- Newest
- Most votes
- Most comments
The answer from AC is good; I'd add (based on the further response):
If your web users are connecting to web.sub.domain.com
and your database users are conencting to database.sub.domain.com
then it's easy to have different IP addresses for those different records - particularly where the web
users go to a public IP and database
goes to a private IP.
But: If the hostname is the same for both then it's far more difficult because the DNS server has to look at where the query is coming from (private or public) and return a different IP address based on that. And then it's even more difficult because the DNS server doesn't know whether the query is coming from the database application or the web browser - there's no way to tell. So it can only return a single IP address.
Therefore: If you are using the same hostname for both purposes (web/database) then you can't do what you want. Instead, use two hostnames and the PHZ as AC suggests above.
Hi, you can create a Private Hosted Zone (PHZ) in Route 53, add the corresponding internal entries (A/AAAA), and associate this PHZ with the said VPC. Here's the landing page that explains the steps/considerations: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html
Thanks, AC. I was able to create a private zone as indicated and it worked for the database apps. It led me to a new problem. While I want the database traffic to sub.domain.com to go to the other instance, I need the browser traffic to domain.com to go to the external website. When the hosted zone is active, the browser is unable to resolve DNS. Is there a setting to resolve that?
Relevant content
- Accepted Answerasked a year ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago