I was previously running my own DNS servers and operating my own custom DNS failover solution. I decided to make a switch to Amazon’s AWS Route 53 service, in hopes to provide better network reliability. Let me tell you, Route 53 is awesome. Completely worth it. Improved network reliability and faster DNS lookups.
The first thing I wanted to do was to setup my “primary domain”, which would also be configured with nameservers (as subdomains) to used by any additional sites in my “network”. That way, each additional domain in my network can be configured to use the same nameservers. It’s just easier for organization and consistency. Plus, I like to have multiple “networks”, each network consisting of relative subsites.
I think, no big deal… Right? AWS Route 53 has a nice web GUI to manage DNS records. I just create a new “hosted zone”, for my “primary domain”. Start configuring all the necessary DNS records.
Once everything was completed, I began to setup a hosted zone for each individual sub site in my network, using the subdomain based nameservers specified in my primary domain’s DNS records.
After creating the hosted zones, and configuring all the DNS records for the primary domain and all subsites in my network, I came to realize that the only site which was resolving properly was the primary site. None of the other sites in my network were resolving. I began to scratch my head, thinking “What did I do wrong?”. Surely, I thought I had done everything perfectly. That’s when I decided to look into the documentation for AWS Route 53.
I found this article “Configuring White Label Name Servers“.
AWS Documentation » Amazon Route 53 » Developer Guide » Configuring DNS to Route Traffic » Working with Public Hosted Zones » Configuring White Label Name Servers
I quickly breezed through the documentation, thinking… I did everything 100% correctly according to this article. Why is it not working? Well, I should have slowed down just a TAD and actually read it carefully from top to bottom.
Turns out, that if you create a new “Hosted Zone” through the AWS Route 53 web GUI, it assigns a different “delegation set” (a/k/a — Different nameservers) for EACH HOSTED ZONE. A/K/A the custom nameservers configured in the primary domain’s record sets are as good as useless for the rest of the sites in my network.
The only way you can have custom nameservers with AWS Route 53 is by using the AWS CLI or other methods described below.
White Label Nameservers With AWS Route 53 Hosted Zones
Create an Amazon Route 53 reusable delegation set by using: the Amazon Route 53 API, the AWS CLI, or one of the AWS SDKs.
To elaborate on this a bit more. You cannot create your hosted zones through the AWS Route 53 web GUI if you want to use custom nameservers. You MUST use one of the methods described above. I personally chose to use the AWS CLI.
I totally missed that the first time through. Which lead me to find out more about the AWS CLI. I downloaded the program, and ran the installer. Then, when I opened the AWS CLI program, it would just instantly close itself on my Windows 10 computer. I came to find out that, the AWS CLI integrates itself into the Windows command prompt program. You need to open
cmd.exe (not the AWS CLI program itself).
Before you can begin using the AWS CLI, you need to configure it to use your Amazon account. To do this, you need to first make sure you already have an Amazon AWS account. Then, visit this article “Getting Set Up with the AWS Command Line Interface“. Once you’ve setup an IAM user and set appropriate permissions (I just searched for “route53” in the permissions area and applied all permissions related to AWS Route 53.).
Once you’ve got your IAM user setup and configured, now you need to input the information into the
cmd.exe. Read this article “Configuring the AWS Command Line Interface“.
Once you have the AWS CLI configured to connect to your Amazon account, through
cmd.exe, NOW you can start to configure your domains properly using a syntax like:
aws <service> <command>
How to Set Custom Nameservers With AWS Route 53.
- Step 1 – Start over. Delete all of your hosted zones. I found it pretty easy to just login through the AWS Route 53 website and use the web GUI to quickly bomb everything.
- Step 2 – Create the reusable delegation set.
cmd.exetype:MS DOS1aws route53 create-reusable-delegation-set --caller-reference <caller-reference>
- The caller reference is like a comment (I think) to refer to this group of nameservers.
- A reusable delegation set is like a group of the same nameservers.Step 3 – Take note of the delegation set ID and nameservers.
- Step 4 – Create a hosted zone for the “primary domain”, using the delegetion set ID you just took note of.
cmd.exetype:MS DOS1aws route53 create-hosted-zone --delegation-set-id /delegationset/<DELEGATION SET ID HERE> --name <domain-here-example.com> --caller-reference <caller-refernce>
- Again, the caller reference is a way to refer to this specific hosted zone.
- Step 5 – Follow this article (Configuring White Label Name Servers), in setting up your custom nameservers in your record sets for the primary domain. Use the nameservers you took note on in Step 3.
- Step 6 – Repeat Step 4 for each additional site in your network. Make sure you specify a unique caller-set for each hosted zone.
Make sure you make necessary hostname/nameserver adjustments @ primary domain’s registrar, and also for each additional site in your network. I’m not super technically DNS savvy, but I think that’s referred to as “glue records”.
That about wraps it up. If anything was confusing, let me know and I’ll try to clarify things. I wish I had an article to read which walked me through everything step by step. This process was quite the headache for me to figure it out. I hope this saves someone else from headache trauma.
This is kind of how I felt trying to set custom nameservers with AWS Route 53.