4

In AWS, I have created a VPC lets call it "myVPC".

I have 2 instances inside a public subnet in myVPC with auto-set private IP addresses below:

  • 10.0.0.10
  • 10.0.0.11

ICMP is open by setting correct Security Groups to the instances.

I created a Private Hosted Zone with name "myCompany.local" for myVPC, in Route53 with A records below:

  • A.myCompany.local -> 10.0.0.10
  • B.myCompany.local -> 10.0.0.11

DNS resolution and DNS hostnames are Enabled on this Private Hosted Zone.

I SSH to 10.0.0.10 and try to ping the other server. Ping with IP address (10.0.0.11) is successful, but ping with the DNS name (B.myCompany.local) fails with the message below:

ping: B.dashbrace.local: Temporary failure in name resolution

My purpose is to be able to use DNS names to connect to other servers inside myVPC network. Can you please mention what is the issue here? Do I need to do anything more? I see that each instance comes with a private DNS. Do I need to change the private DNS for them, and If I should how?

Shnd
  • 275
  • 3
  • 11
  • Isn't `.local` a magic value, reserved for multicast DNS? You may want to try with a different choice like `.internal`. – Michael - sqlbot Jun 28 '19 at 14:57
  • It seems that you are right. The interesting thing is that, myCompany.local private hosted zone is automatically changed to myCompany.com private hosted zone. myCompany.com, myCompany.internal hosted zones works but myCompany.local doesn't work. Thank you Michael – Shnd Jun 28 '19 at 18:37

2 Answers2

7

It seems that .local is treated differently. Creating new private hosted zones with myCompany.com and myCompany.internal works perfectly.

Shnd
  • 275
  • 3
  • 11
  • 1
    I wish this was documented somewhere. wasted so much time – AaronHS Dec 29 '20 at 02:01
  • RFC6762 says, "Any DNS query for a name ending with ".local." MUST be sent to the mDNS IPv4 link-local multicast address 224.0.0.251 (or its IPv6 equivalent FF02::FB)." AWS ECS defaults to using `.local` as a Service Discovery namespace, which prevents resolvers that follow RFC6762 (such as Ubuntu's systemd-resolved) from querying Route 53 for service discovery. – roderickm Jun 30 '21 at 17:18
0

If you're using a private hosted zone DNS hostnames needs to be enabled for the VPC. You can find more information on using DNS with your VPC here.

Nathan L.
  • 41
  • 1
  • 1
  • 6