From the AWS docs:
Amazon Route 53 alias records provide a Route 53–specific extension to DNS functionality. Alias records let you route traffic to selected AWS resources, such as CloudFront distributions and Amazon S3 buckets. They also let you route traffic from one record in a hosted zone to another record.
A frequently asked question about Route 53 is Alias and CNAME records.
Either of these can be used when assigning domain names to AWS resources such as an ALB.
To test this I am using an ALB. I set up a simple scenario, here are the prerequisites:
- A web server instance using port 80 in a public subnet.
- A Route 53 hosted zone.
Create an ALB and target group. Register the instance with the target group. Copy and paste the DNS name of the ALB, (which looks like albname.xxxx.eu-west-1.elb.amazonaws.com) into a browser tab to verify that it works.
In Route 53, create a record set eg www.thetrainit.com. Choose “A” record from the drop down and choose Alias=Yes. In the Alias target, choose the name of the ALB from a dropdown.
Test access from a browser. It should work.
The clients local DNS server will be sending a query for www.thetrainit.com. Route 53 will find that it is mapped to the DNS name of the ALB and return the IP of the ALB.
Now to test using a record type of CNAME and Alias=No.
Delete the Route 53 record set and create a new one.
This time, choose CNAME from the drop down and Alias=No.
Copy and paste the DNS name of the ALB into the Value field.
Test it from a browser. It should also work.
The above test also works when using a Classic Load Balancer (still featured in the Architecting Professional exam at the time of writing (February 2020).
Now to explain why a record of type A and Alias=Yes is recommended:
When using the CNAME record, the clients LDNS server will query for www.thetrainit.com. Route 53 will return the CNAME value albname.xxxx.eu-west-1.elb.amazonaws.com. The LDNS server will send a second query for that, and AWS will return the IP of the ALB.
When using the record of type “A” and Alias=Yes, there is no second query. The browser will query for www.thetrainit.com and the IP will be returned.
In both cases, AWS ensures the returned IP is of a healthy ALB node.
The benefit of the type “A”, Alias=Yes record:
- There is no second query.
- An “A” Alias record can map to the zone apex (eg thetrainit.com) but CNAME cannot.
- Queries to the “A” Alias record are free.
When you choose Alias=No, you can choose a TTL. The default is 300 seconds. When you choose Alias=Yes there is no TTL field. It is 60 seconds. This is because the IP of the ALB is subject to change, for example if an ALB node fails and is replaced.
If using an ALB in a different account to Route 53, you will not see the resource in the drop down in the Value field. Instead, you can copy and paste the DNS name of the ALB.