Resolve names by referencing the AWS inbound resolver from the on-premises Windows DNS Server
Contributed by: Takeshi Miyaoka on Saturday, July 27 2024
Last modified on Sunday, August 04 2024
In an environment using split-brain DNS, name resolution for resources within AWS is performed from an on-premises DNS server via a private network.
Create an environment with the configuration shown in the image below.
The tasks to be performed are as follows:
(1) Work on the AWS side
- Creating Lambda Function
- Issuance of official certificates
- Creating an ALB
- Configuring route53
(2) Work on the On-Premise side
- Configuring a Conditional Forwarder
(1) Work on the AWS side
1.Creating Lambda Function
Create a simple lambda function for testing.
Also create a Lambda target group to be used with the ALB.
2.Issuance of official certificates
Use AWS Certificate Manager to issue a certificate.Make a note of the CNAME record information for DNS authentication.Once you register this CNAME record in the DNS server of your public domain, the certificate will be issued.
3.Creating an ALB
Create a Internal ALB and assign the Lambda target group and certificate created in the previous step to it.
3.Configuring route53
Create a private hosted zone with the desired subdomain and create a CNAME to resolve the DNS name of the ALB created in the previous step, in this case "api.dev.happa.bz".
Create an inbound resolver that your on-premises DNS server will point to.
(2) Work on the On-Premise side
1.Configuring a Conditional Forwarder
Configure conditional forwarding in the DNS settings of your Windows Server.</>
Verify that name resolution is possible using the nslookup command.
C:\Users\Administrator>nslookup
Default Server: localhost
Address: 127.0.0.1
> api.dev.happa.bz
Server: localhost
Address: 127.0.0.1
Non-authoritative answer:
Name: internal-lb-lambda-218700229.ap-northeast-1.elb.amazonaws.com
Addresses: 10.0.100.156
10.0.100.174
Aliases: api.dev.happa.bz
>Access it using a browser or command line and verify that Lambda returns a response.
