AWS Route 53 DNS - Geolocation Routing

- aws networking dns

This post is part of my note taking while studying for the AWS Certified Advanced Networking - Specialty certification.

Geolocation DNS routing returns results based on the requestor’s IP address. This is often the resolver’s IP address, but if the resolver supports edns-client-subnet, AWS DNS servers will return the result related to that address.

To set this up, you create multiple records for the same resource with the ‘geolocation’ routing policy selected. You then select a Continent, Country, and in the US, a state, or DEFAULT. Route 53 will then return results based on the available records. The most specific math is preferred:

If no DEFAULT is defined, Route 53 will respond with a NOANSWER. This is useful for geofencing applications.

Here’s how this could be accomplished with AWS CLI. We’ll create a record in us-east-1 and ap-south-1. We’ll also associate a health check so that if one associated resource fails, the other will be returned.

geolocation-dns.json

{
  "Comment": "geolocation dns records",
  "Changes": [
    {
      "Action": "CREATE",
      "ResourceRecordSet": {
        "Name": "cloudygeo.cloudynetworks.net",
        "Type": "A",
        "SetIdentifier": "cloudygeo-us-east",
        "Region": "us-east-1",
        "GeoLocation": {
          "CountryCode": "US",
        },
        "TTL": 300,
        "ResourceRecords": [
          {
            "Value": "127.0.0.1"
          }
        ],
        "HealthCheckId": "fd23g79f32",
      }
    }
    {
      "Action": "CREATE",
      "ResourceRecordSet": {
        "Name": "cloudygeo.cloudynetworks.net",
        "Type": "A",
        "SetIdentifier": "cloudygeo-ap-south",
        "Region": "ap-south-1",
        "GeoLocation": {
          "ContinentCode": "EU",
        },
        "TTL": 300,
        "ResourceRecords": [
          {
            "Value": "127.0.0.2"
          }
        ],
        "HealthCheckId": "f23hg89s",
      }
    }    
  ]
}


$ aws route53 change-resource-record-sets --hosted-zone-id Z1R8UBAEXAMPLE --change-batch file://geolocation-dns.json