I created a public hosted zone in Amazon Route 53 and added resource record sets in it. How do I verify that my resource record sets are reachable from the internet?
Short description
Check whether your resource record sets are accessible from the internet using one of the following methods:
- The Route 53 checking tool
- The dig tool (for Linux, Unix, or Mac)
- The nslookup tool (for Windows)
Note: The steps in this article verify that the public hosted zone is created successfully and accessible. If you want your entire domain resolvable, then verify the following:
Resolution
Method 1: Use the Route 53 checking tool
Use the Route 53 checking tool to see how Route 53 responds to DNS queries.
Method 2: Use the dig tool (for Linux, Unix, or Mac)
1. Find the four authoritative name servers for your public hosted zone.
2. In your resource record set’s configuration, find the associated domain name (Name), record type (Type), and value (Value).
3. Query one of the authoritative name servers. In your command line argument, specify the authoritative name server and the resource record set's domain name and record type. For example:
$ dig @ns-###.awsdns-##.com mailserver1.example.com MX
$ dig @ns-###.awsdns-##.com _text_.example.com TXT
$ dig @ns-###.awsdns-##.com cname.example.com CNAME
$ dig @ns-###.awsdns-##.com subdomain.example.com NS
$ dig @ns-###.awsdns-##.com www.example.com A
Note: The syntax for dig varies between Linux distributions. Use man dig to find the correct syntax for your particular distribution.
4. Review the output and verify that the ANSWER SECTION matches your resource record set.
For example, if:
- Record name = mailserver1.example.com
- Type = MX
- Value = inbound-smtp.mailserver1.example.com
then the correct dig output is:
;; ANSWER SECTION:
MAILSERVER1.EXAMPLE.COM 300 IN MX 10 inbound-smtp.mailserver1.example.com.
Method 3: Use the nslookup tool (for Windows)
1. Open the Windows Command Prompt.
2. Run the following command: nslookup. The output looks similar to this:
C:\Users\Administrator>nslookup
Default Server: ip-172-31-0-2.ap-southeast-2.compute.internal
Address: 172.31.0.2
3. Specify the resource record set type using set type=A:
Note: You can also add any other required resource record type.
set type=A
4. Specify one of the Route 53 name servers (NS) from the hosted zone (HZ) to query. In this example, enter server ns-1276.awsdns-31.org. The output looks similar to this:
server ns-1276.awsdns-31.org
Default Server: ns-1276.awsdns-31.org
Addresses: 2600:9000:5304:fc00::1
205.251.196.252
5. Enter the record to query. For example, "aws.amazondomains.com". The query is done against the server specified earlier:
aws.amazondomains.com
Server: ns-1276.awsdns-31.org
Addresses: 2600:9000:5304:fc00::1
205.251.196.252
6. The response is returned by the Route 53 NS:
Name: aws.amazondomains.com
Address: 1.1.1.1
Related information
Checking DNS responses from Route 53