I have the following scenario:
I own the following domain: example.com, which has A record for it: job.example.com/8.8.8.8.
I have purchased an Elastic IP address, and I have changed the A record IP for job.example.com from 8.8.8.8 to AWS Elastic IP address.
What I want to achieve is to hide my "real" office IP. I want when someone visits https://jobs.example.com the IP address behind it will be the Elastic IP address, but some service in Amazon will forward all traffic to my real office IP (8.8.8.8 for example in this question).
I've looked into route53, couldn't find anything.
Please help :)
I might get your question wrong but it seems what you're asking for is a reverse proxy, or more likely in AWS, a CloudFront CDN distribution.
Considering CloudFront pricing, I'd go for that one.
The reverse proxy option would be to setup an EC2 instance with, for example, the nginx server configured like this:
location / {
proxy_pass http://8.8.8.8/;
}
Depending on your traffic, the later solution could be achieved with a free-tier t2.micro instance, which you will begin to be billed for next year.
Related
I am a newbie to AWS. I have read about DHCP Option Set and also about Route 53. However, I do not understand clearly about the similarities and differences between them.
In my understand, both help us customize DNS name, and DHCP is a component of VPC, but Route 53 is an AWS service, am I right? If yes, is there any differences between them? In which case we use DHCP? In which case we use Route 53 instead of DHCP Options?
Route 53 is a DNS service - this allows you to publish hostnames and their associated ip addresses to the world at large. For example, on a simple level, I might publish the following:
www.example.com A 123.45.67.89
This would tell internet users around the world that the server www.example.com can be found at ip address 123.45.67.89
This is hugely simplfied, but think of Route 53 as a part of a distributed, decentralised database of hostnames and ip addresses.
DHCP is used by a host to get its network configuration at startup. When a machine, or vps, or ec2 instance starts up, it will make a DHCP request for its network configuration, and a dhcp server will respond, giving the host a number of parameters, but at a minimum an IP address. The dhcp may then register this ip address/hostname combination in DNS. DHCP options are extra network configuration parameters, for example, telling the host that is part of the domain example.com, that its default router is 10.0.0.2, or any number of other options. These affect the way the host configures itself to talk to the network.
DHCP in your VPC is used to automatically assign domain names to your EC2 servers that are generated by Amazon. The domain names will look like ec2-public-ipv4-address.compute-1.amazonaws.com
Route53 is a DNS service for assigning custom domain names that you own to your AWS resources. If you wanted to assign someting like myapp.mydomain.com to your EC2 server, you wouldn't be able to accomplish that with DHCP, you would need to use a DNS service like Route53.
I am newly using AWS and I am using first time AWS lightsail. I am in trouble about DNS Server Managing;
I get a static ip but I can't see this static ip in IIS Bindings setting.
I installed DNS Server feature from add roles and features widzard.
I added a Forward Lookup Zone for my site, When I add ns records I can't use public(static ip) so I used private Ip.
I am using many vps providers (Vultr, Google etc.) but I am living first time problem like this.
I reach the site from public(static) ip but I can't reach from domain and I can't reach ns record.
What is I missed about that?
I understood AWS operation type so;
I am using private/internal ip for IIS bindings and DNS records, AWS automatically mask it with public/static ip.
I was living DNS reach problem and I solved the DNS reach problem with opening DNS ports from network security area.
So I missed open the DNS ports from AWS lightsail firewall.
I've setup a PTR record for my EC2 instance following this article: https://aws.amazon.com/premiumsupport/knowledge-center/route-53-reverse-dns/. but when I test the rDNS with a tool like dig it keeps giving me the xxx.compute.amazonaws.com domain as a result. I have waited several times the refresh time and performed the steps in the article multiple times but the record does not change. I have also set the NS record for the "in-addr.arpa" hosted zone to match the NS record of my domain.
My setup is:
Hosted zone 1: "domain.com."
Hosted zone 1 A record: name "domain.com." value "1.2.3.4"
Hosted zone 2: "3.2.1.in-addr.arpa."
Hosted zone 2 PTR record: name "4.3.2.1.in-addr.arpa." value "domain.com"
Am I missing something here? Are there any other steps I should take or do you have any tips on how I can further debug this?
It seems like outlook.com keeps flagging my messages as spam because the rDNS is incorrect.
Any help is very much appreciated.
I've setup a PTR record for my EC2 instance following this article
You can't use these instructions for IP addresses owned/controlled by AWS. The only AWS-allocated public IP addresses that are configurable with custom reverse-DNS are elastic IP addresses, and a different process applies (from the same document) --
If you are using an Elastic IP address for your server, you can configure the reverse DNS record of your Elastic IP address by submitting a Request to Remove Email Sending Limitations (root account credentials required), and you don't need to use Amazon Route 53.
The instructions you followed are for IP address space that you control, or that has been delegated to you by your ISP. They are not applicable to elastic IP addresses. You "don't need to use Route 53," in this case, would have been more correctly written here as you "can't use Route 53."
Allocate an elastic IP and map it to the server... then you can use the request form and AWS support will configure the reverse records for you.
Public IP addresses that are not EIPs are ephemeral. Once you stop the instance, the address goes back to the pool. Starting the instance again will cause it to be assigned a different public IP address. This isn't the case with EIPs, which would be more suited to a permanent fixture like an SMTP server.
I have just created my aws instance on windows server 2012 R2 for running my website. Problem is, i want to resolve my public IP address to my domain name.For example, my aws public IP address is 1.2.3.4 and i want it to show as my own company domain
This answer may seem strange because of the way it works, but it is from an official source and it does accomplish what you want -- setting a reverse DNS record on an elastic IP address. The address will remain associated with your account and can't be inadvertently released unless you subsequently undo this configuration.
You can now provide us with a configurable Reverse DNS record for any of your Elastic IP addresses. Once you’ve supplied us with the record, reverse DNS lookups (from IP address to domain name) will work as expected: the Elastic IP address in question will resolve to the domain that you specified in the record.
https://aws.amazon.com/blogs/aws/reverse-dns-for-ec2s-elastic-ip-addresses
You'll be sending a request to AWS support to configure this mapping.
The unexpected part of the solution, however, is the reason stated on the form that you use to send the request to AWS support...
https://aws-portal.amazon.com/gp/aws/html-forms-controller/contactus/ec2-email-limit-rdns-request
...it's actually the request form to remove the outbound SMTP port 25 restriction on your Elastic IPs... but part of the process is to assign reverse DNS entries to EIPs that you specify.
We have a domain mydomain.com, which we have registered with a UK registrar. We are using Amazon's Route53, and this domain has been added in Route53 and is using the name servers as follows;
ns-558.awsdns-05.net
ns-1755.awsdns-27.co.uk
ns-466.awsdns-58.com
ns-1343.awsdns-39.org
I've added the relevant A records for www etc to point our elastic IP to this domain.
We are also running MailEnable on this EC2 server (running Windows 2012). The MailEnable server is asking for me to enter DNS addresses (Check and configure DNS settings), I assume it will use when sending email.
My question is what DNS addresses / servers can I use ? Can I use
ns-558.awsdns-05.net
ns-1755.awsdns-27.co.uk
ns-466.awsdns-58.com
ns-1343.awsdns-39.org
You can see the DNS address(es) in the screen shot below.
You can't use those Amazon servers because they're authoritative-only (they'll only tell you about domains they know about, instead of acting as a recursive proxy). You can use Google's public DNS servers at 8.8.8.8 and 8.8.4.4 for that field.
(original answer below)
You need to create an A record that points at the elastic IP assigned to your mail server (for example, mail.yoursite.com points at 1.2.3.4). Then, you'd create an MX record for yoursite.com that points at mail.yoursite.com. Finally, I believe you would give MailEnable mail.yoursite.com, but I'm not 100% sure on that.