How do I check if resource record sets in my Route 53 public hosted zone are accessible from the internet?

Lesedauer: 3 Minute
0

I created a public hosted zone in Amazon Route 53 and added resource record sets in it. How do I verify that my resource record sets are reachable from the internet?

Short description

Check whether your resource record sets are accessible from the internet using one of the following methods:

  • The Route 53 checking tool
  • The dig tool (for Linux, Unix, or Mac)
  • The nslookup tool (for Windows)

Note: The steps in this article verify that the public hosted zone is created successfully and accessible. If you want your entire domain resolvable, then verify the following:

Resolution

Method 1: Use the Route 53 checking tool

Use the Route 53 checking tool to see how Route 53 responds to DNS queries.

Method 2: Use the dig tool (for Linux, Unix, or Mac)

1.    Find the four authoritative name servers for your public hosted zone.

2.    In your resource record set’s configuration, find the associated domain name (Name), record type (Type), and value (Value).

3.    Query one of the authoritative name servers. In your command line argument, specify the authoritative name server and the resource record set's domain name and record type. For example:

$ dig @ns-###.awsdns-##.com  mailserver1.example.com  MX
$ dig @ns-###.awsdns-##.com  _text_.example.com  TXT
$ dig @ns-###.awsdns-##.com  cname.example.com  CNAME
$ dig @ns-###.awsdns-##.com  subdomain.example.com  NS
$ dig @ns-###.awsdns-##.com  www.example.com  A

Note: The syntax for dig varies between Linux distributions. Use man dig to find the correct syntax for your particular distribution.

4.    Review the output and verify that the ANSWER SECTION matches your resource record set.

For example, if:

  • Record name = mailserver1.example.com
  • Type = MX
  • Value = inbound-smtp.mailserver1.example.com

then the correct dig output is:

;; ANSWER SECTION:
MAILSERVER1.EXAMPLE.COM    300    IN    MX    10    inbound-smtp.mailserver1.example.com.

Method 3: Use the nslookup tool (for Windows)

1.    Open the Windows Command Prompt.

2.    Run the following command: nslookup. The output looks similar to this:

C:\Users\Administrator>nslookup
Default Server: ip-172-31-0-2.ap-southeast-2.compute.internal
Address: 172.31.0.2

3.    Specify the resource record set type using set type=A:
Note: You can also add any other required resource record type.

set type=A

4.    Specify one of the Route 53 name servers (NS) from the hosted zone (HZ) to query. In this example, enter server ns-1276.awsdns-31.org. The output looks similar to this:

server ns-1276.awsdns-31.org
Default Server: ns-1276.awsdns-31.org
Addresses: 2600:9000:5304:fc00::1
205.251.196.252

5.    Enter the record to query. For example, "aws.amazondomains.com". The query is done against the server specified earlier:

aws.amazondomains.com
Server: ns-1276.awsdns-31.org
Addresses: 2600:9000:5304:fc00::1
205.251.196.252

6.    The response is returned by the Route 53 NS:

Name: aws.amazondomains.com
Address: 1.1.1.1

Related information

Checking DNS responses from Route 53

AWS OFFICIAL
AWS OFFICIALAktualisiert vor einem Jahr
Keine Kommentare