How do I check if resource record sets in my Route 53 public hosted zone are accessible from the internet?
I created a public hosted zone in Amazon Route 53 and added resource record sets in it. How do I verify that my resource record sets are reachable from the internet?
Short description
Check whether your resource record sets are accessible from the internet using one of the following methods:
- The Route 53 checking tool
- The dig tool (for Linux, Unix, or Mac)
- The nslookup tool (for Windows)
Note: The steps in this article verify that the public hosted zone is created successfully and accessible. If you want your entire domain resolvable, then verify the following:
- Update the domain registration to use Amazon Route 53 name servers
- Update the NS records to use Route 53 name servers
Resolution
Method 1: Use the Route 53 checking tool
Use the Route 53 checking tool to see how Route 53 responds to DNS queries.
Method 2: Use the dig tool (for Linux, Unix, or Mac)
1. Find the four authoritative name servers for your public hosted zone.
2. In your resource record set’s configuration, find the associated domain name (Name), record type (Type), and value (Value).
3. Query one of the authoritative name servers. In your command line argument, specify the authoritative name server and the resource record set's domain name and record type. For example:
$ dig @ns-###.awsdns-##.com mailserver1.example.com MX $ dig @ns-###.awsdns-##.com _text_.example.com TXT $ dig @ns-###.awsdns-##.com cname.example.com CNAME $ dig @ns-###.awsdns-##.com subdomain.example.com NS $ dig @ns-###.awsdns-##.com www.example.com A
Note: The syntax for dig varies between Linux distributions. Use man dig to find the correct syntax for your particular distribution.
4. Review the output and verify that the ANSWER SECTION matches your resource record set.
For example, if:
- Record name = mailserver1.example.com
- Type = MX
- Value = inbound-smtp.mailserver1.example.com
then the correct dig output is:
;; ANSWER SECTION: MAILSERVER1.EXAMPLE.COM 300 IN MX 10 inbound-smtp.mailserver1.example.com.
Method 3: Use the nslookup tool (for Windows)
1. Open the Windows Command Prompt.
2. Run the following command: nslookup. The output looks similar to this:
C:\Users\Administrator>nslookup Default Server: ip-172-31-0-2.ap-southeast-2.compute.internal Address: 172.31.0.2
3. Specify the resource record set type using set type=A:
Note: You can also add any other required resource record type.
set type=A
4. Specify one of the Route 53 name servers (NS) from the hosted zone (HZ) to query. In this example, enter server ns-1276.awsdns-31.org. The output looks similar to this:
server ns-1276.awsdns-31.org Default Server: ns-1276.awsdns-31.org Addresses: 2600:9000:5304:fc00::1 205.251.196.252
5. Enter the record to query. For example, "aws.amazondomains.com". The query is done against the server specified earlier:
aws.amazondomains.com Server: ns-1276.awsdns-31.org Addresses: 2600:9000:5304:fc00::1 205.251.196.252
6. The response is returned by the Route 53 NS:
Name: aws.amazondomains.com Address: 1.1.1.1
Related information
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Monaten
- Wie verknüpfe ich eine private gehostete Zone in Route 53 mit einer VPC auf einem anderen AWS-Konto?AWS OFFICIALAktualisiert vor 8 Monaten