All Amazon AWS Certified Cloud Practitioner certification exam dumps, study guide, training courses are prepared by industry experts. Amazon AWS Certified Cloud Practitioner certification practice test questions and answers, exam dumps, study guide and training courses help candidates to study and pass hassle-free!

Understanding Core AWS Services

33. Packet capture of DNS records through Wireshark

Hey everyone, and welcome back to the Knowledge Pool video series. Now in the earlier lecture we discussed the basic about what DNS is all about. Now in today's lecture, what we'll do is study the internal workings of how the query is being made and how the response has been received in terms of packet analysis. So let's just revise. Now in the earlier lecture, we had run a command called Nslooka on a domain name, which is zedora.com. Now in the answer, you got the answer associated with Zealaura.com, which is 103-916-2219 five.

So this is the IP address associated with Zealbora.com. Now what is the DNS server that gave us this specific answer? And the DNS server has this specific IP address. So if we want, what we can actually do is do a query on the specific DNS server itself. So there are various DNS servers that are available.

So this is one DNS server. This belongs to Linenode. I can also query another DNS server. So this is the Google DNS server, and the answer you will get will be similar in both cases. Now, in the upcoming lecture, we'll go over all of this in greater detail. But in today's lecture, I wanted to show you a few interesting things as well as some important ones. So there's one more command called dig that does similar things. But Dig provides much more systematic and detailed output. So if you do a dig on the domain name, which is zilvor.com, there are two important things to remember. You get a very nice output. Now there are two important sections over here. One is the question section over here, and the second is the answer section. So in the question section, you will see the question from Zilhour.com.

So this is the question that has been asked of the DNS server, and the DNS server gave an answer to it, which is the IP address. Now, along with this, Dig also shows various interesting things, like the query time, which is one millisecond. It provides information about which DNS server the question was directed to. And the DNS server is this specific one. Perfect. Now this is what we see as the front end. But when you talk about going back in, there are a lot of interesting things that happen when we look into the packet capture. So we'll open up the wireshark and see how exactly this would really work. So I'll type "wireshark," and this is the wireshark application. Perfect. So now, here, you will see there are three interfaces that are present. One is WiFi, and two are related to the virtual machine. Now in our case, since we'll be using WiFi, you can see that there are a lot of wireless packets that you will see over here.

So this is something that we'll be doing. Now, before that, I have a terminal over here, so this is the Windows Terminal. Now, if you just do a lookup in the Windows Terminal, it will basically give you the IP address of the DNS server. This is the default DNS server to which the request will be made. Now, in my case, this DNS server belongs to my ISP, which I'll be using. So just keep this in mind. We'll understand this in later details anyway. So let's do one thing. Let's start the packet capture. I'll select the WiFi interface, and I'll click on "Start packet capture," and this is the region where the packets will be displayed. You see, there are already certain packets that are coming. This belongs to various things like your browser, and there are various applications that are running. So I'll do Nslookup this time and let you do Kplapsin, and you'll see that I got a response, and this is the IPS associated with Kpops in. Perfect.

So this was the front end. Now let's look at the back end, back end. There are a lot of interesting things that have happened. So if you type DNS over here and a lot of other DNS queries, we are specifically looking at the DNS query that is associated with Kpopsin, which is this specific one. So this is the standard query. So you see a standard query, and after that, you have a standard query response. So this is the question section, and this is the answer section. So let's go ahead and click on the standard query. Now, in the source, you see the source IP address. So this is my laptop's IP address and destination. This is the IP address of the DNS server. So if you go to the domain name, you'll see the type of standard query. And there is only one question here. That means one question has been asked, and the answer is given under the query, "What is the IP associated with kplabs in?" So this is the question that has been asked.

Now, let me just minimize, and this is the question that has been asked by my laptop's IP address to the DNS server. Now, in response to this, the DNS server has given an answer. You can see that the DNS server has responded if you maximise it. And in the response section, let me just show you that if you see in the answers section, it has given me an answer saying that the IP address associated with Kplabs is 128, 199, 241, 225. And what tools like Nslookup or Dig do is display this specific value on the screen. Now, why does Suck do a very nice thing like say you don't really have to open this up? It will give you a brief summary in the information section itself, where this packet is a standard query, where the query is made for Kpops, and the second package is a standard query response. It tends to be the response for Kplabs and also the answer, which is 102, 819–9241, and 125. Perfect.

So I hope you got the basics of what really happens behind the scenes when you do a DNS-based lookup. Now, there is one more interesting thing that I would like to show you. Let's just start this up. So we'll just revise what we have seen, where we have a DNS client over here. So this DNS client can be a browser, a Nslookup tool, a dig tool, or various other tools. And you have a DNS server. Now, a DNS client will send a request to the DNS server, and this request will be like, "What is the IP address of Kplabson?" So this is called the standard query. Now, this will be sent to the DNS server. The DNS server will check the IP address associated with Kplabs, and it will send a response back saying the IP address is 128, 109, 92412, 5. So this is a very high-level overview of how exactly the standard query and standard response work. There are a lot of other details that happen behind the scenes, which we'll be discussing in the subsequent lecture.

34. Understanding DNS Records

Hey everyone, and welcome back to the Knowledge Port video series. Now, in the previous few lectures, we have been discussing the basics of DNS and have also looked into the wiretap packet capture to understand the DNS standard query and standard response. So, continuing on with our lectures on DNS, today we'll be speaking about DNS records. Now, understanding DNS records is very important because in the real world, this is something that you will be mostly working with. let's get started. Now, in very simple terms, DNS records are basically mapping files that are stored on a DNS server. We'll discuss this point when we go ahead with a practical demo. For example, suppose you have a kplabs. Now, Kplabs is associated with a specific IP address. Similarly, you have a subdomain called "IPA kpopin," which is associated with one more IP address. You have spacewalk kplab, which is linked to a different IP address. So you've got three records over here. So this is the first record. You have a second record, and you have a third record.

Now, these records are basically stored on a DNS server. So, as we did in the previous lecture, let's start with the fundamentals. So you have a DNS client, and you have a DNS server. A DNS client will send a request that is a standard query asking, "What is the IP address of kplabsoutin?" Now, how will the DNS server know what the IP address of a KPOP is? And the answer is that the DNS server has a table or a database that contains various records. So you have a record that has been checked in and a map. So the mapping associated with the domain is an IP address over here. As a result, the DNS server will query the underlying table. Now, when the client says, "What is the IP address of Kpabs?" The DNS server will go ahead and look. The IP address is 128, 199, 241, 125. Then it will respond to the client with this specific value. Perfect. Now let's look into what this specific console really looks like. Let me show you.

So, in the domain we were discussing, I have a domain called kplabs, and this is the table associated with kpops in the domain. So if you see over here, kplabs in, and in the answer, there is the IPS, which is associated over there, So, as an example, if you do an S lookup kplabs in, you will get the IP address that is present over here. 102, 819-9241, 125. Similarly, the IP address found here is similar. Let's do one thing. If you do a NS lookup, I'll say "demokplabs," and you'll see that I can't really find a specific answer. Now, the reason for this is because there is no specific value associated with demo kPlabs. If I only did demo kplabs. I cannot really find anything. So let's do one thing. I'll make some demo kPlabs, assign a random IP address, and then click Add Record. Okay? So now there is one record that has been added.

Along with that, if you see over here, I have various other records that are created. This is a record in NGINX kplabs, and it has a specific IP address. You have IPA keys and an IP address. So let's do one thing. Allow me to attempt NS. Look up Demo kplabs in again, and you'll see that I got the answer this time. Now, I hope you understand how this really works. So this DNS server associated with kpabsin has a backend file mapping. And this file mapping looks something like this. This is a graphical user interface, and the DNS server will respond with the answer as soon as we add it or perform a lookup for demo kplabsin. So this section is called the answer, and it will respond back with the value that is stored in the answer section. Perfect. So this is the basic information that I really wanted to show you related to DNS records.

Now, if you'll see over here, there are various types of DNS records. Over here, you have DNS records, you have A records, you have TXT records, and you have MX records. Then if you have MS, and there are various DNS records that are present over here, So I'll just forward this, and we'll go to the DNS records. So there are various types of DNS records. Each of the DNS records serves a specific purpose. So again, we have discussed that there are various types. You have A, C, name, alias, MX, Ms, PTR, soy, Txtra, and many others, as you have stated four times. So each of these DNS records serves a specific purpose. And when we work in a real-world scenario, we have to understand what type of DNS record will be needed for our organization. And this is very important because whenever you work from a practical point of view, you will be working on the DNS record type. Whenever you create a record, you have a number of DNS records from which to choose.

And if you do not really select the right type, then it will not work. So let me give you an example. Let's say I'll say "demo one," and here I'll copy "Zilboro.com." I'll put zilboro.com here in the answer section, and I'll click on "Add record." Now you can see that the Record Answer field is invalid. So every record type that is present has a specific format that has to be present in the answer section. You cannot use any random format. So as far as the A record is concerned, you need to have an IP address only. So if I change it to CNAME and if I click on "Add record now," you will see that it has taken this specific value. So I hope you understand the fundamentals of DNS records and the various types of DNS records. The last thing I would like to show you is that there are DNS records, which are unique. So there are various websites from which you can buy the domain names from.

You own godaddyou own name.com? Personally, I really like Name.com because it is very systematic, and I prefer it. But I have my domains with GoDaddy because it's very cheap the first time you buy it, like Rs 99 or $5 per year, for which you can buy a domain name. Now, one thing that you have to remember is that the domain name is unique. So if I do a Zelwora.com over here, you won't be able to get a duplicate name because I already have Zilvara.com. Okay? So Zilvara.com will not be able to be found because Zelda.com is already taken. But it will show you what the other extensions are that are available, like Zilboro Tin or Zilbora XYZ, etc. which you will be able to take once you buy this domain. Then you will be presented with this specific screen, which will be empty, and you will be filling these specific records according to your requirements. So I would really encourage you to buy a domain. Again, it is very cheap. It cost us one dollar the first time you bought it. So go ahead and buy the domain, and this will really help you understand how things really work.

35. Understanding Route53

Hey everyone, and welcome back. So in the past few lectures, we looked into the basics of DNS and DNS records. However, we were primarily dealing with demo-related issues related to managing DNS records on other providers such as Name.com at the time. So in today's lecture, we will be speaking about Route 53, which is basically a DNS service that AWS provides that is very similar to Name.com in certain aspects. And finally, we can get started with the practical sections as well.

So before we understand it, let's understand the two approaches to managing the DNS name servers: managed and unmanaged. What happens in unmanaged is that you can have your own DNS name servers, and then you can create your own zone files manually with the help of software like Named, which will help you do that. So everything you do is manual. So you don't really have that nice little GUI. You are a terminal worker. We have already seen certain examples of this. This is a very good approach as far as learning is concerned.

But if your primary work is not managing the DNS, then this is not a very ideal approach in the long term. This is why the management approach is effective. where you let the service providers manage the DNS name service for you and you can do everything through guides, so you don't have to worry about downtime, DNS slowness, and all those specs So the managed approach is quite good, and this is something that we will be looking into right now. We also have a course coming up on having our entire DNS server unmanaged.

So the entire course on DNS is coming up. So I'm pretty excited. Anyway, coming back to Route 53, AWS Route 53 is a managed cloud DNS service offered by AWS. Apart from standard DNS functionality that a service provider might offer, like Name.com, where you can create a record based on an A or C name, etc., Route 53, for example, goes a little further; it provides much better functionality, which is extremely useful, such as the launch of private hosted zones, health checks and monitoring, routing capabilities, handling GeoDNS DNS failures, and many, many more. I'm confident you'll enjoy it once we've gone over these details. But since today is the introductory lecture, we'll have a high-level overview.

So I'm logged into AWS, and I went through the Route 53 service. So Route 53, if you see it, is a global service and is not limited to a specific region. So there are a lot of features that Route 53 offers other than standard DNS management. It supports traffic management, health checks, and monitoring. You can even register your own domain on Route 53.

So let's start with DNS management. This is something we will be emphasising more, with the first thing you do in a DNS being to create your own zone. And this is something that we will be doing. I'll be creating a hosted zone over here. So let's click on "Create a hosted zone." The domain name is "Kplabsinternal," and I'll refer to it as an internal zone. Now in the type field, it is asking whether it has to be public or whether it needs to be private. So public is something like Kplabs, which is accessible to the entire internet. However, if you only want specific DNS to work within your internal or organisational environment, public is not the best option. Then you have to select the privately hosted zone.

So you have to select a privately hosted zone for Amazon VPC. And once you do that, you have to provide a VPC ID over here. So what we'll do is have an EC2 instance running in the Oregon region, and let's find out the VPC ID. So VPC ID ends with Phi EDA in Oregon. So let's select Oregon, and this is our VPC, which is Kplads Hyper New, and I'll click on Create. So what will happen is that this zone will get attached to this specific VPC.

So all the instances that are running in the VPC will be able to query the DNS records that are part of this specific hosted zone. So this is it for this lecture. Go ahead and create a private hosted zone. And in the following lecture, we will look at various aspects of how we can resolve the entries in this specific private hosted zone. This is it. About this lecture: I hope this has been informative for you, and I look forward to seeing you in the next lecture.

36. Route53 and VPC Integration

Hey everyone, and welcome back. Now in the earlier lecture we had created a private hostedzone in AWS Route 53 and we had attached it toa VPC on which this EC Two instances running. Now, since this is a private hosted zone, the entries that we create in this specific zone will only be resolveable for the instances within the VPC. So anyone who is outside of the VPC by default will not be able to resolve these specific entries. So there is one important thing that we have to do.

So if you just click over here, there is an important section where it says to use private hostage zones. You must set the following VPC settings to be true: enabled DNS host names and enabled DNS support. If these settings are false, you will be unable to resolve the entries in this private hosted zone. So let's do one thing. Let's go to the VPC, and we'll make sure that our configuration is true for both of these parameters. So just select the VPC where your instances are; in my case, it is Kplabs's hyper-new VPC. And there are two important parameters. Edit DNS resolution and Edit DNS host names are two examples. So, click on this and check the Edit DNS resolution box.

Click Save, and double-check that your DNS host name is also yes. It is set to no by default. Ascertain that this is also true. So once you have ensured that this is working perfectly, we can now go ahead and log into the EC2 instance. So this is my EC2 instance, which is part of the VPC, and this EC2 instance is something that we'll be using for resolving records in the private hostel zone. Perfect. So let's click here and create our first record set. So, let's call it a private KP lapse internal. And in the value set, let's give 100 to 510.

Okay? You can leave these things as defaults. Now what has happened is that your record, which is of type A, was created with this specific value. Now, Route 53 is very similar to other DNS providers as far as the basic DNS records are concerned. So there are various types within the type you see, such as a record and a C name. It also gives you a nice little description. As an example, consider IPV-4 addresses. Quadruple A has six IPV addresses, text records, SOA pointers, and many other features, so they are very similar. So you can go ahead and do the testing that we have been doing in the earlier lecture once Route 53 is created. So let's do one thing. Let's test this out and verify whether we are able to resolve this specific entry from our EC2 instance. So I'll click on NS, lookup, and it's a private Kplabs internal.

And here you see that I am able to resolve this specific entry. Now, let's do one thing. Let me try to resolve this entry directly from a laptop. So, now that I've installed private KPLabs Internet, we'll see if we can resolve. And you see, we are actually notable for having resolved this specific DNS entry. The reason why is because this is part of the privately hosted zones. So this is it. About this lecture: Go ahead and enable the DNS support for VPC, create a record set, and make sure that you are able to resolve. The entry is from your EC2 instances. This is it. About this lecture: I hope this has been informative for you, and I look forward to seeing you in the next lecture.

AWS Certified Cloud Practitioner certification practice test questions and answers, training course, study guide are uploaded in ETE files format by real users. Study and pass Amazon AWS Certified Cloud Practitioner certification exam dumps & practice test questions and answers are the best available resource to help students pass at the first attempt.