I created a public hosted zone in Amazon Route 53 and added resource record sets in it. I want to verify that my resource record sets are reachable from the internet.
Short description
Use one of the following methods to check whether your resource record sets are accessible from the internet:
- The Route 53 checking tool
- The dig tool (for Linux, Unix, or Mac)
- The nslookup tool (for Windows)
Note: The steps in this article verify that the public hosted zone is created successfully and accessible. To make your entire domain resolvable, do the following:
Resolution
Route 53 checking tool
Use the Route 53 checking tool to see how Route 53 responds to DNS queries.
The dig tool (for Linux, Unix, or Mac)
To check whether your resource record sets are accessible from the internet through the dig tool, complete the following steps:
-
Find the four authoritative name servers for your public hosted zone.
-
In your resource record set's configuration, find the associated domain name (Name), record type (Type), and value (Value).
-
Query one of the authoritative name servers. In your command line argument, specify the authoritative name server and the resource record set's domain name and record type. For example:
$ dig @ns-###.awsdns-##.com mailserver1.example.com MX
$ dig @ns-###.awsdns-##.com _text_.example.com TXT
$ dig @ns-###.awsdns-##.com cname.example.com CNAME
$ dig @ns-###.awsdns-##.com subdomain.example.com NS
$ dig @ns-###.awsdns-##.com www.example.com A
Note: The syntax for dig varies between Linux distributions. Use man dig to find the correct syntax for your particular distribution.
-
Review the output and verify that the ANSWER SECTION matches your resource record set.
For example:
Record name = mailserver1.example.com
Type = MX
Value = 10 inbound-smtp.mailserver1.example.com
The correct dig output looks similiar to the following:
;; ANSWER SECTION:
MAILSERVER1.EXAMPLE.COM 300 IN MX 10 inbound-smtp.mailserver1.example.com.
The nslookup tool (for Windows)
To check whether your resource record sets are accessible from the internet through the nslookup tool, complete the following steps:
-
Open the Windows Command Prompt.
-
Run the following command:
nslookup -type=A aws.amazondomains.com ns-###.awsdns-##.com
For example:
Record name = aws.amazondomains.com
Type = A
Value = 1.1.1.1
Authoritative name server (NS) = ns-###.awsdns-##.com
The correct nslookup output looks similar to the following:
C:\Windows\system32> nslookup -type=A aws.amazondomains.com ns-###.awsdns-##.com
Server: UnKnown
Address: 205.251.193.133
Name: aws.amazondomains.com
Address: 1.1.1.1
The option -type=A define the query type is A. You can define other query types. For example : MX, CNAME, or TXT.
Related information
Checking DNS responses from Route 53