Domain Name System (DNS) is a standard by which names used on the internet are resolved to their corresponding IP addresses. A DNS hostname is a name that uniquely and absolutely names a computer; it’s composed of a host name and a domain name. DNS servers resolve DNS hostnames to their corresponding IP addresses.
Public IPv4 addresses enable communication over the internet, while private IPv4 addresses enable communication within the network of the instance. Amazon provides a DNS also called as (amazon route 53 resolver) server for your VPC.
Amazon DNS server
The Route 53 Resolver (also called “Amazon DNS server” or “AmazonProvidedDNS”) is a DNS Resolver service which is built into each Availability Zone in an AWS Region. The Route 53 Resolver is located at 169.254.169.253
(IPv4), fd00:ec2::253
(IPv6), and at the primary private IPV4 CIDR range provisioned to your VPC plus two. For example, if you have a VPC with an IPv4 CIDR of 10.0.0.0/16
and an IPv6 CIDR of fd00:ec2::253
, you can reach the Route 53 Resolver at 169.254.169.253
(IPv4), fd00:ec2::253
(IPv6), or 10.0.0.2
(IPv4).
When you launch an instance into a VPC, we provide the instance with a private DNS hostname. We also provide a public DNS hostname if the instance is configured with a public IPv4 address and the VPC DNS attributes are enabled.
The Amazon DNS server in your VPC is used to resolve the DNS domain names that you specify in a private hosted zone in Route 53. Scroll down to Learn More about Private Hosted Zone
DNS hostnames
When you launch an instance, it always receives a private IPv4 address and a private DNS hostname that corresponds to its private IPv4 address. If your instance has a public IPv4 address, the DNS attributes for its VPC determines whether it receives a public DNS hostname that corresponds to the public IPv4 address.
With the Amazon provided DNS server enabled, DNS hostnames are assigned and resolved as follows.
Private IP DNS name (IPv4 only)
You can use the Private IP DNS name (IPv4 only) hostname for communication between instances in the same VPC. You can resolve the Private IP DNS name (IPv4 only) hostnames of other instances in other VPCs as long as the instances are in the same AWS Region and the hostname of the other instance is in the private address space range defined by RFC 1918. 10.0.0.0 - 10.255.255.255 (10/8 prefix)
, 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
, and 192.168.0.0 - 192.168.255.255 (192.168/16 prefix
.
Public IPv4 DNS
The Amazon DNS server resolves a public DNS hostname to the public IPv4 address of the instance outside the network of the instance, and to the private IPv4 address of the instance from within the network of the instance.
A public (external) IPv4 DNS hostname takes the form ec2-
for the public-ipv4-address
.compute-1.amazonaws.comus-east-1
Region, and ec2-
for other Regions. public-ipv4-address
.region
.compute.amazonaws.com
DNS attributes in your VPC
The following VPC attributes determine the DNS support provided for your VPC. If both attributes are enabled, an instance launched into the VPC receives a public DNS hostname if it is assigned a public IPv4 address or an Elastic IP address at creation. If you enable both attributes for a VPC that didn’t previously have them both enabled, instances that were already launched into that VPC receive public DNS hostnames if they have a public IPv4 address or an Elastic IP address.
Attribute | Description | |
enableDnsHostnames | Determines whether the VPC supports assigning public DNS hostnames to instances with public IP addresses.The default for this attribute is false unless the VPC is a default VPC. | |
enableDnsSupport | Determines whether the VPC supports DNS resolution through the Amazon provided DNS server. If this attribute is true , queries to the Amazon provided DNS server succeed. |
Private hosted zones
To access the resources in your VPC using custom DNS domain names, such as example.com
, instead of using private IPv4 addresses or AWS-provided private DNS hostnames, you can create a private hosted zone in Route 53. A private hosted zone is a container that holds information about how you want to route traffic for a domain and its subdomains within one or more VPCs without exposing your resources to the internet
You can then create Route 53 resource record sets, which determine how Route 53 responds to queries for your domain and subdomains.
For example, if you want browser requests for example.com to be routed to a web server in your VPC, you’ll create an A record in your private hosted zone and specify the IP address of that web server.
To access resources using custom DNS domain names, you must be connected to an instance within your VPC. From your instance, you can test that your resource in your private hosted zone is accessible from its custom DNS name by using the ping
command; for example, ping mywebserver.example.com
. (You must ensure that your instance’s security group rules allow inbound ICMP traffic for the ping
command to work.)
Click Here to Know More about the Private Hosted Zones