route53 naked domain not reaching amazon elastic load balancer - django

I`m currently using route53 for 2 domains that points to the same website.
Lets assume they are www.example.com and www.example.com.xx, I`ve created 2 hosted zones and maintained the configuration created by default. So, initially I had entries for NS an SOA in each hosted zone.
My EC2 instances are behind Elastic Load Balancer, so my first step was to create aliases for both domains and it naked domains, having the following scenario:
www.example.com
name type value
example.com. NS Generated value
example.com. SOA Generated value
example.com. A ALIAS to my ELB
*.example.com. A ALIAS to my ELB
www.example.com. A ALIAS to my ELB
www.example.com.xx
name type value
example.com.xx. NS Generated value
example.com.xx. SOA Generated value
example.com.xx. A ALIAS to my ELB
*.example.com.xx. A ALIAS to my ELB
www.example.com.xx. A ALIAS to my ELB
Both domains are pointing to the same ELB, where Apache configs to example.com. Then, my Django app subdomain middleware redirects to example.com(301) if request.get_host contains the .com.xx substring.
It is working perfect for both www.example.com and example.com as for www.example.com.xx, my problem is with example.com.br that never reaches my server.
I`ve already tried to make a PTR entry example.com.br -> www.example.com.br, but it was not the solution.
Anyone can point where my DNS config for this naked domain is failing?
Thank you

Firstly lets worry about example.com.br. [www.example.com.br we will take later]
Did you made changes on ur Domain registrar; so as to give DNS servers as that of Amazon ? What is the output you are getting when u do :
nslookup example.com.br
also what is the output for
ping example.com.br

Yesterday night I was able to redirect my naked domain properly, it was a bug in my brazilian provider that was dealing with the registrar. Actually, I just gave them back the control of the DNS table and took it away (returning it to route53).
Anyway, they were being used as a bridge to the registrar since I was migrating. Now I`m dealing directly with registro.br and the problem is gone.

Related

how to point AWS Route53 subdomain to AWS Lightsail instance?

I have setup a Wordpress on Lightsail, and have created a static IP which I can access WP ok.
I have migrated my .co.uk domain across to Route53 from another provider and am trying to point blog.example.co.uk to my Lightsail instance.
In Lightsail I have setup a DNS record like this:
A example.co.uk 12.34.56.78
A blog.example.co.uk 12.34.56.78
It then lists these DNS servers in Lightsail:
ns-849.awsdns-42.net
ns-1643.awsdns-13.co.uk
ns-341.awsdns-42.com
ns-1516.awsdns-61.org
I've taken those DNS servers and set on the root of my domain in Route 53 under Domains > Registered Domains
I am not sure if that was the correct thing to do, as I will have other subdomains eventually that will point elsewhere, should the Lightsail DNS servers be added at that level? If not, what do I set them back to be?
I have also created a Route53 Hosted Zone, and have created an "A" entry that links blog.example.co.uk to 12.34.56.78, is that required?
As mentioned in the comments, I was facing the same challenge.
What ended up working for me was simply creating an Alias Record (A) for my subdomain, subdomain.example.com, that points to the static IP of my Lightsail instance.
I did not add Lightsail's DNS servers anywhere on Route53.
I made sure that the NS entries for my root domain – example.com – pointed to the Name servers entries on my registered domain in Route53.
You can find the name servers associated with your Route53 registered domain by going to Registered domains > mydomain.com; they're located on the upper-right corner.

ERR_NAME_NOT_RESOLVED Route 53 / Elastic Beanstalk

I have been trying to connect my domain with my elastic beanstalk instance.
My domain was purchased off GoDaddy and I have updated the nameservers to point to AWS and verified through dig. If dig comes up with the NS, it means GoDaddy is properly configured to point to the DNS right?
The Test Record Set function also does not show any error and has a proper response returned which has NOERROR
Problem is I still receive an ERR_NAME_NOT_RESOLVED everytime I try to load the website on browsers even tried on different devices
I have also checked the alias used in my Hosted Zone and its up and running
What I have already done:
Initialized and created Beanstalk environment - Up and Running
Public Hosted Zone - Created A record for www.mysite.com
GoDaddy DNS NS - updated with AWS 4 nameservers
Checks I have done:
Internal Test Record for A www.mysite.com
Dig Command
What could I be missing?
UPDATE***
So I figured "www.mysite.com' was working but 'mysite.com' alone was not. I'm assuming route53 will automatically use the www A record? But seems like its not?
Hope ya'll could help
Thanks!
Got it to work.
Looks like besides creating a www A record, I had to create a record for the root domain i.e mysite.com in the Record Set of my Hosted Zone
Solved!

Lightsail instance works when you hit http://[domain].com, but not www.[domain].com, using Route 53 as DNS

I'm pretty new to DNS and this is the first time trying to connect a domain name to an IP, so I'm not sure what I'm missing here. I tried connecting both the www and non www NS records to the Lightsail name servers but only the non www option seems to be working. When I try to hit www.[domain].com, I get unresolved hostname. I also added an A record in each hosted zone that points directly to the IP and I'm not sure if they actually did anything, but I can only access the site from the IP or from http://[domain].com. I appreciate any help you guys can give me, hoping its something small.
Here is an album containing my hosted zone and each zone's settings
I think you don't need to use two separate hosted zone for www and the apex domain (non-www). You can have a single hosted zone and create resource record set for www and the apex domain using CNAME or Alias records. Since you already have an A-record for example.com, in the same hosted zone you can create a CNAME record for www.example.com and point it to example.com
Regardless, for the domain not found, it could be due to the TTL.
Hope this helps.
More information:
http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html#CNAMEFormat
http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values-basic.html#rrsets-values-basic-ttl

Is it possible to have GoDaddy host my domain name but use AWS to host my website?

I'm a little confused on what Aws is instructing me to do. They are telling me to transfer the name to Route 53 first which cost 12 bucks. Is there a way to not use Route 53 and still host my website using Aws?
Yes,
you can have your domain at any registrar and have your DNS zone hosted anywhere. Just modify DNS records to point to your AWS resources like ELB, EC2 or S3.
Amazon doesn't force you to use Route53.
Yes, this is pretty common.
In Route53, create a new zone for your domain. When you do this, you'll get the NS and SOA records created by default. There will be 4 NS entries. Add any other records you need.
Then, when you're ready to switcy, go to the godaddy DNS settings, and change the NS and SOA records to the values in the Route53 zone. By default, I think godaddy only shows 2 NS records, but you can add all 4.
AWS is boss, if you are trying to capitalize on the ACM and get a free SSL you do need to use Route53 to make it happen. Try to test a PTR - Pointer record to your ip address within the DNS to make everything working
Third Party Domain Registrar/DNS
Create a hosted zone through Route53 and erase all DNS/Nameservers
from your domain.
Add the four nameservers to your domain
registrar's DNS should have a mix of .org .com .net and .co.uk or
something similar. All four need to be insterted.
After creating your instance and having your domain pointed to it you will
need point the ip address to Route 53 with an A record. Keep it that
way for now
Generate a certificate with ACM as described above
Create an ELB as described above as well Now with the DNS first make
a *.domain.com A record to point to your dualstack.
Then delete the original A record that pointed to your ip address
Next make sure you point the A record now to your
dualstack.loadbalancer for your regular domain.com
Next, here was the crucial part for me, make a PTR - Pointer record
to your ip address with domain.com as the name
Viola free certificate will work with Wordpress
Oh, and if your design looks funky or any issues getting the green bar then it's something embeded so start with this plugin, make sure "HTTP_X_FORWARDED_PROTO (e.g. load balancer, reverse proxy, NginX)" is enabled and then move on from there with your typical ssl auditing. https://wordpress.org/plugins/ssl-insecure-content-fixer/11
A lot of cool info for AWS + Wordpress via bitnami and more details on the SSL here: https://community.bitnami.com/t/connecting-amazon-ssl-via-load-balancer-to-bitnami-aws-marketplace-instance/41460/29
Let me know if you have trouble getting started on actually launching the instance and getting wordpress up first. The domain pointing and ssl is one of the last steps.

DNS split across two hosts, subdomain CNAME confusion

Right now our domain name and DNS are still hosted by our old provider until we make the full switch to Amazon AWS.
We run a lot of subdomains i.e. vendor.mydomain.com which were previously setup as websites on our old host. I deleted the subdomain on the oldhost and replaced it with a cname on the mydomain.com level for vendor to point to AWS, all is working well.
Now I need to add some TXT records for mailgun to verify my domain and I'm not sure where / how to do it.
Mailgun is looking for and expecting a CNAME record email.vendor.mydomain.com. I tried creating this on mydomain.com as I did for the vendor CNAME, it lets me create it but it never seems to be detected by mailgun.
I figure I could go with the configuration where I create a subdomain on my original host, but then the nameserver of my old host takes over for vendor.mydomain.com. In this scenario I'm all good with the Mailgun CNAME's etc, but I don't know how to effectively point to AWS for vendor.mydomain.com as the CNAME on the domain level no longer works.
Thoughts / suggestions welcome!
If, on the authoritative server for example.com, you have a CNAME record for subdomain.example.com, no other records on that same server can be valid for, or under, that subdomain, because the CNAME effectively blocks everything at or below itself by saying "stop, look elsewhere... specifically, look here."
Create a hosted zone in Route 53 for example.com. Note the 4 awsdns name servers it assigns to the hosted zone.
For each subdomain you need on Amazon, create 4 NS records for each subdomain on the example.com authoritative servers.
vendor NS ns-xxxx.awsdns-yy.com.
vendor NS ns-xxxx.awsdns-yy.net.
...etc., for the .org and .co.uk domains.
This delegates all lookups for that subdomain (e.g. "vendor") and all of its subdomains to the Route 53 servers, while leaving your existing servers authoritative for the records it still contains.
Then you can create records in the hosted zone in Route 53, including alias and CNAMEs as needed.