How do I check if resource record sets in my Route 53 public hosted zone are accessible from the internet?

3 minute read

I created a public hosted zone in Amazon Route 53 and added resource record sets in it. How do I verify that my resource record sets are reachable from the internet?

Short description

Check whether your resource record sets are accessible from the internet using one of the following methods:

  • The Route 53 checking tool
  • The dig tool (for Linux, Unix, or Mac)
  • The nslookup tool (for Windows)

Note: The steps in this article verify that the public hosted zone is created successfully and accessible. If you want your entire domain resolvable, then verify the following:


Method 1: Use the Route 53 checking tool

Use the Route 53 checking tool to see how Route 53 responds to DNS queries.

Method 2: Use the dig tool (for Linux, Unix, or Mac)

1.    Find the four authoritative name servers for your public hosted zone.

2.    In your resource record set’s configuration, find the associated domain name (Name), record type (Type), and value (Value).

3.    Query one of the authoritative name servers. In your command line argument, specify the authoritative name server and the resource record set's domain name and record type. For example:

$ dig  MX
$ dig  TXT
$ dig  CNAME
$ dig  NS
$ dig  A

Note: The syntax for dig varies between Linux distributions. Use man dig to find the correct syntax for your particular distribution.

4.    Review the output and verify that the ANSWER SECTION matches your resource record set.

For example, if:

  • Record name =
  • Type = MX
  • Value =

then the correct dig output is:

MAILSERVER1.EXAMPLE.COM    300    IN    MX    10

Method 3: Use the nslookup tool (for Windows)

1.    Open the Windows Command Prompt.

2.    Run the following command: nslookup. The output looks similar to this:

Default Server: ip-172-31-0-2.ap-southeast-2.compute.internal

3.    Specify the resource record set type using set type=A:
Note: You can also add any other required resource record type.

set type=A

4.    Specify one of the Route 53 name servers (NS) from the hosted zone (HZ) to query. In this example, enter server The output looks similar to this:

Default Server:
Addresses: 2600:9000:5304:fc00::1

5.    Enter the record to query. For example, "". The query is done against the server specified earlier:
Addresses: 2600:9000:5304:fc00::1

6.    The response is returned by the Route 53 NS:


Related information

Checking DNS responses from Route 53

AWS OFFICIALUpdated a year ago