Network services with appropriate use cases (for example, DNS)

Task Statement 4.4: Design cost-optimized network architectures.

📘AWS Certified Solutions Architect – (SAA-C03)

1. What are Network Services in AWS?

In AWS, network services help applications:

  • Find each other
  • Connect securely
  • Route traffic efficiently
  • Resolve domain names to IP addresses

The most important service in this topic is:

  • Amazon Web Services DNS service: Amazon Route 53

Along with DNS, AWS also provides:

  • VPC DNS resolution
  • Hybrid DNS integration
  • Traffic routing policies

These are frequently tested in the SAA-C03 exam under cost-optimized and highly available architectures.

2. What is DNS (Domain Name System)?

DNS is a system that:

  • Converts domain names → IP addresses
  • Example concept:
    app.company.com → 10.0.1.10

In AWS, DNS is mainly handled by:

  • Amazon Route 53

Route 53 is:

  • Highly available
  • Global
  • Scalable
  • Used for both public and private DNS

3. Key AWS DNS Services and Features

3.1 Amazon Route 53 (Core DNS Service)

Route 53 provides:

1. Domain Name Registration

  • Register domain names
  • Manage DNS records

2. DNS Hosting (Hosted Zones)

  • Public hosted zone → Internet accessible domains
  • Private hosted zone → Internal VPC DNS

3. DNS Record Types

Important exam records:

  • A Record → maps domain → IPv4
  • AAAA Record → IPv6
  • CNAME → alias to another domain
  • MX → email routing
  • TXT → verification/security
  • Alias Record → AWS-specific routing (VERY IMPORTANT)

4. Route 53 Routing Policies (HIGH EXAM IMPORTANCE)

These are used to control how traffic is distributed.

4.1 Simple Routing

  • One domain → one resource
  • Used for single application endpoint

4.2 Weighted Routing

  • Split traffic based on percentages
  • Example:
    • 70% → version A
    • 30% → version B

Use case:

  • A/B testing applications
  • Gradual deployments

4.3 Latency-Based Routing

  • Routes users to the lowest latency AWS region
  • Improves performance globally

Use case:

  • Global applications (multi-region apps)

4.4 Failover Routing

  • Primary + backup setup
  • If primary fails → traffic goes to secondary

Requires:

  • Health checks

Use case:

  • Disaster recovery setup

4.5 Geolocation Routing

  • Route traffic based on user location (country/continent)

Use case:

  • Region-specific content delivery
  • Compliance-based routing

4.6 Geoproximity Routing (Advanced)

  • Routes based on location + bias adjustment

Use case:

  • Fine control of regional traffic distribution

4.7 Multi-Value Answer Routing

  • Returns multiple healthy IPs
  • Improves availability

5. Health Checks (Very Important for Exam)

Route 53 can monitor:

  • HTTP/HTTPS endpoints
  • TCP endpoints

If endpoint fails:

  • Route 53 removes it from DNS responses (if configured)

Used in:

  • Failover routing
  • High availability systems

6. Private DNS in AWS (VPC Internal DNS)

Inside a VPC:

  • AWS provides built-in DNS resolver
  • Resolves:
    • EC2 private IPs
    • Internal services

Private Hosted Zones

Used for:

  • Internal application domains
  • Microservices communication

Example concept:

  • service.internal.company.com

Only accessible inside:

  • One or multiple VPCs

7. Hybrid DNS (On-Prem + AWS)

Used when:

  • Company has on-prem data center + AWS cloud

AWS provides:

  • Route 53 Resolver Inbound Endpoint
  • Route 53 Resolver Outbound Endpoint

Use cases:

  • On-prem systems resolving AWS domains
  • AWS workloads resolving on-prem domains

8. DNS in VPC (Important Default Behavior)

Every VPC has:

  • DNS resolution enabled by default
  • DNS hostname assignment option

This allows:

  • EC2 instances to resolve AWS services automatically

9. Alias Records (VERY IMPORTANT EXAM TOPIC)

Alias records are special Route 53 records that:

  • Point directly to AWS services
  • Do NOT use IP addresses

Supported targets:

  • Elastic Load Balancing (ALB, NLB, CLB)
  • Amazon CloudFront
  • Amazon S3
  • Other Route 53 records

Key benefits:

  • No extra DNS lookup cost
  • Works with AWS dynamic IPs
  • Better performance

10. Cost Optimization in DNS (Exam Focus)

To design cost-optimized architectures:

10.1 Use Alias Records Instead of CNAME

  • Free inside AWS
  • Reduces DNS query cost

10.2 Use CloudFront with Route 53

  • Reduces origin traffic cost
  • Improves latency

10.3 Use Private Hosted Zones Carefully

  • Only create when needed per VPC
  • Avoid duplication

10.4 Use Routing Policies Efficiently

  • Weighted routing reduces need for separate domains
  • Failover reduces downtime cost

10.5 Avoid Unnecessary Health Checks

  • Health checks cost money
  • Use only for critical endpoints

11. Common Exam Scenarios

Scenario 1: Multi-Region App

Best solution:

  • Latency-based routing
  • Route 53

Scenario 2: Disaster Recovery

Best solution:

  • Failover routing + health checks

Scenario 3: Internal Microservices

Best solution:

  • Private hosted zones

Scenario 4: Hybrid Cloud DNS

Best solution:

  • Route 53 Resolver endpoints

Scenario 5: A/B Testing

Best solution:

  • Weighted routing

12. Key Exam Traps (Very Important)

❌ Using CNAME for root domain (not allowed)
✔ Use Alias record instead

❌ Forgetting health checks in failover routing
✔ Always associate health checks

❌ Using public DNS for internal services
✔ Use Private Hosted Zones

❌ Overusing multiple domains unnecessarily
✔ Use routing policies instead

13. Quick Summary

For SAA-C03 exam, remember:

  • DNS in AWS = Amazon Route 53
  • Routing policies control traffic behavior
  • Private hosted zones = internal DNS
  • Resolver endpoints = hybrid DNS
  • Alias records = cost-saving + AWS integration
  • Health checks = failover support
  • Design always focuses on:
    • High availability
    • Low latency
    • Cost efficiency
Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by