Comment
Author: Admin | 2025-04-27
The inbound endpoint checks if the private hosted aws.example.internal is associated with it. (4b) The VPC DNS resolver checks if the private hosted zone aws.example.internal is associated with it. The Route 53 Resolver returns the IPv4 address of the EC2 instance back to the inbound endpoint. The Route 53 Resolver inbound endpoint sends the A response back to the on-premises DNS resolver. The on-premises resolver returns the answer to the on-premises application server. Figure 5: Route 53 Resolver inbound endpoint query and response flow with DNS over HTTPS Configuring DoH for Route 53 Resolver outbound endpoints Now, let’s configure an outbound endpoint with DoH to forward DNS queries that originate on EC2 instances in your VPC to your DNS resolver on the on-premises network. Step 1: Configure an outbound endpoint and specify the following values: Specify the name for the endpoint. From the dropdown, select the VPC that you will forward DNS queries to your DNS resolver on the on-premises network Select the Security group for this endpoint. For Endpoint Type, choose Dual-stack. For a dual-stack endpoint, the endpoint will have both IPv4 and IPv6 addresses that your DNS resolver on your network can forward the DNS query to. Select the Availability Zones that will use the outbound DNS queries to send to your on-premises network. We recommend choosing at least two Availability Zones for high availability. Specify the IP addresses that you want the outbound endpoint to forward DNS queries to on your network. Figure 6: Create Amazon Route 53 Resolver outbound endpoint Step 2: Create a resolver rule to forward DNS queries to your on-premises DNS resolver. Each rule has a domain to which the rule applies and one or more target IP addresses to which the queries should be forwarded. Figure 7 shows a forwarding rule that
Add Comment