How do I use Route 53 health checks for DNS failover?

Short description

You can use Route 53 to check the health of your resources and only return healthy resources in response to DNS queries. There are three types of DNS failover configurations:

1. Active-passive: Route 53 actively returns a primary resource. If there's a failure, then Route 53 returns the backup resource. Route 53 configures this method from a failover policy.
2. Active-active: Route 53 actively returns more than one resource. If there's a failure, then Route 53 fails back to the healthy resource. Route 53 configures this method from any routing policy other than a failover.
3. Combination: Multiple routing policies (such as latency-based and weighted) combine into a tree to configure a more complex DNS failover.

Resolution

Note: If Amazon CloudFront is your primary target, then the following resolutions don't apply.

Active-passive failover

Active-passive DNS failover is the simplest method that uses one primary and one secondary resource.

Note: Before you proceed, be sure to create a Route 53 health check for your primary resource.

Use the values for failover alias records to create two resource records for your primary and secondary resources. For each record, complete the following steps:

1. Enter a Name for your resource (such as resource.example.com).
   Note: Use the same name for both resources.
2. For Type, choose A - IPv4 address.
3. For Alias, choose Yes.
4. For Alias Target, enter the DNS name of your primary resource. The Alias Hosted Zone ID then appears.
5. For Routing Policy, choose Failover.
6. For your primary record, choose Primary for Failover Record Type. Enter a unique name (such as elb-Primary) for Set ID.
7. For your secondary record, choose Secondary for Failover Record Type. Enter a unique name (such as elb-Secondary) for Set ID.
8. For Evaluate Target Health, choose Yes for your primary record. Choose No for your secondary record.
9. For your primary record, choose Yes for Associate with Health Check. For Health Check to Associate, choose the health check that you created for your primary resource.
10. Choose Create to create your record.

The records now point the domain to your primary resource or fail over to your secondary resource.

Active-active failover

Active-active DNS failover returns multiple resources to DNS queries. When one resource is unhealthy, Route 53 fails over to another resource.

Note: Make sure to create a Route 53 health check for both resources before proceeding.

Use the values for failover alias records to create a record for each resource. For each record, complete the following steps:

1. Enter a Name for your resource (such as resource.example.com).
   Note: Make sure to use the same Name for each record.
2. Choose a record Type (such as A - IPv4 address).
   Note: All of the records for the resources must be the same Type.
3. For Alias, choose Yes.
4. For Alias Target, enter the DNS name of your resource. The Alias Hosted Zone ID then appears.
5. Choose a Routing Policy and enter the appropriate values for that policy (such as Weight for a Weighted policy). For Set ID, enter a unique name for this resource (such as Resource 1).
   Note: For a weighted routing policy, set all records to an equal weight (such as 10). Or, set all records to different weights (such as 20 and 10, where the 20 record receives twice as much traffic).
6. For Evaluate Target Health, choose Yes.
7. For Associate with Health Check, choose Yes.
8. For Health Check to Associate, choose the health check that you created for this resource.
9. Choose Create to create your record.

Combination failover

You can combine multiple routing policies and health checks to create complex failover mechanisms. With these mechanisms, Route 53 traverses multiple tiers of records before it returns the appropriate record.

For example, you have three endpoints. You can load balance traffic between endpoints A and B. When those first two endpoints fail health checks, you can fall back to endpoint C. In this configuration, you have two routing tiers. In the lower routing tier, Route 53 uses record health checks to confirm that endpoints A and B are healthy. Then, traffic routes equally between both primary resources. If endpoints A and B fail health checks, then traffic fails over to the higher routing tier. In the higher routing tier, Route 53 routes traffic to endpoint C as a secondary fallback resource.

To create this configuration, complete the following steps:

1. Create Route 53 health checks for all three endpoints to associate them to health check records.
2. For the lower routing tier, create two weighted records with equal weights for the domain name for endpoints A and B.
   Important: Be sure to associate the health checks for endpoints A and B with their weighted records. This step makes Route 53 determine the health check status of each record, and then load balance traffic between them accordingly.
3. For the higher routing tier, create failover records for the domain name (such as domain.example.com) for endpoint C.
   Important: Be sure that the primary record is an alias record that points to the record for resource.example.com that you created in step 2. Also, confirm that the secondary record points to endpoint C as the failover resource.
4. Configure Route 53 to determine the health status of the primary failover record. Create a custom health check to determine the health status of the two weighted records (for example, calculated health checks). Or, use the record option to evaluate target health.

This failover configuration uses the following workflow:

1. The client requests domain.example.com.
2. If the primary record passes health checks, then Route 53 sends traffic to the load balanced primary resource records of resource.example.com. This points the client to endpoint A or B.
3. If the primary record fails health checks (endpoints A and B are failing health checks), then the primary record is marked as unhealthy. The primary record fails over to the secondary record. Then, Route 53 sends the client request to endpoint C (the fallback resource).
4. When the primary record passes health checks again, Route 53 fails back to the primary resource records (endpoints A and B) automatically.

Related information

How Route 53 chooses records when health checking is configured