Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

💝 Valentine's Sale! Get 30% OFF Any Reviewer. Use coupon code: PASSION-4-CLOUD & 10% OFF Store Credits/Gift Cards

Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified DevOps Engineer Professional Please explain “route table to allow Route 53 to send requests” part

  • Please explain “route table to allow Route 53 to send requests” part

  • Viktorrr

    Member
    February 2, 2025 at 7:03 am

    In the question below, correct answers are marked as 2 and 3. The answer 3 states “Configure the network access control list and the route table to allow Route 53 to send requests to the endpoints specified in the health checks”. While I get it about NACL, I’m confused about the route table configuration to make Route53 health checks work. Please elaborate on this.

    ========================================================
    Category: DOP – Configuration Management and Infrastructure as Code

    A financial company has several accounting applications that are hosted in AWS and used by thousands of small and medium businesses. As part of its Business Continuity Plan, the company is required to set up an automatic DNS failover for its applications to a disaster recovery (DR) environment. They instructed their DevOps team to configure Amazon Route 53 to automatically route to an alternate endpoint when their primary application stack in us-west-1 region experiences an outage or degradation of service.

    What steps should the team take to satisfy this requirement? (Select TWO.)

    1 – Set up a record in Route 53 with a Weighted routing policy configuration. Associate the record with the primary and secondary record sets to distribute traffic to healthy service endpoints.

    2 – Use a Failover routing policy configuration. Set up alias records in Route 53 that route traffic to AWS resources. Set the “Evaluate Target Health” option to “Yes”, then create all of the required non-alias records.

    3 – Set up health checks in Route 53 for non-alias records to each service endpoint. Configure the network access control list and the route table to allow Route 53 to send requests to the endpoints specified in the health checks.

    4 – Set up a CloudWatch Alarm to monitor the primary Route 53 DNS endpoint and create a custom Lambda function. Execute the “ChangeResourceRecordSets” API call using the function to initiate the failover to the secondary DNS record.

    5 – Set up a record in Route 53 with a latency routing policy configuration. Associate the record with the primary and secondary record sets to distribute traffic to healthy service endpoints.

  • Nikee-TutorialsDojo

    Administrator
    February 3, 2025 at 9:16 am

    Hello Viktor,

    Thank you for your question! In the context of Route 53 health checks, it’s essential to understand the role of both the network access control list (NACL) and the route table when setting up DNS failover.

    The reason why option 3 is correct is that Amazon Route 53 needs to send health check requests to the endpoints you specify in your configuration. To do this, the route table must be properly configured to ensure that Route 53 can reach those endpoints. Specifically, if the health check endpoints are in a Virtual Private Cloud (VPC) or any other network segment, the route table must include the correct routes that allow traffic to reach the appropriate IP addresses or resources. Without these correct routes, Route 53 wouldn’t be able to perform the health checks and determine whether the endpoints are healthy or not.

    In addition to the route table, the network access control list (NACL) plays a critical role in controlling the flow of traffic to and from your endpoints. You need to ensure that the NACLs allow the appropriate inbound and outbound traffic for health check requests, otherwise, Route 53 will not be able to verify the health status of your endpoints, which could affect the failover process.

    By configuring both the route table and the NACL, you’re making sure that Route 53 has the proper network access to perform health checks and automatically failover to a secondary endpoint if necessary, thus fulfilling the requirement for automatic DNS failover in the event of an outage or service degradation.

    I hope this helps clarify the reasoning behind the correct answer! If you have any more questions, feel free to ask.

    Regards,

    Nikee @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now
Skip to content