Amazon AWS Route 53 and Custom Nameservers

Amazon AWS Route 53 and Custom Nameservers

I was previously running my own DNS servers and operating my own custom DNS failover solution, before deciding to switch to Amazon’s AWS Route 53 service, in hopes to provide better network reliability.  Let me tell you, this service is awesome. Completely worth it. Improved network reliability and faster DNS lookups.

The first thing I wanted to do was to setup my “primary domain” which would also be configured with the nameservers (as subdomains) to used by any additional sites in my “network”. That way, each additional domain in my network can be configured to use the same nameservers. It’s just easier for organization and consistency. Plus, I like to have multiple “networks” which have a relative purpose.

So I think, no big deal… Right? AWS Route 53 has a nice web GUI to manage your DNS records. I just create a new “hosted zone”, for my “primary domain”. Start configuring all the necessary DNS records. Once everything was completed, I began to setup a hosted zone for each individual sub site in my network, using the subdomain based nameservers specified in my primary domain.

After creating the hosted zones, and configuring all the DNS records for the primary domain and all subsites in my network, I came to realize that the only site which was resolving properly was the primary site. None of the other sites in my network were resolving. I began to scratch my head, thinking “What did I do wrong?”. Surely, I thought I had done everything perfectly. That’s when I decided to look into the documentation for AWS Route 53.

I found this article “Configuring White Label Name Servers“. (Pretty deep into the documentation by the way.)

AWS Documentation » Amazon Route 53 » Developer Guide » Configuring DNS to Route Traffic » Working with Public Hosted Zones » Configuring White Label Name Servers

I quickly breezed through the documentation, thinking… I did everything 100% correctly according to this article. Why is it not working? Well, I should have slowed down just a tad and actually read it carefully from top to bottom.

Turns out, that if you create a new “Hosted Zone” through the AWS Route 53 web GUI, it assigns a different “delegation set” (a/k/a — Different nameservers) for EACH HOSTED ZONE. A/K/A AGAIN the custom nameservers configured in the primary domain’s record sets are useless.

The only way you can have custom nameservers with AWS Route 53 is by using the AWS CLI or other methods described below.

To configure white label name servers for your Amazon Route 53 hosted zones

Create an Amazon Route 53 reusable delegation set by using the Amazon Route 53 API, the AWS CLI, or one of the AWS SDKs.

I totally missed that the first time through. Which lead me to find out more about the AWS CLI. I downloaded the program, and ran the installer. Then, when I opened the AWS CLI program, it would just instantly close itself on my Windows 10 computer. I came to find out that, the AWS CLI integrates itself into the Windows command prompt program.

You need to open cmd.exe. But before you can begin using the AWS CLI, you need to configure it to use your Amazon account. To do this, you need to first make sure you already have an Amazon AWS account. Then, visit this article "Getting Set Up with the AWS Command Line Interface". Once you've setup an IAM user and set appropriate permissions (I just searched for "route53" in the permissions area and applied all permissions related to AWS Route 53.).

Once you’ve got your IAM user setup and configured, now you need to input the information into the cmd.exe. Read this article “Configuring the AWS Command Line Interface“.

NOW, FINALLY… Time to get to all the good stuff. Actually properly configuring custom nameservers with AWS Route 53.

So once you have the AWS CLI configured to connect to your Amazon account, through cmd.exe, NOW you can start to configure your domains properly using a syntax like: aws <service> <command>


Step 1 – Start over. Delete all hosted zones.

Step 2 – Create the reusable delegation set. In cmd.exe type aws route53 create-reusable-delegation-set --caller-reference <caller-reference>

  • The caller reference is like a comment (i think) to refer to this group of nameservers.
  • A reusable delegation set is like a group of the same nameservers.

Step 3 – Take note of the delegation set ID and nameservers.

Step 4 – Create a hosted zone for the “primary domain”, using the delegetion set ID you just took note of. aws route53 create-hosted-zone --delegation-set-id /delegationset/<DELEGATION SET ID HERE> --name <domain-here-example.com> --caller-reference <caller-refernce>

  • Again, the caller reference is a way to refer to this specific hosted zone.

Step 5 – Follow this article (Configuring White Label Name Servers), in setting up your custom nameservers in your record sets for the primary domain. Use the nameservers you took note on in Step 3.

Step 6 – Repeat Step 4 for each additional site in your network. Make sure you specify a unique caller-set for each hosted zone.


 

Of course make sure you make necessary hostname/nameserver adjustments @ primary domain’s registrar, and also for each additional site in your network. I’m not super technically DNS savvy, but I think that’s referred to as “glue records”.

That about wraps it up. If anything was confusing, let me know and I’ll try to clarify things. I wish I had an article to read which walked me through everything step by step. This process was quite the headache for me to figure it out. I hope this saves someone else from headache trauma.