How do I check if resource record sets in my Route 53 public hosted zone are accessible from the internet?
I created a public hosted zone in Amazon Route 53 and added resource record sets in it. I want to verify that my resource record sets are reachable from the internet.
Short description
Use one of the following methods to check whether your resource record sets are accessible from the internet:
- The Route 53 checking tool
- The dig tool (for Linux, Unix, or Mac)
- The nslookup tool (for Windows)
Note: The steps in this article verify that the public hosted zone is created successfully and accessible. To make your entire domain resolvable, do the following:
- Update the domain registration to use Amazon Route 53 name servers
- Update the NS records to use Route 53 name servers
Resolution
Route 53 checking tool
Use the Route 53 checking tool to see how Route 53 responds to DNS queries.
The dig tool (for Linux, Unix, or Mac)
To check whether your resource record sets are accessible from the internet through the dig tool, complete the following steps:
-
Find the four authoritative name servers for your public hosted zone.
-
In your resource record set's configuration, find the associated domain name (Name), record type (Type), and value (Value).
-
Query one of the authoritative name servers. In your command line argument, specify the authoritative name server and the resource record set's domain name and record type. For example:
$ dig @ns-###.awsdns-##.com mailserver1.example.com MX $ dig @ns-###.awsdns-##.com _text_.example.com TXT $ dig @ns-###.awsdns-##.com cname.example.com CNAME $ dig @ns-###.awsdns-##.com subdomain.example.com NS $ dig @ns-###.awsdns-##.com www.example.com A
Note: The syntax for dig varies between Linux distributions. Use man dig to find the correct syntax for your particular distribution.
-
Review the output and verify that the ANSWER SECTION matches your resource record set.
For example:
Record name = mailserver1.example.com
Type = MX
Value = 10 inbound-smtp.mailserver1.example.comThe correct dig output looks similiar to the following:
;; ANSWER SECTION: MAILSERVER1.EXAMPLE.COM 300 IN MX 10 inbound-smtp.mailserver1.example.com.
The nslookup tool (for Windows)
To check whether your resource record sets are accessible from the internet through the nslookup tool, complete the following steps:
-
Open the Windows Command Prompt.
-
Run the following command:
nslookup -type=A aws.amazondomains.com ns-###.awsdns-##.com
For example:
Record name = aws.amazondomains.com
Type = A
Value = 1.1.1.1
Authoritative name server (NS) = ns-###.awsdns-##.com
The correct nslookup output looks similar to the following:C:\Windows\system32> nslookup -type=A aws.amazondomains.com ns-###.awsdns-##.com Server: UnKnown Address: 205.251.193.133 Name: aws.amazondomains.com Address: 1.1.1.1
The option -type=A define the query type is A. You can define other query types. For example : MX, CNAME, or TXT.
Related information
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 3 anni fa