0

I have a domain registered at GoDaddy. Let's call it acme.com. Servers that are publicly available have their subdomains registered at GoDaddy. Example: www.acme.com and service-a.acme.com.

I have a VPN set up in AWS with private subnets that do not have public ip addresses. How do I register private server subdomains in AWS Route 53? Example service-b.acme.com should only be available when you are connected to the VPN and the subdomain should not be known to the public.

Background: I already attempted to use Route 53 and I setup a private Hosted Zone in Route 53 for acme.com. It worked for accessing private server names via the VPN. When connected the VPN I can access service-b.acme.com. And when not connected the name is not found.

The unexpected consequence is that all AWS servers use the Route 53 DNS server and while they can find service-b.aceme.com they do not fall back to the GoDaddy listings for the public server. They cannot find the public DNS entries for acme.com or service-a.acme.com.

Edit I may have a solution. I deleted my private hosted zone for acme.com that contained two A records for service-b.acme.com and service-c.acme.com. I instead created private hosted zones for each subdomain. So I now have two private hosted zones. One for service-b.acme.com and another for service-c.acme.com. Each contain an empty A record that points the private ip address for each server. It works but is this correct? I was kind of following similar instructions from AWS.

Improve this question
2
  • 1
    I'd recommend you delegate internal.example.com to the private hosted zone, and have hostnames like db.internal.example.com. That way you can leave alone the main domain.
    – ceejayoz
    Nov 8, 2022 at 21:03
  • Please edit your question, it's not really clear. It sounded like you solved the problem in a reasonable way but you made an ambiguous comment "all AWS servers use the Route 53 DNS server and while they can find service-b.aceme.com they do not fall back to the GoDaddy listings for the public server". Do you mean your AWS EC2 instances used the Route53 private zone, and you've defined that zone in two places? You'll need to do some kind of delegation if that's what you need but it's not clear what you're trying to achieve.
    – Tim
    Nov 9, 2022 at 0:38

1 Answer 1

Reset to default
0

I deleted my private hosted zone for acme.com that contained two A records for service-b.acme.com and service-c.acme.com. I instead created private hosted zones for each subdomain. So I now have two private hosted zones. One for service-b.acme.com and another for service-c.acme.com. Each contain an empty A record that points the private ip address for each server. This works perfectly so far.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .