What is AWS route 53?
Table of contents
Nội Dung Chính
Introduction
In internet operation, IP addresses are considered the primary link, which is used whenever there is a need to establish communication between two or more computer systems on the Internet. IP addresses provide facilities to all websites, computers, and other connected devices to establish a communication network.
In the true sense, an IP address is very complex to remember. Therefore, a domain name is assigned to the IP address to make it easy to remember, and this domain name is typed in the browser’s search bar. The IP address is unique, and none of the web site’s IP addresses is identical.
Let’s take the example of Google, its IP address is 216.58.211.110, and the URL (Uniform Resource Locator) domain name is Google.com. Which one is easy to remember? Naturally Google.com.
A service mapping IP addresses to domain names to allow users to use domain names to search websites is known as a DNS (Domain Name System).
What Is AWS Route 53?
AWS Route 53 is a reliable and effective DNS service provider that connects the Internet traffic to appropriate servers where the requested Web application is hosted.
Amazon Route 53 is recognised as a highly available, reliable, and scalable cloud Domain Name System (DNS) web service globally.
The purpose of Amazon Route 53 was to provide an extremely reliable and cost-effective way for developers and businesses to route end users effectively and successfully to Internet applications. It also aimed to convert names into the numeric IP addresses, for example, www.abc.com to 190.1.2.1, that computers understand and use to connect.
Amazon Route 53 provides its full support to end-to-end DNS resolution over IPv6. Recursive DNS resolvers can use IPv4 or IPv6 transport on IPv6 networks to send DNS queries to Amazon Route 53.
Amazon Route 53 is used to connect user requests to infrastructure operating in AWS, such as Elastic Load Balancers, Amazon EC2 instances, or Amazon S3 buckets. In addition, Amazon Route 53 can be used to route users to infrastructure outside the AWS.
Amazon Route 53 performs some more activities such as:
- Configuring DNS health checks.
- Continuously monitor applications’ ability to recover from failures.
- Control application recovery with Route 53 Application Recovery Controller.
Route 53 Traffic Flow is a new feature that Amazon recently added to its repertoire. It helps to manage traffic globally, easily through various routine types, including Geo DNS, Latency Based Routing, Weighted Round Robin, and Geo Proximity.
All these can be combined with DNS Failover to achieve a variety of low-latency, fault-tolerant architectures.
How to Route end-users to the application’s endpoint, in a single AWS or distributed globally, can be easily managed now with the help of Amazon Route 53 Traffic Flow’s simple visual editor.
Another thing that Amazon Route 53 offers is Domain Name Registration. Domain names, like abc.com, can be purchased and managed, and the DNS settings for domains are automatically configured by Amazon Route 53.
Check out some of the AWS courses for free to enhance your skills
Aim
The development of AWS Route 53 aimed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating names like www.abc.com into numeric IP addresses like 192.0.1.2. The computers use this IP address to connect.
From Where The Name Route 53 Is Derived?
In the name Route 53, “Route” is a possible reference to the U.S. Routes (The United States Numbered Highway System, often called U.S. Routes or U.S. Highways), and “53” is taken as a reference to the TCP/UDP port 53 which is used to address the DNS server requests.
Release
AWS Route 53 was released for public use on December 5, 2010. It is known to be a part of Amazon’s cloud computing platform, Amazon Web Services (AWS).
Concepts Related To The Domain Name System (DNS)
1. Domain Name System (DNS)
The Domain Name System (DNS) is the Internet’s phonebook. It is a worldwide network of servers that acts as a medium to help computers, smartphones, tablets, and other IP-enabled devices communicate. The function of the Domain Name System is to translate easily understood names such as abc.com into the numbers, called IP addresses, that help computers find each other on the internet.
Each device connected to the Internet has a unique IP address, and other machines use this IP address to locate the device. The IP addresses, like 192.168.1.1 (in IPv4), and more complex alphanumeric IP addresses, like 2400:cb00:2048:1::c629:d7a2 (in IPv6), are complicated to remember. With the help of DNS, there is no need to remember complex IP addresses; instead, type the domain name, and the rest of the work will be done by DNS.
2. DNS Recursor
The DNS Recursor acts as a librarian responsible for finding a particular book from the library. A recursive DNS is a type of server designed to receive queries from client machines through a web browser. The function of the recursor is to make additional requests to satisfy the client’s DNS query.
3. DNS query
It is a request submitted by a computer or a smartphone to the Domain Name System (DNS) to connect to a resource associated with a domain name. Let’s understand more clearly.
When a user opens a browser and types the domain name in the address bar, the IP address is the typical response to a DNS query associated with a resource such as a web server. The device to initiate the request uses the IP address to communicate with the resource. For example, a browser uses the IP address to fetch a web page from a web server.
4. Alias Record
Alias records are created with Amazon Route 53 and used to route traffic to AWS resources, like Amazon S3 buckets and Amazon CloudFront.
5. Root Nameserver
The Root nameserver is the first step to converting human-readable host names into IP addresses. It can be considered an index in the library that is used to find the location of particular book stores in racks.
6. TLD Nameserver
A top-level domain server (TLD) can be considered as a specific rack of books in a library. This nameserver is the next step to discovering the specific IP address, and the last part of the hostname (for example, the TLD server is “com”) is hosted in it.
7. Authoritative Name Server
Authoritative Name Server is the final nameserver in terms of web search. It can be considered a dictionary on a rack of books that translates a specific name into its definition. The authoritative nameserver is the final step in the nameserver query.
An Authoritative name server contains definitive information about one part of the Domain Name System (DNS). It is responsible for answering requests from a DNS resolver by returning the applicable information, such as where a specific website can be found. Important information is contained in these answers, like IP addresses for each domain.
It is the authoritative name server for every domain that uses Route 53 as the DNS service.
The name servers automatically understand how to route traffic of a user’s domain and subdomains based on the records created in the hosted zone for the domain.
For example, if a Route 53 name server receives a request for www.abc.com, it finds that record and returns the IP address, like 192.0.2.33, specified in the record.
8. DNS Resolver
A DNS server is managed by an internet service provider (ISP) that intermediates between user requests and DNS name servers.
When a user opens a browser and enters a domain name in the address bar, the query goes first to a DNS resolver. The resolver starts communicating with DNS name servers to get the IP address for the corresponding resource, such as a web server. A DNS resolver sends requests to a sequence of authoritative DNS name servers until it gets the response (typically an IP address) that it returns to a user’s device, for example, a web browser on a laptop computer.
9. Hosted Zone
A hosted zone is similar to a traditional DNS zone file in that it represents a collection of records that can be managed together and belong to a single parent domain name. All resource record sets within a hosted zone must have the hosting zone’s domain name as a suffix.
How Does The AWS Route 53 Service Work For Routing Traffic Between End-users And The Hosted Web Apps?
At first, the domain name is to be registered with AWS Route 53. Then it is configured to route Internet traffic to the domain name hosting servers. These servers can be both AWS public cloud or private cloud infrastructure.
Into the browser search bar, end-users enter the domain name or the complete URL.
The request is routed to a DNS resolver by the ISP. DNS resolver is a tool built to convert the domain name into its IP address.
Then the user request is forwarded by the DNS resolver to a DNS name server. Then it is directed to the Top Level Domain (TLD) server of the DNS root name server, and finally, it reaches AWS Route 53.
DNS resolver receives the IP address of the domain name from the Route 53 name server.
Since now the DNS resolver has the required IP address, it finds the appropriate server hosting the requisite content. According to the configurations of the AWS Route 53 service, it forwards the user’s request to that server.
Checking the health of backend servers is also included in the work of AWS Route 53. The function of the service feature, the DNS Failover, is to check the endpoints for availability. If the endpoint is found unhealthy, then Route 53 will route traffic to another healthy endpoint. In a special provision, an alarm is triggered using the AWS CloudWatch functionality to inform the specified recipient regarding the necessary actions.
Current AWS Route 53 Features
1. Resolver
Using the Route 53 Resolver, DNS resolution can be performed between local networks and VPC. Users can forward DNS queries from the local network to a Route 53 Resolver and apply conditional configurations to forward DNS queries from AWS instances to a local network. IPv4 and IPv6 both the formats are supported by AWS Route 53.
2. Traffic Flow
AWS Route 53 provides intelligent traffic routing based on parameters, including the health of endpoints, proximity, and latency, among many more.
3. Geo DNS and Latency Based Routing
Routing traffic from servers closest to end-users helps reduce latency, and end-users get an improved experience.
4. Private DNS for Amazon VPC
Route 53 is configured to respond to DNS queries within private hosted VPC zones to prevent the DNS resolution data from being exposed to the public networks.
5. Health Checks, Monitoring, and Failover
Depending upon the specific configurations, Route 53 directs internet traffic to a healthy target. If any unhealthy endpoint is found, the health-checking agents will route the traffic to healthy endpoints.
The function of the health check feature is to generate CloudWatch metrics that trigger AWS Lambda functions to perform appropriate corrective actions.
To know more about Lambda, check out this AWS Lambda Tutorial.
6. Domain Registration
With a scalable DNS management service, users can either transfer management of existing domains or register new domain names to AWS Route 53.
The management and billing associated with delivering Web-hosted services are consolidated with this feature.
7. S3 and CloudFront Zone Apex Support
Custom SSL can be created, and proprietary code or complicated configurations are not required.
With the permission of Zone Apex support, Route 53 returns requests for root domains like abc.com in the same way as the whole URL scheme of example.com without suffering any performance cost because an additional proxy server is not required to access the backend servers.
8. Amazon ELB Integration
AWS Elastic Load Balancing capability functions to distribute the load traffic between multiple AWS target instances to enhance service availability and performance.
AWS ELB enables users to increase the fault tolerance of their Web services to healthy target instances within AWS and on-premise infrastructure resources.
9. Weighted Round Robin
It is a kind of service for developers in which it is configured how often a DNS response is returned. This capability is considered very useful for service testing purposes and balancing traffic between target instances.
10. Management Console
It is a simple and intuitive management console that permits users to view resources and perform operational tasks. The management console is also available as a mobile app. Users can use it to further manage Route 53 controls, like the DNS record modification permission using the AWS Identity and Access Management service. Learn more about AWS Mobile App Development in this free course.
Amazon Route 53 — Routing Policies Overview
When a record is created, it is required to choose a routine policy to determine how Amazon Route 53 responds to queries. Let’s have a look at them one by one:
1. Simple Routing Policy
It is used for a single resource that performs a given function for a particular domain, for example, a web server that serves content for the abc.com website.
A simple Routing Policy is considered the most basic routing policy, which is defined as using a record to resolve a single resource without specific rules. For example, a DNS record can be created to resolve the domain to an ALIAS record that routes the traffic to an ELB load, balancing a set of EC2 instances.
2. Weighted Routing Policy
Weighted Routing Policy is used when multiple resources are there for the same functionality and the traffic required to be split between the resources based on some specified weights.
3. Latency Routing Policy
It is used when the resources are in multiple AWS Regions, and the traffic needs to be routed to the region that provides the best latency.
4. Failover Routing Policy
The use of the Failover Routing Policy is to create an Active/Passive set-up. This means that one of the sites is active and serves all the traffic at a time while the other Disaster Recover (DR) site remains in standby mode. The health of the primary site is monitored by Route 53 using the health check.
5. Geolocation Routing Policy
The Geolocation Routing Policy uses the Geolocation Routing Policy to route the traffic as per the geographic location from where the DNS query originated. With the help of this policy, the traffic can be sent to resources in the same region from where the request originated, which means it allows site affinity based on the user’s location.
6. Geo Proximity Routing Policy
With the use of Geo Proximity routing, Amazon Route 53 routes traffic to the resources based on the users’ geographic location and resources.
By specifying a value known as a bias, it is feasible to choose to route the traffic more or less to a given resource.
The function of a bias is to expand or shrink the size of the geographic region from which traffic is routed to a resource.
To use geo proximity routing, a Route 53 traffic flow must be used.
7. Multivalue Answer Routing Policy
Multivalue answer Routing Policy can be said as a Simple Routing Policy, but in response to the DNS queries, it can return multiple values, such as IP addresses for the web servers.
Multiple values for almost any record can be specified, but multivalue answer routing also allows checking the health of each resource. Therefore Route 53 returns a healthy resource value. It can not be said to be a substitute for a load balancer. However, its ability to return multiple health-checkable IP addresses is a way to use DNS to improve availability and load balancing.
Route 53 Pricing
On the usage basis, AWS charges several monthly rates:
1. DNS zones
The first 25 hosted zones charge is $0.50 per hosted DNS zone/month and then $0.10 for additional zones.
2. Policy records
For every DNS name (such as “www.abc.com”), the charge is $50 per Standard query, then $0.4 per million queries for the first billion queries/month, and then it charges $0.2 per million queries/month.
3. Latency-based routing queries
The charge is $0.6 per million queries for the first billion queries/month. Thereafter, it charges $0.3 per million queries/month.
4. Geo-based queries
It charges $0.7 per million queries for the first billion queries/month. Thereafter, it charges $0.35 per million queries/month.
5. Health checks
There is no charge for the first 50 AWS endpoints. Thereafter, it charges $0.5 / endpoint/month.
6. Domain registration
For domains across different TLDs, AWS charges as per a price sheet.
AWS Route 53 Security
In Apr 2018, a case of a hacking attack on Amazon Route 53 service was reported where hackers conducted a BGP attack, and as a result, 1300 IP addresses owned by AWA were hijacked to do so, and Route 53 for DNS was used.
A cryptocurrency website was the victim of this and suffered a massive loss as the hackers successfully managed to redirect users to a spoofed duplicate site and stole $160,000 in cryptocurrency.
At present, AWS considers cloud security the highest priority. AWS assures customers to provide a data centre and network architecture that is fully competent to meet the requirements of the most security-sensitive organizations.
Security is a responsibility that is shared between AWS and customers. The shared responsibility model defines this as security of the cloud and also security in the cloud:
1. Security of the cloud
AWS takes responsibility for protecting the infrastructure that runs AWS services in the AWS Cloud. AWS also provides security services to the customers that they can use.
On a routine basis, the security system’s effectiveness is tested and verified by the third-party auditors as part of the AWS compliance programs.
The compliance programs that apply to Amazon Route 53 can be learned with the help of AWS Services in Scope by Compliance Program.
2. Security in the cloud
The responsibility of users is determined by the AWS service that they use. Users are also responsible for the factors like data sensitivity, the company’s requirements, and applicable laws and regulations.
Amazon Route 53 Limitations
Amazon Route 53 is a robust DNS service with advanced features, but it also has many limitations. Some of them are as follows:
1. Do Not Support DNSSEC
DNSSEC abbreviates Domain Name System Security Extensions. The Internet Engineering Task Force uses it as a suite of extension specifications. It effectively secures the data exchanged in DNS in Internet Protocol networks. But, It is not supported by AWS Route 53.
2. Forwarding Options
Route 53 lacks in providing forwarding or conditional forwarding options for domains used in an on-premise network.
3. Single Point Of Failure
It is combined with other AWS services; therefore, Route 53 may become a single point of failure. This results in a significant problem for AWS route 53 disaster recovery and other relevant issues.
4. Limited Route 53 DNS Load Balancing
The features of AWS Route 53 load balancer provide only basic load balancing capabilities because it lacks advanced policy support and enterprise-class features.
5. Route 53 Cost
The service provides for businesses using Route 53 with non-AWS endpoints or quite expensive services. Notably, the visual editor is costly as it includes the cost of each query.
6. Zone Transfers
AWS Route 53 DNS is not qualified as the authoritative source for cloud websites.com, while it has the root-level domain registered.
7. Latency
Forwarding all AWS Route 53 queries to external servers after contacting Amazon infrastructure leads to latency.
Conclusion
In this article, we have extensively covered the critical aspects of AWS Route 53, intending to give you the best knowledge. We are sure that after reading this article, you would have learned many things, like what AWS Route 53 is, how it works, and knowledge about its policies and features.
Check out Cloud Computing Course to learn more about this domain and pursue a career in it.