How can I configure DNS failover using Amazon Route 53 health checks?

You can use Route 53 to check the health of your resources and only return healthy resources in response to DNS queries. There are three types of DNS failover configurations:

  1. Active-passive: Route 53 actively returns a primary resource. In case of failure, Route 53 returns the backup resource. Configured using a failover policy.
  2. Active-active: Route 53 actively returns more than one resource. In case of failure, Route 53 fails back to the healthy resource. Configured using any routing policy besides failover.
  3. Combination: Multiple routing policies (such as latency-based, weighted, etc.) are combined into a tree to configure more complex DNS failover.

Active-passive failover

Active-passive DNS failover is the simplest method that uses one primary and one secondary resource.

Note: Make sure to create a Route 53 health check for your primary resource before proceeding.

Create two resource records for your primary and secondary resources using the values for failover alias records. For each record, do the following:  

  1. Enter a Name for your resource (such as resource.example.com).
    Note: Use the same name for both resources.
  2. For Type select A – IPv4 address.
  3. For Alias choose Yes. For Alias Target enter the DNS name of your primary resource. The Alias Hosted Zone ID then appears.
  4. For Routing Policy select Failover.
    For your primary record choose Primary for Failover Record Type. Enter a unique name (such as elb-Primary) for Set ID.
    For your secondary record choose Secondary for Failover Record Type. Enter a unique name (such as elb-Secondary) for Set ID.
  5. For Evaluate Target Health choose Yes for your primary record and choose No for your secondary record.
  6. For your primary record choose Yes for Associate with Health Check. Then for Health Check to Associate select the health check that you created for your primary resource.
  7. Choose Create to create your record.

The records now point the domain to your primary resource or fail over to your secondary resource.

Active-active failover

Active-active DNS failover returns multiple resources to DNS queries. When one resource is unhealthy, Route 53 fails over to another resource.

Note: Make sure to create a Route 53 health check for both resources before proceeding.

Create a record for each resource using the values for failover alias records. For each record, do the following:  

  1. Enter a Name for your resource (such as resource.example.com).
    Note: Make sure to use the same Name for each record.
  2. Select a record Type (such as A – IPv4 address).
    Note: All the resources' records must be the same Type.
  3. For Alias choose Yes. For Alias Target enter the DNS name of your resource. The Alias Hosted Zone ID then appears.
  4. Select a Routing Policy and enter the appropriate values for that policy (such as Weight for a Weighted policy). For Set ID enter a unique name for this resource (such as Resource 1).
    Note: For a weighted routing policy, you can set all records to an equal weight (such as 10) different weights (such as 20 and 10, where the 20 record receives twice as much traffic).
  5. For Evaluate Target Health choose Yes.
  6. For Associate with Health Check choose Yes. For Health Check to Associate select the health check that you created for this resource.
  7. Choose Create to create your record.

Combination failover

You can also combine multiple routing policies and health checks to create complex failover mechanisms where Route 53 traverses multiple tiers of records before returning the appropriate record.

For example, if you have three endpoints, you might want to load balance traffic between the first two (Endpoints A and B) and fall back to the third (Endpoint C) when the first two fail health checks. In this configuration, you have two routing tiers. In the lower routing tier, Route 53 uses record health checks to confirm Endpoints A and B are healthy, then route traffic equally between both primary resources. If Endpoints A and B fail health checks, traffic fails over to the higher routing tier. In the higher routing tier, Route 53 routes traffic to Endpoint C, a secondary fallback resource (such as an S3 bucket with an error page). You can create this configuration as follows:

  1. Create Route 53 health checks for all three endpoints to associate them to health check records.
  2. For the lower routing tier, create two weighted records with equal weights for the domain name (such as resource.example.com) for Endpoint A and Endpoint B.
    Important: Make sure to associate the health checks for Endpoint A and Endpoint B with their weighted records. This step makes Route 53 determine the health check status of each record and load balance traffic between them accordingly.
  3. For the higher routing tier, create failover records for the domain name (such as domain.example.com) for Endpoint C.
    Important: Make sure the primary record is an alias record that points to the record for resource.example.com that you created in step 2.
    Important: Make sure the secondary record points to Endpoint C as the failover resource.
  4. Configure Route 53 to determine the health status of the primary failover record. You can either create a custom health check to determine the health status of the two weighted records (for example, calculated health checks) or use the record option to Evaluate Target Health.

This failover configuration works as follows:

  1. The client requests domain.example.com
  2. If the primary record passes health checks, Route 53 sends traffic to the load balanced primary resource records of resource.example.com which points the client to Endpoint A or Endpoint B.
  3. If the primary record fails health checks (Endpoint A and B are failing health checks), Route 53 marks the primary record as unhealthy and fails over to the secondary record. Route 53 then sends the client request to Endpoint C (the fallback resource).
  4. When the primary record passes health checks again, Route 53 fails back to the primary resource records (Endpoints A and B) automatically.

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2018-09-18