1. Answers
  2. Resolving Domain Names from AWS to On-Premises Data Centers

How do I resolve domain names from AWS to on-premises data centers?

To resolve domain names from AWS to on-premises data centers, we need to set up an AWS Route 53 private hosted zone and configure a VPN connection to your on-premises network. This allows on-premises data centers to resolve domains defined in an AWS Route 53 hosted zone. The steps include creating a VPC, setting up a VPN, configuring the private hosted zone, and associating it with the VPC.

Here’s how you can do it:

  1. Create a VPC: This VPC will be associated with our Route 53 private hosted zone.
  2. Set up VPN Gateway: This will facilitate the connection between AWS and your on-premises network.
  3. Configure the Customer Gateway: Defines the information related to the on-premises gateway device.
  4. Create a VPN Connection: Establishes the actual connection between AWS and on-premises.
  5. Configure the Private Hosted Zone: Route 53 private hosted zone for internal DNS resolution.
  6. Associate the Hosted Zone with the VPC: Links the DNS for the VPC.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = new aws.ec2.Vpc("main", {cidrBlock: "10.0.0.0/16"});
const gw = new aws.ec2.InternetGateway("gw", {vpcId: main.id});
const r = new aws.ec2.RouteTable("r", {vpcId: main.id});
const example = new aws.ec2.Route("example", {
    routeTableId: r.id,
    destinationCidrBlock: "0.0.0.0/0",
    gatewayId: gw.id,
});
const mainVpcDhcpOptions = new aws.ec2.VpcDhcpOptions("main", {
    domainName: "example.com",
    domainNameServers: ["AmazonProvidedDNS"],
});
const a = new aws.ec2.VpcDhcpOptionsAssociation("a", {
    vpcId: main.id,
    dhcpOptionsId: mainVpcDhcpOptions.id,
});
const cgw = new aws.ec2.CustomerGateway("cgw", {
    bgpAsn: "65000",
    ipAddress: "203.0.113.1",
    type: "ipsec.1",
    tags: {
        Name: "CustomerGateway",
    },
});
const vpg = new aws.ec2.VpnGateway("vpg", {
    vpcId: main.id,
    tags: {
        Name: "VPNGateway",
    },
});
const vpn = new aws.ec2.VpnConnection("vpn", {
    customerGatewayId: cgw.id,
    vpnGatewayId: vpg.id,
    type: "ipsec.1",
    staticRoutesOnly: true,
    tags: {
        Name: "VPNConnection",
    },
});
const vpnRoute = new aws.ec2.Route("vpn_route", {
    routeTableId: r.id,
    destinationCidrBlock: "192.168.1.0/24",
    gatewayId: vpg.id,
});
const _private = new aws.route53.Zone("private", {
    name: "example.internal",
    vpcs: [{
        vpcId: main.id,
    }],
});

In this setup:

  • VPC and Subnet: Defines the isolated network within AWS.
  • Internet Gateway: Connects the VPC to the internet.
  • DHCP Options: Used to provide domain name resolution within the VPC.
  • Customer Gateway: Represents the on-premises gateway.
  • VPN Gateway: VPN endpoint on AWS side.
  • VPN Connection: Establishes the secure connection between AWS and on-premises.
  • Route53 Private Hosted Zone: DNS zone that will be associated with the VPC for internal resolution.

Conclusion

We’ve configured a setup to resolve domain names from AWS using Route 53, through a VPN connection to an on-premises data center. This includes setting up a VPC, creating an internet gateway, configuring VPN connections, and associating Route 53 private hosted zones for internal DNS.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up