Ends in

AWS Cloud Practitioner, SAA, CDA, and SysOps Practice Exams for 11.99 USD only

Split-view DNS using Amazon Route 53

What is Amazon Route 53?

Amazon Route 53 is a highly available and scalable Domain Name System (DNS) service. This allows you to do Split-view DNS or Split-horizon DNS implementation for your applications. It offers additional features that are not present from third-party domain registrars. Route 53 allows you to register domain names, route internet traffic to specific resources under your domain name using different routing policies and check the health status of your resources. Route 53 is highly integrated with other AWS services, especially resources under a Virtual Private Cloud (VPC).

The main function of Route 53 is for DNS resolution. Once your domain is registered and configured on Route 53, users on the public internet can query Route 53 to resolve your domain name so they can be redirected to the corresponding resources. In this article, we will learn how to implement Split-view DNS or Split-horizon DNS for your website and custom applications.

Split-view DNS using Amazon Route 53

Split-view DNS Basics

Split-view DNS is a process wherein the DNS server gives out a different response to the same DNS query, based on where the query came from. The following are just some of the scenarios where you may want to use this setup:

  • You have a service that is used on both internal and external networks. For optimal routing, you can route the internal traffic to the private IP addresses while the external networks use the public IP addresses (or endpoints).

  • You have a canary release or blue-green deployment so you want your internal applications to redirect to the newer version before updating the public endpoint.

  •  You want your internal application to resolve “internal-only” DNS records such as test.tutorialsdojo.com but you don’t want the public internet to resolve the DNS name.

Tutorials dojo strip

Split-view DNS using Amazon Route 53

Using Amazon Route 53, we can create a split-view DNS scenario for an internal and external version of the same website or application. To do this, you have to maintain both a private and public hosted zone with the same domain name. In the following steps, we assume that you have a domain name registered on Route 53, the queries for the public hosted zone are from the public internet and the queries for the private hosted zone are from the Amazon VPC.

 1. On Amazon VPC, ensure that DNS resolution and DNS hostnames are enabled for the source Amazon VPC. This is the default setting when creating a new VPC using the AWS web console.

Split-view DNS using Amazon Route 53

2. On Amazon Route 53, create a public hosted zone for your domain name. Ensure that the Route 53 registrar NS record matches the NS entries from this record. Any DNS queries from the public internet will use this hosted zone.

Split-view DNS using Amazon Route 53

Split-view DNS using Amazon Route 53

3. Add records on this public hosted zone for the public endpoints and IP addresses.

Split-view DNS using Amazon Route 53

4. Next, create a private hosted zone with the same name as a public hosted zone. Associate the VPC to this hosted zone. DNS queries from inside the VPC will be using this private zone.

Split-view DNS using Amazon Route 53

5. Add records on this private hosted zone for the private endpoints and IP addresses.

Split-view DNS using Amazon Route 53

With the above setup, Route 53 will respond to DNS queries on the source of the request. From within the Amazon VPC, answers come from the private hosted zone, while public queries return answers from the public hosted zone.

 Now we can try to query from the public internet and we will get the public IP address.

Split-view DNS using Amazon Route 53

While querying from inside the VPC, you will get the private IP address.

Split-view DNS using Amazon Route 53

And that’s a wrap! We have successfully setup the Split-view DNS or Split-horizon DNS in Amazon Route 53. This is quite helpful for your testing and hybrid DNS architecture.




Tutorials Dojo portal

FREE AWS Exam Readiness Digital Courses

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Browse Other Courses

Generic Category (English)300x250

Recent Posts

Written by: Kenneth Samonte

Kenneth is an AWS Architect & Linux System Administrator. He's a Red Hat Certified System Administrator, AWS Certified Solutions Architect Professional, and a VMware Certified Professional. He's also a registered Electronics Engineer and Cisco Certified Network Associate (CCNA). He enjoys exploring cloud platforms and administering Linux systems. When he's not busy, you’ll find him online playing League of Legends.

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?