Amazon Elastic IP + EC2 - dns

I have set up an EC2 instance and an Elastic IP which is associated to the instance. I have also set an A record in my DNS provider's Zone editor so that the domain name points to the elastic IP e.g. example.com = 123.123.123.123.
After reading many posts, this seems like it should be enough to work but my domain name still isn't resolving. I can't even ping the IP address! Weirdly I CAN ssh into the EC2 instance via the elastic IP and everything seems fine, except that my domain name doesn't resolve to the EC2 instance!
Any thoughts?

DNS names take a while to propagate so that is probably your first issue.
Go to http://www.whatsmydns.net/ and enter your domain name. If all of the locations are returning with the correct ip then you can safely assume its not a DNS propagation issue.
Enable ICMP rules in the security group. If using the aws console create a new rule for "All ICMP" with a source of "0.0.0.0/0". Enabling this creates a security risk for your server so only enable this temporarily while testing. At this point you should be able to ping your instance.
If using HTTP or HTTPS enable the correct ports on the security group for those protocols and as long as the instance is configured correctly with Apache you should be up and running.

Please check your EC2 security group & make sure desired ports are open

Related

EC2 box ssh using new hostname

I have an ec2 box, it is an ubuntu 18.04 OS. I can using "ssh -i {pemfile} ubuntu#{ip address}" also "ssh -i {pemfile} ubuntu#{ip-ipaddress.us-east-2.compute.internal}" from another EC2 box. Now I wanted to change the hostname and use it in ssh. I followed some of linux and AWS articles AWS Article and changed /etc/hostname and /etc/hosts file. Can not use route 53 DNS entry as per requirement.
/etc/hosts = 10.0.1.190 dev-host.example.trade
/etc/hostname = dev-host.example.trade
Getting below error "ssh -i {pemfile} ubuntu#dev-host.example.trade"
ssh: Could not resolve hostname dev-host.example.trade: Name or service not known.
As you’ve made the changes on the server only these will only be resolvable on that host (otherwise anyone could use any domain).
There are a few options you can take if you want to use a custom domain name.
The obvious one is you can use a domain you control, this will allow it to resolve across any hosts that are able to resolve your public DNS. If you don’t own a domain you can purchase one through a registrar (such as Route 53).
The second option is to look at using Route 53 private hosted zones. By attaching to your VPC you can set DNS records that resolve within your VPC. If you want these records to resolve in a hybrid network you would need to look at adding a DNS resolver.
The third option is to look at using a resource that can resolve the domain name, to do this you would either join a domain (using a service such as managed active directory or simple directory), or you could setup an EC2 host to resolve DNS. This is an expensive solution and the most complex if you’re using a hybrid architecture.
Take a look at the Centralized DNS management of hybrid cloud with Amazon Route 53 and AWS Transit Gateway post for more information about hybrid DNS
Your local machine knows nothing about changes you've made to the EC2 configuration. Those changes are local to the EC2 instance.
One way to connect to your cloud instance via a DNS name like dev-host.example.trade is to associate an elastic IP to the EC2 instance. Elastic IPs persist even if the instance is rebooted.
Next, create a new A-type DNS record at your DNS provider pointing to the newly issued IP address.
You can now connect to the server with the DNS name.

Setting the Alias Target in Route53 to an single EC2 with an IPv4 Address

I wanted to create an Alias record that simply points my naked domain name (zone apex) to a simple elastic IP address associated with a single EC2 instance. But that type of target isn't valid. It looks like the Alias Record targets are only limited to
Elastic Load Balancers (ELB's)
S3-Endpoints
Cloudfront Distributions
Other DNS Record Sets.
Can anybody shed some theoretical light as to why I am unable to use the A-record to point the domain to a simple EC2 with an ip address? Thanks.
Basic DNS 101
Yes. Create an A record containing the IP address of your instance. It isn't an alias, and it shouldn't be an alias.
Your issue is that your web server itself or Wordpress is misconfigured and is actively issuing redirects to what it wrongly believes to be the correct/desired name, which has nothing to do with how this A record is provisioned. Review your response headers and you will find a 30x HTTP response coming from your web server.

How to access a site on AWS EC2 without a domain name

I just created a new site on my IIS on Amazon's EC2 and I was wondering if there is a way to access it publicly without assigning a domain.
In detail. I created a new site dev.example.com which is accessible when I am logged in my instance. Is there a way to access it outside by doing let's say 54.xxx.xx.xxx:80:dev.example.com
I don't know if that's even possible so any hints are appreciated
You can definitely do this, but here's what you'll need to do:
Make sure IIS is configured to route any incoming connection on a particular IP address to your site. This is distinct from IIS specifically listening for a particular hostname (e.g. mywebsite.com).
As an alternative to the above, you could also manually set your DNS on your local computer and then use your web browser to visit mywebsite.com. From IIS's perspective, a user will have requested mywebsite.com just as if public DNS were set
As far as the IP address you visit, your instance will either have an ephemeral Public IP Address which will be reset when the instance is stopped and started, or an Elastic IP Address, which persists across restarts.
As #Anthony Manzo mentioned, you'll need to make sure that your Security Group associated with this instance allows Port 80. In addition, you may want to disable Windows Firewall completely (or check that it allows Port 80 on all three "Zones" (Windows Firewall has 3 different zones to manage).
Afaik the IP addresses assigned to EC2 instances can change throughout its lifetime and therefore you should instead generate an Elastic IP Address (which will always direct to your instance). That way, you don't have to deal with DNS yourself and still are always able to connect to your instance.
Have a look at the "Security Groups" on the left hand of your EC2 web console. You'll have to allow TCP 80 (and whatever else) in the Security Group (probably 'default') first.

DNS - Trying to map subdomain to site on EC2

I have a problem where I can't browse a website hosted on an Amazon EC2 IIS instance by domain name. I can browse it by the public elastic IP address I assigned to the instance.
I created a DNS A record pointing a sub domain to the public Elastic IP address. www.whatsmydns.net shows that it is propagated. However, I can't ping my subdomain (ping cannot find the host).
In IIS I created a binding for my subdomain pointing to the private IP address for the elastic IP.
I don't think it matters, but I also created a binding for an empty host name and * for the IP address to be able to connect by the public IP.
I'm completely new to EC2 and thought I wasn't doing something correctly with the elastic IP and/or IIS binding but it's troubling that I can't ping the subdomain. Or, maybe that is expected since I can't browse the site either.
Where have I gone wrong? What should I try/check next?
You can't ping the EC2 instance because by default the security group assigned to your EC2 instance will be blocking ping. To unblock it, modify your security group and add a Custom ICMP Rule to allow Echo Request and Echo Reply.
As for getting your DNS to work within IIS, if I were you to start with, I'd remove all bindings from IIS and then see if you get anything when using your subdomain.
Double check that your subdomain definitely resolves to your elastic IP, you can do this through a command prompt, e.g. nslookup subdomain.domain.com

Can you use a custom DNS server within EC2?

I need to set up a custom DNS server within EC2. I have one instance that acts as the DNS server, and N other instances that use this DNS server to connect to one another. Is this posible? Basically, I need to modify the DHCP settings for the N instances so that they connect to the DNS server. I can't find any good documentation on modifying the DHCP settings for an instance.
Note: I did find some documents, but they seem to only apply to Amazon VPC. Is there any way to do this without using VPC?
Short answer - no. You need a VPC. But once you have the VPC created - you can effectively do whatever you like with it.
Long answer - traditional AWS hosting gets an address directly from Amazon. This means you've got no control whatsoever of the IP addresses.
New accounts however come with a VPC by default, which means you can install a machine to act as a DNS server. (And I've done this in the past using Windows Active Directory)

Resources