Amazon AWS Certified Advanced Networking Specialty – Advanced Route53 Configurations Part 3
7. CNAME and Alias Record
Hey everyone, and welcome back. So we were looking into the Route 53 section and we explored the basic on how we can create a Route 53 zone as well as how we can integrate Route 53 with the VPC. So today we will be speaking about CNAME records. We already looked into a record as well, the quarterle A record. So generally there are various types of records which are available. We’ll be looking into some of them. Mostly the AC name. MX Quarterle, TXT NS. And so these are the primary records that you might find to be useful in your production environment.
So let’s do one thing. Let’s create a record. I’ll call it as CNAME Kplabs internal and I’ll select a canonical name over here. So what really happens within the canonical name is that instead of providing the IP address within the value field, which is something that we used to do in a record in the CNAME, we put a canonical name or an alias of some different domain name. So in the description itself, you have within the value description, you see, AWS Route 53 has given you a small description which basically states the value contains the domain name that you want to resolve to instead of value in the name field.
So whenever someone types CNAME Kplabs Internal, it will automatically be resolved to the IP address of the domain that we specify in this value field. Let me show you how that would work. Let’s put as zeelvora. com and let me click on create. So now we have a CNAME Kplabs internal, which is of type CNAME and the value is Ilvura. com. So now whenever someone does a dig or someone opens up CNAME Kplabs internal, what will happen is DNS will send the query first to this specific record. Then it will find that it is an alias to Zillivora. com. Then a second query will be sent to Zilver. com and the IP address that it receives from Zillivore. com, this is the IP address to which the request will be made. We’ll be looking into that as well. Now, one important thing I would like to show you is that CNNs sometimes become mandatory when you’re using various AWS services. For example, cloud front or s three buckets or even load balancer.
So I’ll give you one of the examples this you will really face when you’re working as a solutions architect, because load balancer is something that you will find in most of the organization. And whenever you create a load balancer, the load balancer will get the DNS name. Now let’s resolve this specific DNS name. Let’s do a NS lookup on this DNS name and you will get the IP address over here. Now, one of the caveats with the load balancer is that this IP address keeps on changing at a regular interval and you never know when it will change next. And this is the reason why you cannot really associate an A record with the IP address of an ELB.
So let me give you an example. Let’s create a ELB Kplabs internal. Now, the problem or the challenge is how will you associate it with the ELB? You cannot put a record. You can even put a record like you got the answer over here. You can copy and you can paste it over here. But the challenge is after a few hours if this IP changes, then all the requests to this specific DNS record will start to fail. And this is the reason why Amazon recommends us to have an alias to this specific ELB. So let’s do one thing. This time I’ll put a CNAME and I’ll refer the CNAME to the name or the domain of the ELB and I’ll click on Save. And now you see we got a genuine use case. So whenever you want to direct a sub domain to a cloud front distribution or s three bucket or ELV where things works based on DNS name, this is where the CNAME really comes into the picture anyways. So let’s do one thing. Let’s try and resolve. CNAME Kplabs internal. So I’ll do a dig on CNAME Kplabs internal. So in the answer section you will see there are two answers which are received. The first answer is that CNAME Kplabs Internal is of type CNAME and it is directed to Zilvura. com. This is the first answer. Now, as soon as the DNS server receives it, it automatically sends the second DNS request to Zelvora. com.
So this is a request to Zilvara. com and it gets the IP address associated with Zilvora. com over here. And then once it gets the IP address, your browser will send requests to this specific IP address. Similar goes with ELP also. So let’s try to do ans lookup. Or you can do ELP Kplabs Internal. You get a similar answer. You see, you send a request to ELB Kplabs internal, it is a CNAME to Elbdns. Then you send a request to the ELB DNS and you get the IP address associated with the DNS of the ELB. Perfect. So this is the basic about DNS. I wanted to show you one interesting thing because this is something which will be helpful in production. So let’s assume that I have a website called Kplabs Internal and I want to direct all the requests which comes to Kplabs internal to a ELB. So definitely a first thought will come. Okay, CNAME will work over here. So let’s try to do a CNAME. I’ll click on Create and now you see it is giving you an error saying that the record set of CNAME with DNS name of Kplabs internal is not permitted at an Apex in zone. So this zone is of type Kplabs internal.
So this is the Apex domain. And for Apex domain you cannot have a CNAME record directly. So this is one of the challenges. We’ll be discussing more about this when we look into the RFC part of C names. But in order to solve this, what you can do is let’s solve this specific use case, because this use case will definitely come while you are working as a solutions architect. So what you do here is you select a record and after that, you select an alias. Okay? Now, alias is a special feature which route 53 provides specifically for this kind of a use case where you cannot create a CNAME for your Apex domain. So now, in the alias, you put the name of the load balancer. Let me just quickly verify. You put the name of the load balancer and you click on Create.
And now, if you will see, it will work perfectly. So this is the basic about CNN and alias. Just remember for exam perspective as well that CNAME works perfectly as far as the sub domains are concerned. But when you talk about the Apex domain, you cannot have a CNAME for Apex domain because it creates a lot of issues. So in order to solve that, if you want to have a CNAME like functionality for the Apex domain, you create an A record with the alias selected and the overall functionality will be something very similar. So this is it about this lecture. I hope this has been informative for you, and I look forward to seeing you in the next lecture.
8. DNS Records – Mail Exchange
Hey everyone, and welcome back. So it’s around 10:00 in the night, and you might hear some whistling sounds in between. So my neighbor is actually making panipuri, and I’m pretty excited, so I’ll just complete the video fast so that I can have it. Anyways, so coming back to the topic, today we’ll be speaking about MX record. So let me show you. So when you go into create records, you select MX. So MX stands for Mail Exchange, and these records are specifically important when you are having a mail or you’re dealing with mail server. So, for example, at the end of videos, I generally say, if you have any doubts, connect us at instructors at the rate Kplabs in. So what really happens when you send a mail to instructors at the rate kpaps in is something that we’ll be looking into. So let me show you. In my Kplabs in domain, I have few MX records which are configured. So you see, I have around five MX records which are configured for Google. com. The reason why is because I’m using Gmail for work. So let me show you gmail for work. I think it is what that is called. Yeah, Gmail for business. So you pay a certain amount, and you can have your own domain linked with Gmail. So I’m using that, and this is the reason why in the answer field, I have put the mail service of the Gmail. So whenever you send an email, your email provider will look into the MX record of the destination domain. So in my case, the MX records are these. And then the mail that has been sent will be sent to one of the mail servers which is specified in this domain. Now, one interesting thing that you would find, let me show you that when you do a dig Kplabs in on MX, you get that there are five records.
So these five records are something that we already looked. However, along with these records, you see there is a number which is associated. So you have ten, one, five, five, again, ten. So these numbers are basically the priority. So the sending email will look into the mail servers first. Then it will look into which mail server has the highest priority. So lower the number, the higher the priority. So in this case, the lowest number is one. That means this particular mail server has the highest priority. In case that this mail server cannot be contacted, then the second mail server with good priority will be contacted. So we have two mail servos with the priority of five.
So this is how things would really work. So whenever you purchase an email address for your domain, the next thing that you will be asked is that you will be asked to put a MX record in your DNS. And once you put your MX record along with the priority, so this priority is something which your mail provider will give you. Once you do that, then your email will start to work. So let me show you. So if you type MX mail exchange, what you see in the example format. So the first is the priority, and second is the mail server hostname. They have also given the example where first you put the priority. In this case it is ten. And then you put the MX record, which is mail server dot example. com. In the second line you have 20, then mail server two dot example. com. So this is how it really works. So I hope you understood the basics about male exchange based records in DNS and also the priority related aspect. This is it. About this lecture. I hope this has been informative for you, and I look forward to seeing you in the next lecture.
9. DNS Records – TXT records
Hey everyone and welcome back. So, continuing a journey with understanding various types of DNS record. Today we will be looking into TXT record which is also called as text records. So I explained you this in form of a very simple use case which happens. So let’s assume I want to sell a specific domain. Let’s assume my I want to sell a domain called as kplabs in. Now I go to a forum and I say that I want to sell this specific domain and the price is X.
Now, the question is how can the people under the forum know that I am actually the owner of a specific domain? So one of the ways in which this is generally used to verify is that what you do, you create a sub domain, let’s say verify. You can put any name over here, you can select Text and in this you can say this is my domain and I intend to sell it. I’ll put my forum username, let’s assume my forum username is Zeld Vora and I’ll put here and I’ll also put a forum name, let’s say Digital point and I’ll click on Create. So now what happens is there is a text record which is created for this specific name. Now, if anyone wants to verify whether this domain actually belongs to you, only you can ask them to do a dig on this specific subdomain, and then they will be able to see the value associated with say, this is my domain and I intend to sell it.
Followed by the username of the forum where you are selling and also the forum name. So this is a very nice little way of verifying if the domain belongs to you. And for many of the services they will ask you to verify whether the domain belongs to you by giving you some kind of data which they’ll tell to fill it as the text record in part of a DNS. So if you are able to do that, they will verify if you have really put. And once they verify, they’ll know that this domain belongs to you. So this is it about TXT record, very simple record. And it is only generally used for storing some kind of a text related file within this specific DNS record set. So I hope this basic TXT record has been understood by you. This is something that you will not be using very extensively, maybe once a year while you are setting up certain things like a mail server. But other than that, this record is something that you will be using very sparingly. So I hope this has been useful for you and I look forward to seeing you in the next lecture.
Interesting posts
The Growing Demand for IT Certifications in the Fintech Industry
The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »
CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared
In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »
The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?
If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »
SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification
As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »
CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?
The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »
Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?
The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »