AWS Route 53 Definition
Amazon Route 53, part of the Amazon Web Services (AWS) cloud computing platform from Amazon.com normally referred to as AWS Route 53, is a highly available, scalable Domain Name System (DNS) service. Released in 2010, its name refers to both the classic highway US Route 66 and the destination for DNS server requests: TCP or UDP port 53.
AWS Route 53 translates URL names, such as www.wordpress.com, into their corresponding numeric IP addresses—in this example, 22.214.171.124. In this way, AWS Route 53 simplifies how cloud architecture routes users to internet applications.
AWS Route 53 FAQs
What is AWS Route 53?
AWS Route 53 is intended for managing DNS for services and machines deployed on Amazon’s public cloud. The AWS Route 53 DNS service connects user requests to ELB load balancers, Amazon EC2 instances, Amazon S3 buckets, and other infrastructure running on AWS.
Key Amazon Route 53 Benefits and Features
AWS service integration. Obviously, the tight integration of AWS Route 53 with CloudFront, S3, and ELB means it’s easy to route traffic to a static website hosted on S3 or an ELB CNAME record, or generate custom domains for CloudFront URLs.
Simple routing policy. The simplest and most common routing type, this policy merely uses AWS Route 53 to map your site name to your IP. Any future browser requests for that site name would then be directed to the correct IP.
Alias records. An alias resource record can point directly to other resource records instead of an IP address, such as an ELB load balancer, a CloudFront distribution, or an Amazon S3 bucket. This ensures traffic is sent to the correct endpoint even if the IP addresses of the underlying resources change.
Amazon Route 53 failover. In case of outage as determined by health checks, an Amazon Route 53 failover policy redirects users to a designated backup resource or alternative service automatically.
Domain registration. AWS serves as a domain registrar, allowing users to select and register domain names from all top-level domains (.com, .net, .org, etc.) with the AWS management console. This avoids the need to migrate and enables the Route 53 registrar to provide free privacy protection for the WHOIS record.
Geo DNS. Depending on detected user geographic location, this policy routes users to endpoints based on designated resource targets. For example, to limit latency you might want all queries from one region to be routed to a server located in the same physical region.
Health checks. AWS Route 53 conducts health checks and monitors the health and performance of applications. When it detects an outage, Amazon Route 53 redirects users to a healthy resource.
Latency-based routing. A latency-based policy routes users and traffic to the lowest latency AWS region.
Private DNS. Defines custom domain names while keeping DNS information private for Amazon VPC users. Private DNS records allow you to easily route traffic using domain names managed within your VPCs and create private hosted zones. For example, this can allow you to switch quickly between IP-based resources without updating multiple embedded links.
Traffic flow. Routes endpoint traffic based on best user experience.
Weighted round-robin load balancing. Uses a round-robin algorithm to spread traffic between multiple services. By assigning the multiple servers that make up a web service different numeric priorities or weights, you can direct a lower or higher percentage of your incoming traffic to a particular server. This kind of routing can be useful for testing new versions of a software package and load balancing.
How Route 53 Works?
The global infrastructure called the Domain Name System (DNS) translates human-readable hostnames into numerical IP addresses. IP addresses on the cloud can change frequently, as services move between data centers and physical machines. This means the translation and communication process is complex.
Organizations that run machines in the cloud using Amazon Web Services (AWS) need an AWS DNS solution—a way to correctly translate user requests into Amazon IP addresses while adapting to cloud changes and quickly propagating them to DNS clients.
AWS Route 53 is Amazon’s official DNS solution. The following process occurs when a user accesses a web server via Route 53 DNS:
- A user accesses an address managed by Route 53, www.website.com, which leads to an AWS-hosted machine.
- Typically managed by the local network or ISP, the user’s DNS resolver receives the request for www.website.com routed by AWS Route 53 and forwards it to a DNS root server.
- The DNS resolver forwards the TLD name servers for “.com” domains the user requests.
- The resolver acquires the four authoritative Amazon Route 53 name servers that host the domain’s DNS zone.
- The DNS resolver selects one of the four AWS Route 53 servers, and requests details for www.website.com.
- The Route 53 name server searches the DNS zone for the www.website.com IP address and other relevant information and returns it to the DNS resolver.
- As specified by the Time to Live (TTL) parameter, the DNS resolver caches the IP address locally, and of course returns it to the user’s web browser.
- The browser uses the IP address the resolver provides to contact Amazon-hosted services such as the web server.
- The user’s web browser displays the website.
Route 53 Resolver for Hybrid Clouds
In a typical hybrid cloud DNS configuration, the user merges a private center with one of their Amazon VPCs using a managed VPN or AWS Direct Connect. However, because the private cloud to the user’s VPC is a pre-established connection to AWS, when customers perform a lookup across this connection, it sometimes fails. This prompts some users to manually reroute requests using on-premises DNS servers to another Amazon VPC server—potentially one custom DNS server in each VPC.
AWS Route 53 Resolver for Hybrid Clouds or Route 53 Resolver 2 is part of the primary Route 53 service offering. It acts as a resolver for DNS requests between the entities in your VPC and your private cloud. It can perform both outbound communication from VPC to data center and inbound communication from an on-premises source to VPC.
Other advantages of AWS Route 53 Resolver:
Simplification. AWS Route 53 Resolver lets you manage multiple VPCs using a single endpoint for a single region.
Security. AWS Route 53 benefits from the added security of AWS Identity Access Management (IAM). AWS IAM enables secure user control access to web resources and services, and allows for the assignment of permissions to allow/deny access to AWS resources and the creation and management of AWS users/groups.
Reliability. As an AWS-native service, Route 53 is designed to help your system stay running in a coordinated way with all the other AWS services in your deployment. Each feature of AWS Route 53, such as geographically-based and latency-based policies, is designed to be reliable and cost-effective.
Cost. AWS Route 53 efficiently redirects website requests without extra hardware, and it does not charge for queries to CloudFront distributions, ELBs, S3 buckets, VPC endpoints, and certain other AWS resources.
Service credits. AWS Route 53 offers a service level agreement (SLA) specifying a monthly uptime percentage. In any billing cycle with a percentage that fails to meet the service commitment, the SLA provides service credits for the user.
Time to propagate. Under typical work conditions, AWS Route 53 distributes DNS record updates to the DNS server network in approximately 60 seconds.
Amazon Route 53 Limitations
Amazon Route 53 has several important limitations although it is an advanced DNS service with robust features. Here are the most critical:
No DNSSEC support. AWS Route 53 does not support the DNSSEC standard. DNSSEC can prevent man in the middle (MITM) attacks and other types of DNS attacks.
Single point of failure. Used in tandem with other AWS services, AWS Route 53 may become a single point of failure. This is a problem for AWS Route 53 disaster recovery and related issues.
Route 53 Cost. Particularly for businesses using Route 53 with non-AWS endpoints/services, the service is expensive. The visual editor in particular is costly; it is $50/month in addition to the cost of queries for each record type to which you apply a visual editor policy.
Forwarding options. For domains used on an on-premise network, AWS Route 53 lacks forwarding and conditional forwarding options.
Limited Route 53 DNS load balancing. AWS Route 53 load balancer features lack advanced policy support and enterprise-class features and provide only basic load balancing capabilities.
No support for private zone transfers. For example, you cannot appoint AWS Route 53 as the authoritative source for “cloud.website.com” even if you have the root level domain “website.com” registered.
Latency. Although there exist workarounds for routing Route 53 DNS queries to external servers, the queries must be forwarded to external servers after contacting Amazon infrastructure, still incurring latency.
AWS Route 53 Alternatives
Although AWS Route 53 is a natural choice for managing DNS within the AWS ecosystem, there are alternatives. Any third-party DNS provider used in place of AWS Route 53 must be able to route users and traffic to the optimal data center, endpoint, or geography intelligently similarly to Route 53 to achieve the same things.
For cloud hosting, Cloudflare DNS, Google Cloud DNS, Azure DNS, and GoDaddy Premium DNS are all examples of AWS Route 53 alternatives. Built-in integration with automation and deployment tools, including real-time information about your AWS servers and their parameters, including their availability, load, and physical location, can then allow other tools to route traffic according to the chosen parameters. Many enterprises also choose to add load balancer to Route 53 protections already in place.
Does Avi Offer Route 53 Monitoring Capabilities?
The Avi Vantage Platform is a next-generation, full-featured elastic application services fabric that offers application services such as load balancing, security, application monitoring and analytics, and multi-cloud traffic management for workloads deployed in bare metal, virtualized, or container environments in a data center or a public cloud such as Amazon Web Services.
Enterprises use AWS to maximize and modernize infrastructure utilization. Extending app-centricity to the networking stack represents the next phase of this modernization.
Avi Networks integrates with AWS Route 53 and delivers elastic application services that extend beyond load balancing to deliver real-time app and security insights, simplify troubleshooting, auto scale predictively, and enable developer self-service and automation. Avi Vantage provides full-featured load balancing algorithms, automation, DNS services, advanced security including DDoS protection and Amazon Route 53 DDoS protection, visibility and monitoring, multi-cloud load balancing, and reduced TCO for AWS. Avi Vantage delivers full-featured load balancing capabilities in an as-a-service experience and seamlessly integrated Web Application Firewall (WAF) capabilities.
Learn more about Avi’s application services alternative to the AWS load balancer here.