Domain Registration

Hosted zone

A hosted zone in Route 53 is like a digital folder where we store all the important details about a website's address, known as DNS records. These records specify how to direct visitors to the right web pages and handle email messages. Essentially, a hosted zone is analogous to a traditional DNS zone file. It’s a convenient way to ensure visitors reach the correct destination when accessing a website and that email messages are delivered to the right recipients.

For example, let’s say we have a website called example.com. In the hosted zone, example.com, we keep records that tell nodes where to send visitors who type www.example.com into their browsers and where to deliver emails sent to addresses ending in @example.com. Each destination, like web and email servers, needs its special record in the hosted zone.

These hosted zones, also known as zone files, are securely stored on servers managed by AWS. This ensures that the website’s address details are always available and reliable. Route 53 offers different types of hosted zones to suit different needs, making managing websites and their associated services easy.

Public hosted zones

In Route 53, a public hosted zone acts as a repository for DNS records that are publicly accessible over the internet. These zones are typically used for websites, applications, or services that need to be reachable by anyone on the web. When a public hosted zone is created, Route 53 allocates four public name servers and hosts the zone file on these servers. This ensures that DNS queries for a domain are efficiently handled and resolved for global accessibility.

Public hosted zones are instrumental in directing web traffic to the appropriate resources associated with a domain. For instance, if we own the domain example.com and want to direct users to our website when they type www.example.com in their browsers, we can configure the necessary DNS records within the public hosted zone for example.com.

Similarly, email servers and other services associated with our domain can be specified within this zone to ensure proper traffic routing.

One crucial aspect of public hosted zones is their visibility to the general public and within Virtual Private Clouds (VPCs) utilizing Route 53 resolver. This allows for consistent and reliable DNS resolution across public internet users and internal VPC resources, ensuring seamless connectivity and accessibility for the domain’s services.

Private hosted zone

In contrast to public hosted zones, private hosted zones in Route 53 are designed for scenarios where DNS resolution needs to be confined within a specific network environment, such as a Virtual Private Cloud (VPC). These zones are not accessible from the public internet, providing a secure mechanism for internal resource resolution within the designated VPC.

When a private hosted zone is created, it becomes associated with one or more VPCs, ensuring that the DNS records within the zone are only resolvable by resources within those VPCs. This isolation helps maintain privacy and security, especially for internal services or applications that should not be exposed to the broader internet.

Within a private hosted zone, we can configure resource records tailored to the needs of our internal network, such as routing traffic to internal web servers, databases, or other services. These records remain hidden from external entities, reinforcing the internal network’s security posture while facilitating efficient communication among VPC resources.

Split-view zone

A split-view zone, also known as a split-horizon zone, offers a unique approach to DNS management by combining elements of both public and private hosted zones within a single domain. This setup allows the separation of DNS records based on the intended audience, catering to global users accessing resources over the public internet and users within specific Virtual Private Clouds (VPCs) accessing resources privately.

In a split-view zone configuration, a single domain is associated with both a public hosted zone and a private hosted zone within Route 53. This means that DNS queries originating from outside the associated VPCs are directed to the public zone, while queries from within the designated VPCs are routed to the private zone.

The primary use case for split-view zones arises when organizations must maintain separate sets of DNS records for public-facing services accessible over the internet and internal services accessed exclusively within their network infrastructure. Using this approach, users are segregated based on their access point. Those accessing it over public or global networks are redirected to an interface designed for public users, while those accessing it from internal network infrastructure are directed to an interface intended for internal network users.

Consider a scenario where a company operates a website, example.com, accessible by both external users and internal employees. In this case, the company can utilize a Split-view zone to manage DNS records effectively:

• Public zone (Global access): Within the public hosted zone for example.com, the company maintains DNS records directing traffic from the global internet to its public-facing website servers. These records include entries for www.example.com, api.example.com, and other publicly accessible resources.

• Private zone (Internal access): Simultaneously, the company configures a private hosted zone for example.com, associated with the VPCs used by internal employees. Within this private zone, DNS records are configured to route traffic to internal resources such as intranet.example.com or development.example.com, which are accessible only within the company’s network environment.

By implementing a split-view zone, the company effectively segregates DNS resolution based on the user. External users accessing the company’s public services are directed to the public zone, while internal employees accessing internal resources within the VPCs utilize the private zone, ensuring efficient and secure communication for both user groups.

Overall, the Split-view zone feature in Route 53 allows organizations to manage DNS records granularly, catering to diverse user bases with varying access needs while maintaining the integrity and security of their network infrastructure.

Interoperability

Route 53 offers seamless interoperability between its domain registration and hosting services, allowing flexibility in managing domains based on specific requirements.

For instance, if we register a domain with Route 53 but decide to host the website elsewhere, we can easily do so by copying the domain’s name server information provided by Route 53 and configuring it on the hosting servers of our choice. This flexibility enables us to leverage Route 53’s domain registration capabilities while utilizing hosting services from other providers. In this case, the user pays the cost of domain registration to AWS Route 53 and the hosting charges to the third-party servers.

Conversely, if we already own a domain registered elsewhere and wish to utilize Route 53’s hosting services, we can simply provide Route 53 with the domain name and specify whether we require a public or private hosted zone. Route 53 will then create the necessary zone files and name servers, seamlessly integrating with our existing domain registration while offering the benefits of its hosting infrastructure. Here, the user pays for the domain registration to the third-party service and AWS Route 53 charges the hosting cost only.