Amazon AWS Certified Advanced Networking Specialty – Advanced Route53 Configurations Part 2
4. DNS Records – A & AAAA
Hey everyone, and welcome back to the Knowledge Portal video series. Now, in the earlier lecture, we were discussing the basic about DNS records and its associated types. So today we’ll begin and we’ll take each of the types which are available and we will be discussing the relevant use case related to each one of them. So in today’s lecture, we will be discussing about the A record and the quadruple A record. So there are two records types which are available. So let’s go ahead and understand each one of them. Now A, which basically means address, is one of the most basic type of DNS records which is available. And this record basically points a domain name to an IPV four address.
Now, you have two examples. Over here you have mu and mu. com. And this domain is mapped to 192, 168, 1020. And then you have blog Mu and Mu. com. And this is associated with 128, 30, 45, 50. So this is the A record where a domain is mapped to an IPV four address. Just remember, this will discuss more when we do the practical session. And there is a second record type which is quadruple A, which is very similar to A record where the mapping is with the IPV six address. So there are two type of address which are available. One is IPV four address and second is IPV six address.
So IPV four address is quite easy to note. It’s like 192, 168, 1020. So this is IPV four address. However, when you talk about IPV six address, it will be quite long. So in IPV six address, you have a very long IP. So this is the IP address. When you use quarter A, you map a specific domain with a specific IPV six address. So let’s understand this with a practical session. So this is the Kplabs in DNS records which we had earlier. Look. So in the record types, if you will see over here, there are various record types which are available. The one that we are discussing right now is A and quadruple A. So let’s start with a we already discussed that a record must be associated with the IPV four address.
So let’s say I’ll just create a new subdomain which address kplabs in. And since it needs to be associated with the IPV four address in the input, it will only accept the IPV four address. It will not accept anything other than IPV four address. Like we have already looked like if we put anything else in the input section, it will say the record answer is invalid. Let us also try and put the IPV six over here and check if it will take.
And you see the record answer is invalid, so it will only take IPV four address. So let me put 192, 168, 1020, some random IPV four. And if I click on add record, it will accept it. Okay, so this is the A record. Now, in the next section we’ll look on the quarter A. And here let me put IPV six. And inside here if I try to put 192 one 6810 dot five and let’s try to add record.
You see the record answer is invalid. So I hope you understood that every record type has a specific format in the answer section which has to be filled. So in quartera the only thing that you can put is the IPV six address. And I’ll click on Add record. And here you see it has taken the record type. Now if you do NS lookup, let me clear the screen, nslookup on address kplabs in, it has responded back with the IP address which we had put in the DNS records. Similarly, if you do NS lookup on IPV six dot kplabs dot in. Now it has given us the IPV six address. So this is as far as the Nslookup goes. Now, there are websites where you can have IPV four and IPV six as well.
So this is one of the example that I wanted to show you. Let me just clear the screen and run this example again. So if you do a dig on IPV six ready, what it will show you is that you have a question section over here and you have an answer section in the answer section, if you will see, it has responded back with the IPV four address. However, if I put that quadruple A over here, this time it has responded back with the IPV six address. So when you run a dig, so this is the dig followed by the Novain name. And then you can specify the DNS record type.
So when you specify record type as a record, a record means IPV four. It will respond back with the IPV four address if associated. And if you put quadruple A over here, it will send a query asking for a quarter A record type, which is here. So let me try over here as well. So if you do a Nslookup on IPV six ready in this case, in the case of Nslookup, this website has both IPV four and IPV six address. And in the earlier column it is showing the IPV six address and then it is showing the IPV four address. Now, if you look into the wireshack packet capture, let me just start this fireshack packet capture again and let me run this specific query. Okay, I’ll stop it. Now, what the NH lookup has done is in the first query, it has sent the query for a record. If you will see over here, it has sent a query for a record for IPV 680. Org and it got a response back. And automatically after the response, it sent one more query for quadruple A record you’ll see over here. And then it got a response back as well. So when you do an NS lookup over here, NS lookup by default will do two type of queries. One for a record and second for quadruple a record. And the answer, the response that it gets back, it will show you in a nice little screen. So this is it about this lecture, I hope you understood the basic about a record and quadruple a record. And again, I would really encourage you to practice these things once because this is something that will give you a real world scenario and whenever you are working in production environment, you will need to do these things. Definitely. I’m 100% sure.
5. Introduction to Route53
Hey everyone and welcome back. So in the past few lectures we were looking into the basics of DNS and DNS records. However, during that time primarily we were having demo related to managing the DNS records on other providers like Name. So in today’s lecture, we will be speaking about Route 53 which is basically DNS service which AWS provides very similar to Name. com in certain aspects. And finally we can get started with the practical sections as well. So before we understand it, let’s understand the two approach of managing the DNS name servers which is managed and unmanaged. What happens in unmanaged is that you can have your own DNS name servers and then you can create your own zone files manually with the help of the software’s like Named which will help you do that. So everything you do it manually. So you don’t really have that GUI.
Nice little GUI you work based on terminals. We have already seen certain examples of this. This is a very good approach as far as learning is concerned. But if your primary work is not managing the DNS, then this is not a very ideal approach on a longer term. So this is the reason why managed approach is good, where you let the service providers manage the DNS name service for you and you can do everything via GUI based. So you don’t really have to worry about the downtime or DNS is working slow and all those aspects. So managed approach is quite good.
And this is something that we will be looking into right now. We also have a course coming up on having our entire DNS server unmanaged. So, entire course on DNS is coming up. So I’m pretty excited. Anyways, so coming back to Route 53 where AWS route 53 is a managed cloud DNS service offered by AWS. So, apart from standard DNS functionality, which a service provider might offer, like Name, where you can create a record based on A or C name, et cetera, et cetera, via GUI, Route 53 goes a little apart from that. It provides much more better functionality, which really is helpful, like launching of private hosted zones. It supports health checks and monitoring, it supports routing capabilities, geod DNS failovers and many, many more functionalities. I’m sure you love this once we go ahead and understand about these aspects. But since today is the introductory lecture, we’ll have a high level overview. So I’m logged into AWS and I went to the Route 53 service.
So Route 53, if you’ll see it, is a global service and is not limited to a specific region. So there are a lot of features which Route 53 offer other than standard DNS management. It supports traffic management, health checks and monitoring. You can even register your own domain in Route 53. So let’s start with DNS management. This is something where we will be focusing more on, where the first thing, the first thing that you do in a DNS is you create your own zone. And this is something that we will be doing. I’ll be creating a hosted zone over here. So let’s click on Create hosted zone. The domain name, I’ll put it as Kplabs internal and I’ll say this as internal zone. Now in the type field it is asking whether it has to be public or it needs to be private. So public is something like KPL has gotten where entire internet can access. However, if you want certain DNS to be working only in your internal or in your organizational environment, then public is not the right choice. Then you have to set out a private hosted zone. So you have to select a private hosted zone for Amazon VPC.
And once you do that, you have to give a VPC ID over here. So what we’ll do is we have an easy to instance running in Oregon region and let’s find out the VPC ID. So VPC ID ends with Phi EDA in Oregon. So let’s select Oregon. And this is our VPC, which is KP Labs Hyphen New. And I’ll click on Create. So what will happen is this zone will get attached to this specific VPC. So all the instances which are running in the VPC will be able to query the DNS records which are part of this specific hosted zone. So this is it. About this lecture. Go ahead and create a private hosted zone. In the next lecture we will be looking into various aspects on how we can resolve the entries which are present in this specific private hosted zone. This is it. About this lecture. I hope this has been informative for you and I look forward to seeing you in the next lecture.
6. Integrating Route53 with VPC
Hey everyone and welcome back. Now in the earlier lecture we had created a private hosted zone in AWS Route 53 and we had attached it to a VPC on which this EC two instance is running. Now since this is a private hosted zones, the entries which we create in this specific zone, the entries will only be resolved for the instances within the VPC. So anyone who is outside of the VPC by default will not be able to resolve these specific entries. So there is one important thing that we have to do. So if you just click over here, there is an important section where it says to use private hosted zones you must set the following VPC settings to be true which is enable DNS host names and enable DNS support. So if these settings are false, then you will not be able to resolve the entries which are part of this private hosted zone. So let’s do one thing. Let’s go to the VPC and we’ll make sure that our configuration are true for both of these parameters.
So just select the VPC where your instance is. In my case, it is KP labs Hyphen, new VPC. And there are two important parameters. One is the Edit DNS resolution and Edit DNS host names. So click on this, make sure the Edit DNS resolution is yes. Click on Save and make sure that your DNS hostnames is also yes. By default, it becomes no. So make sure this is also yes. So once you have ensured that this is working perfectly, now we can go ahead and log into the EC to instance. So this is my EC two instance which is part of the VPC and this EC two instance is something which will be using for resolving the records in the private hostel zone. Perfect. So let’s click here and let’s create our first record set. So I’ll say it as let’s say private KP lapse internal. And in the value set let’s give 100 510.
Okay? You can leave these things as default. Now what has happened is that your record which is of type A is created with this specific value. Now, route 53 is very similar to other DNS providers as far as the basic DNS records are concerned. So within the type you see, there are various types like a record, C name. It also gives you a nice little description. Like this is for IPV four address. When you talk about quadruple A, you have for IPV six address, you have text records, pointers so and many others so very similar. So you can go ahead and do the testing that we have been doing in the earlier lectures once our route 53 is created. So let’s do one thing. Let’s test this out and verify whether we are able to resolve this specific entry from our EC to instance.
So I’ll click on Nslookup. It’s a private Kplabs internal. And here you see I am able to resolve this specific entry. Now, let’s do one thing. Let me try to resolve this entry from my laptop directly.
So now if I put private Kplabs internal, we’ll see if we are able to resolve and you see we are actually not able to resolve this specific DNS entry. The reason why is because this is part of the private hosted zones. So this is it. About this lecture. Go ahead and enable the DNS support for VPC, create a record set and make sure that you are able to resolve the entries from your EC to instances. This is it. About this lecture. I hope this has been informative for you and I look forward to seeing you in the next lecture.
Interesting posts
The Growing Demand for IT Certifications in the Fintech Industry
The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »
CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared
In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »
The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?
If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »
SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification
As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »
CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?
The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »
Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?
The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »