AWS Route 53 DNS Management: Complete Domain and Routing Guide

Tyler Maginnis | February 08, 2024

AWSRoute53DNSdomain-managementrouting

Need Professional AWS Solutions?

Get expert assistance with your aws solutions implementation and management. Tyler on Tech Louisville provides priority support for Louisville businesses.

Same-day service available for Louisville area

AWS Route 53 DNS Management: Complete Domain and Routing Guide

Amazon Route 53 is a highly available and scalable Domain Name System (DNS) web service. This comprehensive guide helps small businesses leverage Route 53 for domain management, traffic routing, and health monitoring to ensure reliable online presence.

Route 53 Fundamentals

Understanding DNS and Route 53's capabilities is essential for effective domain management.

Core DNS Concepts

  • Domain Names: Human-readable addresses (example.com)
  • DNS Records: Map domains to resources
  • Name Servers: Respond to DNS queries
  • TTL: Time to Live for DNS caching
  • Hosted Zones: Container for DNS records

Setting Up Hosted Zones

Creating a Public Hosted Zone

Configure DNS for internet-facing resources:

# Create hosted zone
aws route53 create-hosted-zone \
  --name example.com \
  --caller-reference "$(date +%s)"

# Note the name servers provided
# Update your domain registrar with these name servers

Private Hosted Zones

DNS resolution within your VPC:

# Create private hosted zone
aws route53 create-hosted-zone \
  --name internal.company.local \
  --vpc VPCRegion=us-east-1,VPCId=vpc-123456 \
  --hosted-zone-config PrivateZone=true

DNS Record Types

Essential Record Types

Configure the right record for your needs:

  • A Record: Maps domain to IPv4 address
  • AAAA Record: Maps domain to IPv6 address
  • CNAME Record: Creates domain aliases
  • MX Record: Email server routing
  • TXT Record: Text information and verification

Record Configuration Examples

{
  "Changes": [{
    "Action": "CREATE",
    "ResourceRecordSet": {
      "Name": "www.example.com",
      "Type": "A",
      "TTL": 300,
      "ResourceRecords": [{
        "Value": "192.0.2.1"
      }]
    }
  }]
}

Routing Policies

Simple Routing

Basic DNS resolution:

www.example.com:
  Type: A
  Value: 192.0.2.1
  TTL: 300

Weighted Routing

Distribute traffic by percentage:

# 70% to server 1
www.example.com:
  Type: A
  Value: 192.0.2.1
  Weight: 70
  SetIdentifier: server1

# 30% to server 2
www.example.com:
  Type: A
  Value: 192.0.2.2
  Weight: 30
  SetIdentifier: server2

Latency-Based Routing

Route users to lowest latency endpoint:

  • Configure records in multiple regions
  • Route 53 automatically selects best endpoint
  • Improves user experience globally

Geolocation Routing

Route based on user location:

{
  "GeoLocation": {
    "CountryCode": "US",
    "SubdivisionCode": "NY"
  },
  "ResourceRecords": [{
    "Value": "us-east-server.example.com"
  }]
}

Health Checks and Monitoring

Configuring Health Checks

Monitor endpoint availability:

aws route53 create-health-check \
  --health-check-config '{
    "Type": "HTTPS",
    "ResourcePath": "/health",
    "FullyQualifiedDomainName": "api.example.com",
    "Port": 443,
    "RequestInterval": 30,
    "FailureThreshold": 3
  }'

Health Check Types

  1. Endpoint Monitoring: Check specific URLs
  2. Calculated Health Checks: Combine multiple checks
  3. CloudWatch Alarm: Monitor AWS resources

Failover Configuration

Active-Passive Failover

Automatic disaster recovery:

# Primary record
api.example.com:
  Type: A
  Value: 192.0.2.1
  Failover: PRIMARY
  HealthCheckId: check-123
  SetIdentifier: primary

# Secondary record
api.example.com:
  Type: A
  Value: 192.0.2.2
  Failover: SECONDARY
  SetIdentifier: secondary

Multi-Region Failover

Complex failover scenarios:

  1. Primary region with health checks
  2. Secondary region on standby
  3. Automatic failover on failure
  4. Configurable failback options

Domain Registration

Registering Domains

Route 53 as domain registrar:

  1. Check domain availability
  2. Configure contact information
  3. Enable privacy protection
  4. Set auto-renewal preferences

Domain Transfer

Moving domains to Route 53:

# Initiate transfer
aws route53domains transfer-domain \
  --domain-name example.com \
  --auth-code "transfer-auth-code" \
  --auto-renew

Performance Optimization

TTL Management

Balance performance and flexibility:

  • Short TTL (60-300s): During migrations
  • Medium TTL (3600s): Normal operations
  • Long TTL (86400s): Stable configurations

Alias Records

Use AWS resource integration:

{
  "Name": "example.com",
  "Type": "A",
  "AliasTarget": {
    "HostedZoneId": "Z2FDTNDATAQYW2",
    "DNSName": "d123456.cloudfront.net",
    "EvaluateTargetHealth": true
  }
}

Security Best Practices

DNSSEC

Enable DNS Security Extensions:

  1. Enable DNSSEC signing
  2. Create KSK and ZSK
  3. Add DS records to parent zone
  4. Monitor DNSSEC status

Access Control

Secure Route 53 management:

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Action": [
      "route53:ListHostedZones",
      "route53:GetHostedZone"
    ],
    "Resource": "*"
  }, {
    "Effect": "Allow",
    "Action": "route53:ChangeResourceRecordSets",
    "Resource": "arn:aws:route53:::hostedzone/Z123456789"
  }]
}

Cost Optimization

Reduce Route 53 Costs

  1. Consolidate Hosted Zones: Minimize zone count
  2. Optimize Health Checks: Use calculated checks
  3. Review Query Patterns: Identify heavy usage
  4. Use Appropriate TTLs: Reduce query volume

Pricing Components

  • Hosted zones: $0.50/month
  • Queries: $0.40 per million
  • Health checks: From $0.50/month
  • Domain registration: Varies by TLD

Integration with AWS Services

CloudFront Distribution

distribution.example.com:
  Type: A
  AliasTarget:
    HostedZoneId: Z2FDTNDATAQYW2
    DNSName: d123456.cloudfront.net

Elastic Load Balancer

app.example.com:
  Type: A
  AliasTarget:
    HostedZoneId: Z35SXDOTRQ7X7K
    DNSName: my-load-balancer-123456.us-east-1.elb.amazonaws.com

Monitoring and Logging

Query Logging

Enable DNS query logging:

aws route53 create-query-logging-config \
  --hosted-zone-id Z123456789 \
  --cloud-watch-logs-log-group-arn arn:aws:logs:us-east-1:123456789012:log-group:/aws/route53/example.com

CloudWatch Metrics

Monitor DNS performance:

  • Query count by record type
  • Health check status
  • Domain registration events
  • DNSSEC validation failures

Troubleshooting

Common DNS Issues

  1. Propagation Delays: Wait for TTL expiration
  2. NXDOMAIN Errors: Check record existence
  3. Health Check Failures: Verify endpoint accessibility
  4. Query Timeouts: Check security groups

Diagnostic Tools

# Check DNS resolution
dig example.com

# Trace DNS path
dig +trace example.com

# Test specific name server
dig @ns-123.awsdns-12.com example.com

Migration Strategies

Zero-Downtime Migration

  1. Lower TTLs: Reduce to 60 seconds
  2. Dual Running: Configure both old and new
  3. Test Thoroughly: Verify all records
  4. Update Incrementally: Change in phases
  5. Monitor Closely: Watch for issues

Best Practices Summary

  1. Use Alias Records: For AWS resources
  2. Implement Health Checks: Ensure availability
  3. Plan for Failure: Configure failover
  4. Monitor Continuously: Enable query logging
  5. Secure Appropriately: Implement least privilege

Conclusion

Route 53 provides enterprise-grade DNS capabilities that small businesses can leverage for reliable, performant domain management. By implementing proper routing policies, health checks, and security measures, you can ensure your online services remain accessible and responsive.

For professional Route 53 configuration and DNS architecture services in Louisville, contact Tyler on Tech Louisville to optimize your domain management and ensure maximum availability for your business.