DNS Forwarding Amazon Route 53 with Resolver Rules

Amazon Route 53 is a highly available and scalable DNS service offered by Amazon Web Services (AWS). One of the key features of Amazon Route 53 is the ability to forward DNS queries to specific IP addresses using Resolver Rules. In this article, we will discuss how to configure DNS forwarding in Amazon Route 53 via one Elastic IP address (EIP) to use Securd DNS.

Using Securd's DNS will prevent malicious domain activity connecting to C2 domains, DGAs, compromised sites, and low reputation domains. By configuring Amazon Route 53 to forward DNS queries Securd, administrators can improve the security of their networks and discover when high risk domains are being resolved by cloud assets.

Here's an overview of the process:

Step 1: Allocate a new Elastic IP address

To begin, log in to your AWS account and open the Amazon VPC console. From the navigation pane, choose "Elastic IPs" and Allocate a new Elastic IP address.

Step 2: Create a Virtual Private Cloud (VPC) and configure a NAT gateway or a Network Interface

Create a Virtual Private Cloud (VPC) and configure a NAT gateway, or a Network Interface (ENI) in the VPC.

Step 3: Associate the Elastic IP address with the NAT gateway or Network Interface.

Associate the Elastic IP address with the NAT gateway or Network Interface. This will ensure that all traffic going through the NAT gateway or Network Interface will be coming from this Elastic IP address.

Step 4: Update your Route 53 Resolver rules

Open the Amazon Route 53 console. In the navigation pane, choose "Resolver" and create a new Resolver rule. In the "Rule" section, specify a name for your rule. In the "Target IP addresses" section, add Securd IPv4 and IPv6 Addresses (found in the top tab of the portal), and the Elastic IP address you associated with the NAT gateway or Network Interface. Choose "Create" to create the rule.

Step 5: Create a Site with your Elastic IP address

Copy the public Elastic IP address, follow the procedure to Configure a Static IP Site to use Securd.

Step 6: Verify your configurations

Once this is done, all external DNS requests will come from the Elastic IP address, which is a static, public IP address that you have control over. Once DNS requests are accepted by Securd, you can view and search your DNS logs in real-time.

Note: This solution will only work for traffic that goes through the NAT gateway or Network Interface, it won't work for traffic that is coming from the internet that doesn't pass through the VPC.

Configuring Amazon Route 53 to forward DNS queries via one Elastic IP address (EIP) to use will improve the security of your Amazon networks and protect against malicious activity. By following the above steps, you should now be able to configure DNS forwarding in Amazon Route 53 via one Elastic IP address (EIP) to use Securd over IPv4 and IPv6.