6. [SAA/DVA] Route 53 – TTL
Okay, so let’s have a look at TTLs. So a record TTL is a Time to live. And let’s take this example where a client is accessing our DNS, Route 53 and a web server. So we do a DNS request for My Apps example and we get an answer from the DNS which is saying, hey please, this is an A record. Here is the IP, and there’s a TTL, maybe a TTL of 300 seconds. So TTL saying, hey, client, please cache this result for the duration of the TTL. So for 300 seconds, the client is going to cache the result. That means that if the client is requesting again or accessing the same host name, what’s going to happen is that the client will not issue a query to the DNS system because it already knows the answer, because the answer has been cached and we’re still within the cache period. So the cache TTL.
The idea behind this is that we don’t want to query the DNS too often because we don’t expect records to change a lot. And so therefore using the response to how the client can access a web server and do Http requests and responses. So we have two extreme cases. For example, if you set a high TTL of say, 24 hours, then this is going to do a lot less traffic on Route 53 because less clients are doing requests, because the results are cached, are cached for 24 hours, and possibly while the client will have outdated records. If somehow you want to change the record, you will need to wait 24 hours to make sure that all your clients will have the new records in their cache. If you set a low TTL, for example, 60 seconds at the opposite, then it’s going to do a lot more traffic on your DNS. So a lot more dollar you’re going to spend because you get price per how many requests do reach Route 53.
But the records will be outdated for less time. So it’s quicker for you to do a record change and it’s easier to change records overall. So it’s up to you really to see what a good TTL or Ottl is. If you plan on changing a record, the idea is that sometimes you will decrease the TTL for say, 24 hours. And then when you know that all the clients have a new TTL that is low, then you change the record value, which gets updated for everyone, and then you increase the TTL. This is a strategy. So the TTL is mandatory for every record except the alias record that we’ll see in the next lecture. So let’s have a look how TTL works in the console.
So let’s have a look at how Time to Live works. So let’s create a new record, and this one’s going to be called Demo Stefanotar. com, and the value of it is going to be one of the easy two instances we know. So let’s take the one in New central one. So I’m going to take this easy to instance and paste the value of it. And then for the TTL, we’re going to set two minutes. So to do so, I’m going to click twice on this minute button. So the TTL is now 120 seconds. So let me create this record. And now my record has been created.
So it is an A record pointing to a specific IP at Demo dot definiteshare. com. Now, I want to show you that the record is working, but Firefox is not very nice with me. So if I try to open this in Firefox, it’s going to give me a problem. So this is not something I can fix easily. So I’m going to use Google Chrome on the right hand side to show you this. So if I do democratic. com on Google, then automatically it should direct me to, yes, my EU Central Wallet instance. So that means that this record, this A record is fully functioning. And I can also make sure of that. For example, if I’m using Cloud Shell. So if I clear this and do an Nslookup on Demosvantager. com, as you can see, the address is correct. And if I do a Dig command on this, then we get an answer. And there’s a cool number that was shown here. So the answer section, that is 115. So the idea here that because I did do a DNS query, then the record got cached for 120 seconds.
And if I retype again this Dig command right here, as you can see, the number got down to 98. So that means that for 98 seconds, actually, I will get the same response because no matter what, this is what’s cached on my computer. So if I’m very quick and I go to this record right here and I edit it, so instead of this IP, I want to go to AP Southeast One. So I will use the first IP in my list and save this. So even though this record was being updated, okay, if I go into Club Shell and again do this Dig command, as you can see, the answer is still the same as before. That’s because for 66 more seconds, this is going to be cached. And if I go to Chrome I think it was fast enough, I go to Chrome and refresh this page.
As you can see, I still have the answer from EU Central One. This is because, again, my record got cached for two minutes. So when the cache is expiring, then only then my command line interface or my Chrome Web browser will ask again, route 53 for the value of this record. And then again will I get the answer and will be redirected to this new IP. So the best way to check it is just to wait. So I’m going to wait maybe one more minute and then get back to you.
Okay, so it’s been a minute. And now if I refresh my web browser, as you can see now I get a different hello world. And this time is from AP southeast One. B. And if I go into my cloud shell and do the same Dig command, then as you can see, there’s a new TTL. So 120 seconds. And there is a new IP right here, which is the IP of my new server. So this was a cool demo of the TTL. I hope you liked it, and I will see you in the next lecture.
7. [SAA/DVA] CNAME vs Alias
So now let’s have a look at the differences between CNAME and aliases. So when you have an image resource, for example a load balancer or cloud front, it will expose a hostname. And what you want is to maybe map that host name to a domain you own. For example, you want to map this load balancer into my app my domain. com. So you have two options. The first one is to use the CNAME records. So we’ve seen a records, but now let’s look at CNAME records. So CNAME allows you to point a hostname to any other hostname. For example, you can say app my domain Dom is pointing to blah blah anything. And this only works if you have a non root domain name. So if you have something my domain. com, it does not work for just MyDomain. com, as we’ll see in the hands. On the other hand, you have alias records and these are specific to root 53, but they allow you to point a host name to a specific AWS resource. So app my domain. com is pointing to blah blah Amazon, Aws. com.
And these resources we’ll see in a second what they are. But these alias records work for both root domains and non root domains. So you can have my domain. com pointing as an alias to an alias resource, which is very, very good. So this is something that the exam may test you on and we’ll see this in hands on. So on top of it, alias is very good because they’re free of charge and they have a native health check capability within them. Okay? So if we look at these alias records and details, they are only mapped to resources in AWS. So you would say, okay, here is route 53. I want to have example as an alias record of type A, and the value is the DNS name of the load balancer you have. Now, this is an extension to DNS functionalities, not something that’s across all DNS that exist out there. And in case the underlying ALB have IP changes, then automatically the alias record will recognize them. So as I said, unlike CNAME, alias records can be used for the top node of the DNS namespace called the zone apex. So you can use an alias record, for example.
Now the alias record is always of type A or AAA, which is for resources. So either IPV four or IPV six. When you have an alias record, you cannot set the TTL, it is set automatically by route 53. So what are the targets for alias records? Well, it could be elastic load balancers, it could be CloudFront distributions. And some of these you’ll have seen in this course, some of this you will not have seen in this course. But this is fine. It’s just for you to get an idea of what they can be. So ELBs platform distributions, API gateway, elastic beanstalk, environments, s three websites. So not S three buckets, but S three websites when these buckets are enabled as a website VPC Interface, Endpoints, Global Accelerator, accelerator and Route 53 records in the same hosted zone. One thing that is not there is that you cannot set an alias for an EC Two DNS name. This is something you have to remember. So EC two DNS names are not something you can have a target that can be the target of an alias records, okay? Just a little stability to know. So now let’s have a look in the console to see how CNAMEs and alias records work.
So let’s go ahead and create a record. And this one will be a type CNAME. So I will call this one MyApp stefanoichir. com. And the record type now is not A. It’s not critical. A? It’s CNAME. And then the value must be a domain name. And very easy, I already have a domain name available that’s My ALB. So what I’m going to do is that I’m going to copy the hostname of My ALB and paste it in here.
The idea is that now instead of accessing my ALB through this URL, I want to be accessing the ALB through MyApp defendant tier. com. Okay? So I will just create this record. And now Myappancher. com has been created. And so if I go into my Chrome web browser on the right hand side and open this URL, now you see that the answer is hello world from My IP blah blah, blah in a Zeu central one seat. So this domain name is in fact covered by the ALB. And the ALB is directing the traffic into an EC two instance. And so therefore, I receive back this helloel. So this is good, but this is not a list native, okay? This is something that will work for many domain names.
But we can do something better because we are redirecting into an ALB. What we can do is create an alias record. So I can create a record and this time is going to be My alias defined the. And the record type is A, because My ALB is currently having only IPD for traffic and the value of it. So we have to tick the alias right here and we’re going to route traffic too. And then we have a list of options. Okay? So we can see a lot of different options, but right now it’s going to be an alias to an application and classic load balancer. We need to choose a region so it is an EU central one for me. And then we need to choose the load balancer. So I will choose this load balancer right here. Then automatically we can evaluate the target health as well with a yes, because this is an alias record.
So we’ll click on Create this record. And now I have a new record right here called Myalias Defendant. com. And the cool thing is that this record is free to query. Okay? So I’m not going to pay any money because this is an alias record. So if I click on my alias defender ship. com, it’s going to perform a few DNS queries. And now again, I get the same response. Again. Nothing has changed. But it is working. Okay, so that’s perfect. But now, what if we consider the domain apex? So if we want to have just stiffandwichit. com to redirect to this page So what we’re going to do is create a record and let’s go ahead. So we’re going to just have nothing in here. Okay? And we’re going to have a CNAME record pointing to the domain name of My ALB, which is copied from here and pasted in here. Okay, so we want to say, hey, Stephanitiche. com is going to be a CNAME for this value. Now.
This is not going to work. Let’s try it. It’s saying, hey, batterquest. The CNAME is not permitted at apex of this zone. So this zone is defined tier. com and the apex of the zone is defined tissue. com. And therefore we cannot set up a CNAME at the apex. So the only way we can deal with this issue is instead to create an alias. And the record is going to be of type A and the alias is going to point again to an ALB or CLB in the EU central one region and the load balancer is going to be the one from before. Now, this is going to be accepted because this is an alias record. And this is what the exam may test you on. Okay? And so now we can see that Stefano. com is accessible. And so if I go back into to my web browser in here, open a new tab and enter a Stefanoji. com and press Enter. Here I get back the hello world from my load balancer. So everything is working great. So that’s it? We’ve shown how C names and alias records work in AWS. I hope you liked it. And I will see you in the next lecture.
