Amazon Route 53
Developer Guide (API Version 2013-04-01)

Forwarding Inbound DNS Queries to Your VPCs

To forward DNS queries from your network to Resolver, you create an inbound endpoint. An inbound endpoint specifies the VPC that queries pass through on the way from your network to Resolver.

Configuring Inbound Forwarding

To create an inbound endpoint, perform the following procedure.

To create an inbound endpoint

  1. Sign in to the AWS Management Console and open the Route 53 console at https://console.aws.amazon.com/route53/.

  2. In the navigation pane, choose Inbound endpoints.

  3. On the navigation bar, choose the Region where you want to create an inbound endpoint.

  4. Choose Create inbound endpoint.

  5. Enter the applicable values. For more information, see Values That You Specify When You Create or Edit Inbound Endpoints.

  6. Choose Create.

  7. Configure DNS resolvers on your network to forward the applicable DNS queries to the IP addresses for your inbound endpoint. For more information, refer to the documentation for your DNS application.

Values That You Specify When You Create or Edit Inbound Endpoints

When you create or edit an inbound endpoint, you specify the following values:

Endpoint name

A friendly name that lets you easily find an inbound endpoint on the dashboard.

VPC in the region-name Region

All inbound DNS queries from your network pass through this VPC on the way to Resolver.

Security group for this endpoint

The ID of one or more security groups that you want to use to control access to this VPC. The security group that you specify must include one or more inbound rules. Inbound rules must allow TCP and UDP access on port 53.

For more information, see Security Groups for Your VPC in the Amazon VPC User Guide.

IP addresses

The IP addresses that you want DNS resolvers on your network to forward DNS queries to.

Important

We recommend that you specify IP addresses in at least two Availability Zones. You can optionally specify additional IP addresses in those or other Availability Zones.

For each IP address, specify the following values. Each IP address must be in an Availability Zone in the VPC that you specified in VPC in the region-name Region.

Availability Zone

The Availability Zone that you want DNS queries to pass through on the way to your VPC. The Availability Zone that you specify must be configured with a subnet.

Subnet

The subnet that contains the IP address that you want DNS queries to pass through on the way to your VPC. The subnet must have an available IP address.

Specify the subnet for an IPv4 address. IPv6 is not supported.

IP address

The IP address that you want DNS queries to pass through on the way to your VPC.

Choose whether you want Resolver to choose an IP address for you from among the available IP addresses in the specified subnet, or you want to specify the IP address yourself.

If you choose to specify the IP address yourself, enter an IPv4 address. IPv6 is not supported.

Tags

Specify one or more keys and the corresponding values. For example, you might specify Cost center for Key and specify 456 for Value.

These are the tags that AWS Billing and Cost Management provides for organizing your AWS bill; you can use also tags for other purposes. For more information about using tags for cost allocation, see Use Cost Allocation Tags for Custom Billing Reports in the AWS Billing and Cost Management User Guide.