Skip to main content

Using Route 53 to Configure DNS in an AWS Environment

Hands-On Lab

 

Photo of Craig Arcuri

Craig Arcuri

AWS Training Architect II in Content

Length

00:30:00

Difficulty

Intermediate

In this hands-on lab, we work through various options available for configuring DNS. The first section of the lab entails configuring DNS within a Virtual Private Cloud, which involves working with AWS Route 53. Route 53 is the perfect tool for configuring DNS within an AWS environment and specifically for a VPC. The second part of the lab presents hybrid scenarios where on-premises servers are still part of the compute environment, and we'll have to configure a hybrid environment with DNS. Finally, we'll dive into a scenario where we've got to configure a completely external DNS server, utilizing just AWS and Route 53. Ultimately, we will have covered configuring DNS for any scenario someone may encounter in the real world.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Using Route 53 to Configure DNS in an AWS Environment

Solution

Please log into the AWS environment by using the cloud_user credentials provided. Once inside the AWS account, make sure you are using us-east-1 (N. Virginia) as the selected region.

Create an EC2 Instance

  1. From the AWS Management Console Dashboard, go in to EC2
    • Click Launch Instance
    • Select and Amazon Linux 2 AMI (it should be the first in the list)
    • Select t2.micro
    • Click Next: Configure Instance Details
    • Auto-assign Public IP: Enable
    • Click Next: Add Storage
    • Click Next: Add Tags
    • Click Add Tag
    • Key: Name
    • Value: Client
    • Click Next: Configure Security Groups
    • Assign a security group: Select an existing security group
    • Click the checkbox next to the Security Group ID that has "SecurityGroup" in the name
    • Click Review and Launch
    • Click Launch
    • Choose a Key Pair
    • Choose Create a new key pair
    • Key pair name: dnslab
    • Click Download Key Pair
    • Click Launch Instances
    • Click View Instance

Connect to the EC2 Instance

  1. Once the instance is fully created, check the checkbox next to the instance name and click Connect at the top of the window.

  2. Copy the connection string, found under the Example section.

  3. Open a terminal window and navigate to your Downloads folder:

    cd downloads
  4. Set permissions on the key pair:

    chmod 400 dnslab.pem
  5. Paste the connection string into your terminal window.

Create a Route 53 Hosted Zone

  1. In the AWS Console, navigate to the VPC service
  2. Click Your VPCs
  3. Select the checkbox next to the VPC name and click Actions > Edit DNS Resolution
  4. Ensure DNS Resolution is set to Yes and click Save
  5. Select the checkbox next to the VPC name and click Actions > Edit DNS Hostname
  6. Ensure DNS Hostnames is set to Yes and click Save
  7. Navigate to the Route 53 service
  8. Click Hosted Zones
  9. Click Create Hosted Zones
  10. Create Domain Name: awscloud.local
  11. For type, select Private Hosted Zone for Amazon VPC
  12. For VPC ID, in the dropdown select the VPC provided
  13. Click Create

Create Record Sets

  1. Duplicate your existing tab in your browser to open a new AWS Console tab
  2. In this new tab, navigate to the EC2 service
  3. Click Instances in the menu in the left
  4. Click the checkbox next to the Client instance and find the Private IPs section in the details at the bottom of the page. Copy the private IP address to your clipboard.
  5. On the Route 53 tab, click Create Record Set
    • Name: client
    • Value: Paste the private IP address copied earlier
  6. Click Create

Test in the Terminal

> Note: It may take a few minutes for the new DNS record set to propagate fully.

  1. In your terminal window:

    nslookup client.awscloud.local

Configure On-premises DNS

  1. In the EC2 tab in your browser, select the checkbox next to the On Premise DNS instance

  2. In the details pane at the bottom of the page, find the Private IPs section and copy the IP

  3. In your terminal, view the contents of /etc/resolv.conf

    cat /etc/resolv.conf
  4. Edit the file:

    sudo vi /etc/resolv.conf
  5. Modify the line: 'nameserver 10.0.0.2' to be: nameserver [private ip address of the On Premise DNS]

  6. View the on-premises record:

    nslookup ns1.onpremise.local
  7. Ping ns1.onpremise.local and compare it to the output of a ping to ns1:

    ping ns1.onpremise.local
    ping ns1
  8. Our system is not able to resolve just ns1. Let's fix that by editing the search line in our /etc/resolv.conf file:

    Change:

    search ec2.internal

    To:

    ns1.onpremise.local
  9. You should now be able to ping ns1

  10. In the AWS Console, navigate to the VPC service

  11. Click DHCP Options Sets

  12. Click Create DHCP options set

    • Name tag: on-premise
    • Domain name: onpremise.local
    • Domain name servers: Set this to the private IP address of your On Premise DNS EC2 instance
    • Click Yes, Create
  13. Click Your VPCs

  14. Check the box next to the VPC name, click Actions > Edit DHCP Options Set

    • In the dropdown menu, select the DHCP Options Set we created, on-premise
  15. Click Save

  16. In your terminal window, reboot the instance:

    sudo reboot
  17. Log back in to the instance using the connection string from earlier.

  18. View the auto-generated contents of /etc/resolv.conf:

    cat /etc/resolv.conf
  19. Ping ns1:

    ping ns1    

Conclusion

Congratulations, you've completed this hands-on lab!