AWS Hybrid DNS Overview

Hybrid DNS in AWS involves the use of Route 53 resolver endpoints to facilitate DNS queries between AWS VPCs and external networks, including on-premises networks. This setup is crucial for environments that span both cloud and on-premises infrastructure, ensuring seamless domain name resolution across different network realms.

Key Components

• Route 53 Resolver: Automatically handles DNS queries for EC2 instances within a VPC, including queries for AWS private hosted zones and public name servers.
• Private Hosted Zone: Used within AWS to manage DNS records for your internal AWS resources.
• Hybrid DNS: Necessary when resolving DNS queries between a VPC and external private networks, achieved through the use of resolver endpoints.

Resolver Endpoints

• Inbound Endpoint: Allows external DNS resolvers to forward DNS queries to the Route 53 resolver for domain names within AWS. It facilitates domain name resolution for AWS resources from external networks.
• Outbound Endpoint: Allows the Route 53 resolver to forward DNS queries to external DNS resolvers, enabling AWS resources to resolve domain names hosted outside AWS.

Configuration and High Availability

• Endpoints are associated with VPCs within the same region and are created in two availability zones for high availability.
• Each endpoint can support approximately 10,000 queries per second, per IP address. Additional capacity requires more IP addresses.

Resolver Rules for Outbound Endpoint

• Conditional forwarding rules specify how to forward DNS queries for particular domains to target IP addresses.
• System rules define overriding behavior for subdomains.
• Auto-defined system rules are for internal AWS domain names or private hosted zones.
• Resolver rules can be shared across accounts using AWS Resource Access Manager (RAM) for centralized management.

Resolver Inbound Endpoints:

Resolver Outbound Endpoints: