Each Amazon Route 53 hosted zone is associated with four name servers, known collectively as a delegation set. By default, the name servers have names like ns-2048.awsdns-64.com. If you want the domain name of your name servers to be the same as the domain name of your hosted zone, for example, ns1.example.com, you can configure white-label name servers, also known as vanity name servers or private name servers.
Prerequisite
You must install and configure AWS CLI with the IAM user.
Create a reusable delegation set
Run the following command on your terminal to create a reusable delegation set that will be used every time you register a hostname to use your white-label name servers.
$ aws route53 create-reusable-delegation-set --caller-reference MyDelegationSet
The MyDelegationSet should be anything unique and easy to remember. The above command will output the following:
{
"Location": "https://route53.amazonaws.com/2013-04-01/delegationset/N37R7O8I61415K",
"DelegationSet": {
"NameServers": [
"ns-1184.awsdns-20.org",
"ns-1707.awsdns-21.co.uk",
"ns-874.awsdns-45.net",
"ns-204.awsdns-25.com"
],
"CallerReference": "MyDelegationSet",
"Id": "/delegationset/N37R7O8I61415K"
}
}
Take note of the Id and NameServers for future reference. These values are required every time you add a new domain to use the while-label name servers. If you forget and need to see it again, run the following command:
$ aws route53 list-reusable-delegation-sets
Obtain IPv4 and IPv6 addresses
We need to get IPv4 and IPv6 addresses for the name servers we registered in the previous step. There are multiple ways to do so, depending on your operating system.
In the case of Ubuntu, you can use the host or dig command.
$ host ns-1184.awsdns-20.org
ns-1184.awsdns-20.org has address 205.251.196.160
ns-1184.awsdns-20.org has IPv6 address 2600:9000:5304:a000::1
$ host ns-1707.awsdns-21.co.uk
ns-1707.awsdns-21.co.uk has address 205.251.198.171
ns-1707.awsdns-21.co.uk has IPv6 address 2600:9000:5306:ab00::1
$ host ns-874.awsdns-45.net
ns-874.awsdns-45.net has address 205.251.195.106
ns-874.awsdns-45.net has IPv6 address 2600:9000:5303:6a00::1
$ host ns-204.awsdns-25.com
ns-204.awsdns-25.com has address 205.251.192.204
ns-204.awsdns-25.com has IPv6 address 2600:9000:5300:cc00::1
Make a note of these values too. You will need them later.
Create a hosted zone for the domain
Now it is time to create a hosted zone for the domain you want to use for the vanity name servers. If you already created the hosted zone using Route 53 web interface for this domain, you must delete it before proceeding with this step.
Make sure to take note of old host records (especially MX or SPF records), as you will need to recreate those records after this step. Run the following command to create a new hosted zone:
$ aws route53 create-hosted-zone --delegation-set-id /delegationset/N37R7O8I61415K --name example.com --caller-reference MyHostedZone
MyHostedZone can be any value you want to use as a reference for the newly created hosted zone. The above command will output the following:
{
"HostedZone": {
"ResourceRecordSetCount": 2,
"CallerReference": "MyHostedZone",
"Config": {
"PrivateZone": false
},
"Id": "/hostedzone/6Q3UU0J2ZS4BD",
"Name": "example.com."
},
"DelegationSet": {
"NameServers": [
"ns-1184.awsdns-20.org",
"ns-1707.awsdns-21.co.uk",
"ns-874.awsdns-45.net",
"ns-204.awsdns-25.com"
],
"CallerReference": "MyDelegationSet",
"Id": "/delegationset/N37R7O8I61415K"
},
"Location": "https://route53.amazonaws.com/2013-04-01/hostedzone/6Q3UU0J2ZS4BD",
"ChangeInfo": {
"Status": "PENDING",
"SubmittedAt": "2018-10-20T09:26:50.314Z",
"Id": "/change/C2XMQ1GNRL5BS"
}
}
Save the HostedZone > Id for future use.
Create records for white-label name servers
Now login to the AWS web console and go to Route 53 service to create IPv4 and IPv6 records for white-label name servers. Click on the Hosted Zones and then on the zone name you just created in the last step (in our case example.com). Create the following eight records:
- One A record for each white-label name server
- One AAAA record for each white-label name server
For example, for ns-1184.awsdns-20.org, we will create one A records with name ns1.example.com and value 205.251.196.160 and another AAAA record with name ns1.example.com and value 2600:9000:5304:a000::1. Similarly, create the remaining six records for the other three name servers.
Update NS and SOA records
Make a note of the default NS record value so you can revert to these name servers if required. Replace the name of the Route 53 name servers with the names of your four white-label name servers:
ns1.example.com
ns2.example.com
ns3.example.com
ns4.example.com
Update the SOA record by replacing the name of the Route 53 name server with the name of one of your white-label name servers. The default SOA record is something like the following:
ns-1184.awsdns-20.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
Replace the default value with the following:
ns1.example.com. hostmaster.example.com. 1 7200 900 1209600 60
Create glue records and change the registrar's name servers
Change the name servers for the domain to the names of your white-label name servers. Create four glue records for which the names and IP addresses match the values you got in the previous step. Include both the IPv4 and the IPv6 address for a white-label name server in the corresponding glue record, for example:
| Nameserver | IPv4 (A) | IPv6 (AAAA) |
|---|---|---|
| ns1.example.com | 205.251.196.160 | 2600:9000:5304:a000::1 |
| ns2.example.com | 205.251.198.171 | 2600:9000:5306:ab00::1 |
| ns3.example.com | 205.251.195.106 | 2600:9000:5303:6a00::1 |
| ns4.example.com | 205.251.192.204 | 2600:9000:5300:cc00::1 |
Glue record creation varies depending on your primary domain name registrar. If you're using Amazon Route 53 as your DNS service provider, follow this article.
Using white-label name servers
If you want to use your private name servers for other domains, you create a hosted zone using the same delegation set. For example, if you need to use white-label name servers for example.net, run the following command:
$ aws route53 create-hosted-zone --delegation-set-id /delegationset/N37R7O8I61415K --name example.net --caller-reference MyHostedZone2
Next, update the NS and SOA records for example.net with the same values you used for example.com. For example.net, you do not need to create glue records.
✌️ Like this article? Follow me on Twitter and LinkedIn. You can also subscribe to RSS Feed.
