AWS Route 53

Posted 2023-05-08

参考技术A

ELB does not have pre-defined IPv4 addresses. You reserve to them using a DNS name.

A hosted zone is a container for records, and records contain information about how you want to route traffic for a specific domain. There are two types of hosted zones:

The start of authority (SOA) record identifies the base DNS information about the domain. It includes the following elements:

A sample of the SOA

Name server records are used by Top Level Domain servers to direct traffic to the content DNS server which contains the authoritative DNS records.

When user request for a domain name, the query goes to the top level domain server. The top level domain server requests the name server records it holds for the start of authority.

Amazon Route 53 automatically creates a name server (NS) record that has the same name as your hosted zone. It lists the four name servers that are the authoritative name servers for your hosted zone.

Point a domain name to an IP address.

Point a domain name to an alternative domain name.

A CNAME record can redirect DNS queries to any DNS record that might not in the same Route 53 hosted zone .

You can\'t create a CNAME record that has the same name as the hosted zone (the zone apex). This is true both for hosted zones for domain names (example.com) and for hosted zones for subdomains (zenith.example.com).

Amazon Route 53 alias records provide a Route 53–specific extension to DNS functionality. Alias records let you route traffic to
- CloudFront distributions
- Amazon S3 buckets
- Another record in the same Route 53 hosted zone

Unlike a CNAME record, you can create an alias record at the top node of a DNS namespace, also known as the zone apex.

If an alias record points to an AWS resource, you can\'t set the time to live (TTL); Route 53 uses the default TTL for the resource.

Direct the mail server request under the domain name to a specific IP address.

TTL is the length that a DNS record is cached on either the Resolving Server or the users own local PC. The lower the TTL, the faster changes to DNS records take to propagate throughout the internet.

Use for a single resource that performs a given function for your domain.

Cannot related the resources with a health check.

You can\'t create multiple records that have the same name and type, but you can specify multiple values in the same record, such as multiple IP addresses. If you specify multiple values in a record, Route 53 returns all values to the recursive resolver in random order, and the resolver returns the values to the client. The client then chooses a value and resubmits the query.

Use when you want to configure active-passive failover.
Failover routing lets you route traffic to a resource when the resource is healthy or to a different resource when the first resource is unhealthy.

Use when you want to route traffic based on the location of your users.

You can use geolocation routing to:

Geolocation works by mapping IP addresses to locations. However, some IP addresses aren\'t mapped to geographic locations. You can create a default record that handles both queries from IP addresses that aren\'t mapped to any location and queries that come from locations that you haven\'t created geolocation records for. If you don\'t create a default record, Route 53 returns a "no answer" response for queries from those locations.

Use when you want to route traffic based on the location of your resources and, optionally, shift traffic from resources in one location to resources in another.

To use geoproximity routing, you must use Route 53 traffic flow.

You can also optionally choose to route more traffic or less to a given resource by specifying a value, known as a bias. A bias expands or shrinks the size of the geographic region from which traffic is routed to a resource.

Use when you have resources in multiple AWS Regions and you want to route traffic to the Region that provides the best latency with less round-trip time.

To use latency-based routing, you create latency records for your resources in multiple AWS Regions. When Route 53 receives a DNS query for your domain or subdomain, it determines which region gives the user the lowest latency, and then selects a latency record for that region.

Latency between hosts on the internet can change over time as a result of changes in network connectivity and routing.

Data about the latency between users and your resources is based entirely on traffic between users and AWS data centers. If you aren\'t using resources in an AWS Region, the actual latency between your users and your resources can vary significantly from AWS latency data.

Use when you want Route 53 to respond to DNS queries with up to eight healthy records selected at random. It\'s not a substitute for a load balancer, but the ability to return multiple health-checkable IP addresses is a way to use DNS to improve availability and load balancing.

To route traffic approximately randomly to multiple resources, such as web servers, you create one multivalue answer record for each resource and, optionally, associate a Route 53 health check with each record.

Note the following:

Use to route traffic to multiple resources in proportions that you specify.

To configure weighted routing, you create records that have the same name and type for each of your resources. You assign each record a relative weight that corresponds with how much traffic you want to send to each resource. Amazon Route 53 sends traffic to a resource based on the weight that you assign to the record as a proportion of the total weight for all records in the group.

This can be useful for a variety of purposes, including load balancing and testing new versions of software.

To improve the accuracy of geolocation, geoproximity, and latency routing, Amazon Route 53 supports the edns-client-subnet extension of EDNS0.

When a browser or other viewer uses a DNS resolver that does not support edns-client-subnet, Route 53 uses the source IP address of the DNS resolver to approximate the location of the user. When a browser or other viewer uses a DNS resolver that does support edns-client-subnet, the DNS resolver sends Route 53 a truncated version of the user\'s IP address. Route 53 determines the location of the user based on the truncated IP address rather than the source IP address of the DNS resolver. This typically provides a more accurate estimate of the user\'s location.

为啥我使用 terraform 资源 aws_route53_record 创建的 Route53 记录无法公开解析？

【中文标题】为啥我使用 terraform 资源 aws_route53_record 创建的 Route53 记录无法公开解析？

【英文标题】：Why does a Route53 record I created with terraform resource aws_route53_record not resolve publicly?为什么我使用 terraform 资源 aws_route53_record 创建的 Route53 记录无法公开解析？

【发布时间】：2020-09-02 05:22:02

【问题描述】：

尝试创建一个最简单的 aws_route53_record 记录创建示例

Example

resources

但是当我做dig 时，它没有解决。我刚刚在 5 分钟前创建了记录。是因为我无法对我的公共 IP 执行此操作，还是需要时间才能生效？

$ dig server1.devops.academy

; <<>> DiG 9.10.6 <<>> server1.devops.academy
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10146
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;server1.devops.academy.                IN      A

;; AUTHORITY SECTION:
devops.academy.         331     IN      SOA     ns-1155.awsdns-16.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

;; Query time: 9 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Sat May 16 14:18:29 +04 2020
;; MSG SIZE  rcvd: 136

为什么我使用 aws_route53_record 创建的 Route53 记录无法公开解析？

【问题讨论】：

devops.academy. 331 你应该已经看到这里的值 (331) 每秒一次单调递减，当它达到零时，记录应该是可见的。

@Michael-sqlbot，您能详细说明一下吗？我等了将近半天，但没有创建记录。

如果记录没有出现，那么您遇到的问题不是我预期的问题。您是否查看了 AWS 控制台以验证记录是否确实存在，并且位于正确的托管区域中？ Route 53 不会阻止您为同一域创建额外的托管区域，但当然只有其中一个从 Internet 可见。

【参考方案1】：

为了公开解析 DNS 记录，您需要：

一个公共 Route 53 区域（你有这个） 要在域注册商处公开注册的域（Route 53 域可以使用）- 我怀疑你没有这个 域名注册商让 SOA 和 NS 从公共 Route 53 区域反映您的名称服务器（应该是自动的）

确保注册域并使用注册商更新 NS 和 SOA，以匹配您的 Route53 区域中的名称服务器（如果您使用的是 Route 53 域，请选择 Route 53 区域）。之后，您的问题应该得到纠正。

这是在 AWS 控制台中的 Route 53 域中注册域的方法（考虑到这大约需要 12 美元，我不建议在您对该过程非常熟悉之前将其自动化）。

登录 AWS 控制台 在服务中搜索 Route 53 前往 53 号公路 在左侧导航中选择注册域 点击注册域 在选择域名中，输入所需的域 如果有货且价格可以接受，请选择加入购物车 在列表底部，点击继续 在联系人类型中，选择人员 输入您的信息 保留隐私保护（它是免费的，您可能不需要此域的代码签名证书等需要公共联系信息的东西） 查看最后一页的详细信息（启用自动续订，丢失域是一件非常头疼的事，您可以随时在续订前取消它） 阅读 AWS 域注册协议以了解您的权利和责任，并在之后选中“我已阅读”复选框 点击完成订单

域名可能需要几个小时才能成功注册。

在此处了解有关此过程的更多信息： https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-register.html

【讨论】：

非常感谢@Alain O'Dea，您能否指出我可以获得更多相关信息的方向。我无法掌握你所说的一切，因为我是这个领域的新手 :)

我的荣幸。我在回答中添加了对该过程的一些解释。如果您遇到挑战，请随时在此处进行澄清。

非常感谢@Alain O'Dea，我会完成这些步骤并尝试实施它们。 :)