subdomain on route53 private hosted Zone

internal-dns amazon-route53 dns-zone
7,253

Creating a private hosted zone in Route 53 essentially applies a "hook" in the DNS resolver for your VPC so that queries for that domain are routed directly to the assigned Route 53 nameservers instead of being resolved normally by traversing down starting at the global root servers.

In light of that, I suppose it makes sense for the system to consider a subdomain to be a conflict, and this is a documented limitation:

ConflictingDomainExists

You specified an Amazon VPC that you're already using for another hosted zone, and the domain that you specified for one of the hosted zones is a subdomain of the domain that you specified for the other hosted zone. For example, you cannot use the same Amazon VPC if you're creating hosted zones for example.com and test.example.com.

http://docs.aws.amazon.com/Route53/latest/APIReference/API-create-hosted-zone-private.html

The following (untested) workaround should allow you to achieve the same functionality, though... assuming domain.local is configured as a private hosted zone:

  • Create dev.domain.local as a public zone in Route 53.

  • Note the 4 NS records assigned to the new zone by Route 53.

  • Back in the domain.local private zone, create a record for host "dev," type "NS," and paste the 4 nameservers assigned to dev.domain.local in the box.

This configuration should cause the VPC resolver to consult the private parent domain, learn the delegation, recurse to the delegated nameservers for the correct record, and return the expected response.

Share:
7,253

Related videos on Youtube

mezi
Author by

mezi

Updated on September 18, 2022

Comments

  • mezi
    mezi almost 2 years

    I have been trying to setup a Private Hosted Zone in route53 with current associated VPCs in eu-west-1 and will soon add more. I have conformed that my VPC has DNS resolution option set to yes and necessary DHCP option sets are also created. I have added a DNS record under the domain.local domain and it works fine. However, the issue comes when I tried to created a sub-damain dev.domain.local and tried to associate with the same VPC. I see the following error "A conflicting domain is already associated with the given VPC or Delegation Set."

    My intention is to have one parent private zone as zorotools.local and several subdomain such as dev.domain.local, staging.domain.local, prod.domain.local etc.

    I would then associate ec2 instances with these DNS names.

    So, please let me know what mistake I am making and how should I proceed.

  • mezi
    mezi almost 9 years
    thanks @Michael - sqlbot, I have understodd the fact that "you cannot nest private zones inside another private zone." AWS support told me that "At the moment,unfortunately, you cannot do subdomains on the same VPC using multiple private hosted zones. The reason has to do with the fact we use name + VPC to find the zone given a QNAME. When another zone exists at the same path, resolution is ambiguous. We are considering to relax this constraint in the future, though. " I will try your work around.
  • num1
    num1 over 7 years
    Unfortunately this fix does not work. According to docs.aws.amazon.com/Route53/latest/DeveloperGuide/… "You cannot create NS records in a private hosted zone to delegate responsibility for a subdomain."

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to set up an internal domain with Route53 on AWS?
HAProxy doesn't automatically reload DNS
How to fix 504 ERROR with route 53, cloudfront distribution and elastic beanstalk
How to use CloudFront with ELB for http to https redirection
Route53 route subdomain to AWS Lambda?
"no matching Route53Zone found": Terraform's Route53 data source is not recognizing the hosted zone name
Can't add DNS CNAME record
dns bind not working nslookup gives servfail
2 Network Cards, External & Internal. DHCP and DNS Setup
Cisco asa 5505 to use internal DNS server