Saturday, January 16, 2021

AWS - Configure Route 53 (VPC, Subnet, A record, PTR record, CNAME)

Lab -> DNS - Route 53

Private Hosted Zone

Create a VPC

1. Go to AWS console and search for VPC

2. On VPC dashboard, click on create VPC

3. On create VPC page, Name your vpc and specify the IP subnet

     Name: DC_VPC 

     IPv4 Block:

4. Click Yes, Create.

Now, we have to create subnet

5. Click on Create subnet

6. Specify subnet info (Tag) such as

    name: DC_Pub_VPC

    Specify your VPC from dropdown: DC_VPC

    Specify availibity zone: 

    IPv$ CIDR block:

7, Now click on Yes create

Since we need to connect to internet, we need to create an Internet Gateway,

8. Click on Inernet Gateway and click on Create internet Gateway

9. Tag your IGW

     Name Tag: DC_IGW

10. Click on Yes, create

OK, Now we just created IGW. We have to associate IGW to VPC.

11. Click on Attach to VPC

12. Select your IGW and click on Yes Attach,

13. Now, click on Route Tables on VPC Dashboard

14. R Click on your Route table and rename to DC_Public_route

15. Click on select the routable and click on Edit

16. Click on Add another route

17. Add default route in DC_public_route table and select target as "IGW-*".

18. Now, click on Save.

19. Click on Subnet association tab, and click on Edit 

20. Select DC_public_subnet check box and click save

Now, create another instance. 

- Go to EC2 dashboard and follow standard procedure to create new instance,

- Select  Amazon Linux AMI or any linux flavor of your choice and click next

- Select General Purpose - T2.micro free tier and click next

- On configure instance page, select your VPC

   Network: DC_VPC

   Subnet: DC_Public_subnet

   Auto Assign Public IP: Enable

- Click next and next Add Tag: Name: Web Server

- On Security Group page, select create new security group

   Security Group Name: DC_Pub_Sec_Group

   Description: Public Security Group

- Click on Review and Launch and finally click on Launch,

- On Key pair page, either create a new one or use an existing key pair.

- Click Launch instance

Now, We will launch an Windows instance

- Click on Launch instance

- Select free tier Windows server 2016 base

- t2. Micro and click next. 

- Select Network: DC_VPC

  Subnet: DC_Public_Subnet

  Auto-assign Public IP: Enable and click Next

- Click next on Storage page

- Add tag  Name: Windows Server 2016 and click Next

- On Security Group Page, select new security group 

   security Group Name: DC_Pub_sec_group_Win

   Description: Windows security Group

- Click Next and click on Review and Launch,

- Use existing key or create a new key and click on Launch instances.

Now, Go to EC2 Dash Board and click on Your Linux instance

- Get the IP of the instance and login using putty. and type sudo -i at the prompt to become root

Now, we will install web server

# yum install httpd

# systemctl start httpd

# systemctl enable httpd

Now, using your windows machine, try to access web site. But you can't. The reason is that 

firewall (Security Group is blocking the access.

To enable the access, click on your linux instance and click on security group -> inbound

- Click on Edit and click on add the entry

   http 80 custom

and click save

Now, refresh the browser on your windows machine, you should be able to open it.

Now, fun part begins. We will be connecting the web server using fully qualified domain name

using windows machine. We will configure Route 53. 

Now, there are certain tasks we have to confgure.

Go to VPC dashboard,

- Select your VPC and Edit DNS Resolution

- It is selected to Yes and click on Save


R click on your VPC and click on Edit DNS Hostnames

- It is selected Yes and click Save

Now, Go to AWS Dash Board, and look for Route 53 under Networking and ocntent Delivery

- Click on DNS Management

- Click on Hosted Zone

- Click on Create Hosted Zone


  Comment: DNS testing

  Type: Private Hosted Zone for AWS VPC

  VPC IP: Northern VA

- Now, Click on Create

- In server, we have NS record and SOA record

- Select NS line and click on Create Record Set

on Right side, add the following


   Type: A - IPv$ address

    Value: ( 

    Route Policy: Simple

- Click on create

We successfully created A record for

Now try to load this page from microsoft 2016 server browser. 

You should have access

No comments:

Post a Comment