The use of the internet has become so widespread today that for many, access to it feels as normal as access to water or electricity. But while most people consider the internet to simply exist and be one of their basic utilities, they also take for granted what’s needed to keep it running, as well as all the quality of life systems that help enhance the experience of using it.
One such feature is the Domain Name System (DNS), otherwise known as the “phonebook of the internet.” DNS has a very simple job: It translates domain names to IP addresses (which are unique to every internet-connected device). This allows you to use “google.com,” for example, instead of having to keep track of various unique IP addresses like “184.108.40.206,” making your use of the internet much less tedious and far easier.
DNS has been around for a very long time and is an unavoidable part of almost any business environment, but managing DNS can be an overwhelming task. In this article, we are going to take a look at Route 53, Amazon’s managed DNS service, and show you why you might want to consider it for your cloud environment.
AWS Route 53 and Its Features
AWS Route 53 was first released back in 2010, while the cloud era was still in its infancy. As time passed, it matured along with the cloud, and while its primary purpose is still DNS management, it can do a lot more for those of you running businesses in the AWS cloud.
Route 53 was built from the ground up with high availability in mind, just like everything else in Amazon’s public cloud. The infrastructure that supports it is very reliable and is spread all over the world, but it also provides very low latency. Route 53 is also automatically scalable (which is very important when trying to respond to increased demand), so you can rest assured that whatever amount of traffic is coming your way, you’ll be covered.
Security and cost are the usual topics of consideration when it comes to the cloud, and with Route 53, you not only get a very secure service (user access is fine-grained and tightly controlled through Identity and Access Management) but also one that is cost-efficient—you only pay for what you use.
Aside from its primary purpose as a DNS service, Route 53 offers plenty of other beneficial features, which we’ll discuss below.
AWS Route 53 allows you to purchase new domains, as well as transfer existing domains from other registrars. While this is a very basic feature, it is also a very useful one, especially if you don’t want to (or don’t know how to) use something like GoDaddy. Having everything in one place instead of spread across multiple tools and services can help reduce some of the unnecessary overhead as well.
Traffic Routing Policies
For each DNS record you create, you’ll be able to choose a routing policy, which will dictate how Route 53 responds to DNS queries. There are many policies available, each suited for a different purpose:
- Simple routing policy: The most basic routing policy, this is used for a single resource, for example, a web server.
- Weighted routing policy: This allows you to spread traffic across multiple resources, while a specified weight will determine the proportion of the load to be sent to each of those resources. This is a great option if you have two different servers in two locations and want to send equal amounts of traffic to both, in which case, you would set a weight of 50 for each. Additionally, this can be used to send a small amount of traffic to the testing environment, by having a primary resource weight of 90 and a secondary one of 10.
- Latency routing policy: If your resources are spread across multiple AWS Regions around the world, and latency is the key factor, this option allows you to route traffic to the resource with the lowest latency.
- Geolocation routing policy: If you want to limit traffic based on the geographical locations of your users (for example, due to certain restrictions or compliance policies you have to follow), this policy will do just that.
- Failover routing policy: If your cloud environment has an active-passive setup, this will help you make a switch from your primary region to the secondary one. This is extremely useful for any DR setup to reduce the Recovery Time Objective (RTO) and is best used in combination with health checking.
- Geoproximity routing policy: Similarly to the geolocation routing policy, this will route traffic based on the geographical location of your resources, instead of your users. Additionally, you can opt to route more or less traffic to a specific resource using a bias value.
- Multivalue answer routing policy: You can use this when you want to have AWS Route 53 answer DNS queries with multiple records.
AWS Route 53 monitors the health of your application, servers, and other resources by sending requests to the endpoint in order to verify whether it is available, reachable, and functional. It can also monitor CloudWatch alerts, as well as the status of other health checks you have in place.
Health checking via Route 53 is very important for Disaster Recovery (DR), as you can have it automatically failover to a backup region to minimize downtime. This is a must-have feature for DR configurations, where your RTO is set very low and you don’t want to rely on manual failover procedures.
An alias record is Amazon’s internal record that extends Route 53 to existing DNS functionalities. It does not contain a domain name or IP address but instead has a pointer for a specific AWS service endpoint. You can use an alias record for load balancers (classic, application, and network), CloudFront distributions, Amazon S3 buckets (configured as a static website), Elastic Beanstalk environments, or even another Route 53 record that is located in the same hosted zone.
AWS Route 53 Resolver DNS Firewall
In late March of 2021, Amazon announced a new feature for the Route 53 service—Route 53 Resolver DNS Firewall. This managed firewall feature gives you fine-grained control of your DNS queries by allowing you to block DNS queries made for known malicious domains. Essentially, Route 53 Resolver DNS Firewall works with various blacklists that limit access for domains you don’t want your VPC resource communicating with.
You can also permit DNS queries to trusted domains, using whitelists to limit outbound queries. Alerting is supported as well, so if a specific query is matched, you can be notified. Additionally, this firewall comes with two existing lists—one for malware domains and another for botnet domains—so that you’re protected against commonly known threats.
At N2WS, we’re all about giving you peace-of-mind and freeing up your time to focus on growth and innovation. That’s why we provide an essential service: automated backup and rapid recovery (along with a lot more). And AWS Route 53 is also an essential service that handles an important task—one most do not want to handle themselves. As a managed service, Route 53 offloads DNS management, allowing you to focus your attention elsewhere.
Aside from providing you with the basic DNS service, Route 53 comes with several other great features like advanced traffic routing, health checking, and DNS firewall. This should cover any cloud requirement that a company has, and if you consider the more-than-fair cost of using it, Route 53 should be one of the first services you consider if you aren’t using it already.