How do I use Route 53 health checks for DNS failover?

Short description

You can use Route 53 to check the health of your resources and only return healthy resources in response to DNS queries. There are three types of DNS failover configurations:

1. Active-passive: Route 53 actively returns a primary resource. If there's a failure, Route 53 returns the backup resource. This method is configured using a failover policy.
2. Active-active: Route 53 actively returns more than one resource. If there's a failure, Route 53 fails back to the healthy resource. This method is configured using any routing policy other than failover.
3. Combination: Multiple routing policies (such as latency-based and weighted) are combined into a tree to configure a more complex DNS failover.

Resolution

Note: The following resolutions don't apply if Amazon CloudFront is your primary target.

Active-passive failover

Active-passive DNS failover is the simplest method that uses one primary and one secondary resource.

Note: Be sure to create a Route 53 health check for your primary resource before proceeding.

Create two resource records for your primary and secondary resources using the values for failover alias records. For each record, do the following:

1. Enter a Name for your resource (such as resource.example.com).
   Note: Use the same name for both resources.
2. For Type, choose A – IPv4 address.
3. For Alias, choose Yes.
4. For Alias Target, enter the DNS name of your primary resource. The Alias Hosted Zone ID then appears.
5. For Routing Policy, choose Failover.
6. For your primary record, choose Primary for Failover Record Type. Enter a unique name (such as elb-Primary) for Set ID.
7. For your secondary record, choose Secondary for Failover Record Type. Enter a unique name (such as elb-Secondary) for Set ID.
8. For Evaluate Target Health, choose Yes for your primary record. Choose Nofor your secondary record.
9. For your primary record, choose Yes for Associate with Health Check. For Health Check to Associate, choose the health check that you created for your primary resource.
10. Choose Create to create your record.

The records now point the domain to your primary resource or fail over to your secondary resource.

Active-active failover

Active-active DNS failover returns multiple resources to DNS queries. When one resource is unhealthy, Route 53 fails over to another resource.

Note: Make sure to create a Route 53 health check for both resources before proceeding.

Create a record for each resource using the values for failover alias records. For each record, do the following:

1. Enter a Name for your resource (such as resource.example.com).
   Note: Make sure to use the same Name for each record.
2. Choose a record Type (such as A – IPv4 address).
   Note: All of the records for the resources must be the same Type.
3. For Alias, choose Yes.
4. For Alias Target, enter the DNS name of your resource. The Alias Hosted Zone ID then appears.
5. Choose a Routing Policy and enter the appropriate values for that policy (such as Weight for a Weighted policy). For Set ID, enter a unique name for this resource (such as Resource 1).
   Note: For a weighted routing policy, set all records to an equal weight (such as 10). Or, set all records to different weights (such as 20 and 10, where the 20 record receives twice as much traffic).
6. For Evaluate Target Health, choose Yes.
7. For Associate with Health Check, choose Yes.
8. For Health Check to Associate, choose the health check that you created for this resource.
9. Choose Create to create your record.

Combination failover

You can combine multiple routing policies and health checks to create complex failover mechanisms. With these mechanisms, Route 53 traverses multiple tiers of records before returning the appropriate record.

For example, say you have three endpoints. You can load balance traffic between Endpoints A and B and fall back to Endpoint C when the first two fail health checks. In this configuration, you have two routing tiers. In the lower routing tier, Route 53 uses record health checks to confirm Endpoints A and B are healthy. Traffic is then routed equally between both primary resources. If Endpoints A and B fail health checks, traffic fails over to the higher routing tier. In the higher routing tier, Route 53 routes traffic to Endpoint C, a secondary fallback resource. Create this configuration as follows:

1. Create Route 53 health checks for all three endpoints to associate them to health check records.
2. For the lower routing tier, create two weighted records with equal weights for the domain name for Endpoints A and B.
   Important: Be sure to associate the health checks for Endpoints A and B with their weighted records. This step makes Route 53 determine the health check status of each record, and then load balance traffic between them accordingly.
3. For the higher routing tier, create failover records for the domain name (such as domain.example.com) for Endpoint C.
   Important: Be sure that the primary record is an alias record that points to the record for resource.example.com that you created in step 2. Also, confirm that the secondary record points to Endpoint C as the failover resource.
4. Configure Route 53 to determine the health status of the primary failover record. Create a custom health check to determine the health status of the two weighted records (for example, calculated health checks). Or, use the record option to Evaluate Target Health.

This failover configuration works as follows:

1. The client requests domain.example.com.
2. If the primary record passes health checks, Route 53 sends traffic to the load balanced primary resource records of resource.example.com which points the client to Endpoint A or B.
3. If the primary record fails health checks (Endpoints A and B are failing health checks), the primary record is marked as unhealthy. The primary record fails over to the secondary record. Route 53 then sends the client request to Endpoint C (the fallback resource).
4. When the primary record passes health checks again, Route 53 fails back to the primary resource records (Endpoints A and B) automatically.

Related information

How Amazon Route 53 chooses records when health checking is configured