records = ["1.2.3.4"]
health_check_id = aws_route53_health_check.primary.id}
resource "aws_route53_record" "secondary" { zone_id = aws_route53_zone.main.zone_id name = "failover.example.com" type = "A"
failover_routing_policy { type = "SECONDARY" }
set_identifier = "secondary" records = ["5.6.7.8"]}
# ============================================================# Geolocation Routing# ============================================================
resource "aws_route53_record" "geo_us" { zone_id = aws_route53_zone.main.zone_id name = "geo.example.com" type = "A"
geolocation_routing_policy { country = "US" }
set_identifier = "us" records = ["1.2.3.4"]}
resource "aws_route53_record" "geo_eu" { zone_id = aws_route53_zone.main.zone_id name = "geo.example.com" type = "A"
geolocation_routing_policy { continent = "EU" }
set_identifier = "eu" records = ["5.6.7.8"]}
resource "aws_route53_record" "geo_default" { zone_id = aws_route53_zone.main.zone_id name = "geo.example.com" type = "A"
geolocation_routing_policy { country = "*" }
set_identifier = "default" records = ["9.10.11.12"]}
# ============================================================# Health Check# ============================================================
resource "aws_route53_health_check" "primary" { fqdn = "primary.example.com" port = 443 type = "HTTPS" resource_path = "/health" failure_threshold = 3 request_interval = 30
tags = { Name = "primary-health-check" }}
# ============================================================# Resolver Endpoint# ============================================================
resource "aws_route53_resolver_endpoint" "inbound" { name = "inbound-resolver" direction = "INBOUND"
security_group_ids = [aws_security_group.resolver.id]
ip_address { subnet_id = aws_subnet.private[0].id }
ip_address { subnet_id = aws_subnet.private[1].id }
tags = { Name = "inbound-resolver" }}
# ============================================================# Resolver Rule (Forwarding)# ============================================================
resource "aws_route53_resolver_rule" "forward" { domain_name = "corp.example.com" name = "forward-corp" rule_type = "FORWARD" resolver_endpoint_id = aws_route53_resolver_endpoint.outbound.id
target_ip { ip = "10.0.1.10" }
target_ip { ip = "10.0.2.10" }
tags = { Name = "forward-corp-rule" }}
# Associate rule with VPCresource "aws_route53_resolver_rule_association" "main" { resolver_rule_id = aws_route53_resolver_rule.forward.id vpc_id = aws_vpc.main.id}13.8 Exam Tips
Section titled “13.8 Exam Tips”
- Routing Policies: Simple, Weighted, Latency, Failover, Geolocation, Geoproximity, Multivalue
- Alias Records: Free, works for root domain, auto-updates
- Health Checks: HTTP/HTTPS/TCP, 10s or 30s intervals
- Failover: Active-passive (PRIMARY/SECONDARY)
- Latency vs Geolocation: Latency = performance, Geolocation = location
- Resolver: Inbound (on-prem to VPC), Outbound (VPC to on-prem)
- Resolver Rules: Forward specific domains to on-prem DNS
- TTL: Lower = faster changes, higher = less queries
- CNAME vs Alias: Alias for AWS resources, CNAME for external
- Domain Registration: Route 53 can register domains
Next Chapter
Section titled “Next Chapter”Chapter 14: Amazon CloudFront - CDN Service
Last Updated: February 2026