EC2 DNS not resolving hostname to internal IP

domain-name-system amazon-ec2 amazon-web-services bind
6,415

DNS in a VPC works as follows:

When an instance starts, it registers with the DNS forwarder in the subnet.

Thereafter, when any other instance in the VPC queries any hostname for that instance, it will return the private ip.

When the instance is stopped, the record with the forwarder will expire.

Thereafter, when any other instance in the VPC queries any hostname for that instance, it will return the private ip. This is because the local DNS forwarder doesn't have a record and forwards the request to the primary DNS servers for Amazon.

Share:
6,415

Related videos on Youtube

jeremyjr
Author by

jeremyjr

Updated on September 18, 2022

Comments

  • jeremyjr
    jeremyjr over 1 year

    I already posted this on the AWS forums without success (https://forums.aws.amazon.com/message.jspa?messageID=502441). I'm wondering if I'll be more lucky here.

    We have an internal DNS setup that uses the official AWS EC2 DNS 172.16.0.23 as a forwarder. Intermittently the forwarder stops resolving AWS hostnames with their internal IPs and returns the public IPs instead. A script in the crontab checks the DNS every minute and restarts the service to clear the cache when needed. The host against which we check for correct name resolution is an RDS instance. DNS software is Bind version 9.7.0. The problem is not unique to this instance or account since we had the same problem on another instance from another account. Also, this particular instance has been shut down and restarted so it doesn't seem to bee any hardware issue since shutdown/restart should migrate instances to different hardware.

    Same (unsolved) problem here: https://forums.aws.amazon.com/thread.jspa?threadID=76515

    Does anyone else have this problem? Can someone point me in the right direction for a solution?

    Thanks, Jeremy

    • kaji
      kaji over 10 years
      Can you test it out if the failure is at your DNS instance or the Amazon resolver itself ? The latter is very unlikely. Try command dig @172.16.0.23 ec2-url-blah-blah.amazoneaws.com within the amazon instance to check if the fault is in their side.
    • jeremyjr
      jeremyjr over 10 years
      I'll try that. But the point is my DNS should never know anything about public IPs. The only way for it to resolve is through the AWS DNS which is supposed to return private IPs when queried via a private IP. Thanks. Jeremy
    • jeremyjr
      jeremyjr over 10 years
      OK so querying 172.16.0.23 directly does in fact return the private IP, even when the caching server returns the public IP. I'm wondering why since queries are only allowed from internal addresses, so public IPs should not be involved at all.
    • kaji
      kaji over 10 years
      well it is designed that way so that the internal servers get to those servers via local route and external machine get to that machine too albeit via public route :)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Configure BIND with database backend and DLZ support
How does one point a domain to a load balancer that doesn't have a stable IP?
Error getting sendmail to properly send emails from AWS EC2 server (domain of server address does not exist)
How to configure DNS in my ec2 instance?
DNS A record is not working with Amazon Route 53
How to change the URL on my Amazon EC2 webserver
Switching hosting from GoDaddy to AWS
CNAME to AWS Public DNS?
How to flush Amazon Linux AMI DNS cache?
Amazon EC2 Public DNS is useless?