Configure DHCP and DNS in an AWS Virtual Private Cloud

In this Ask the Admin, I’ll show you how to get internal DNS resolution working in an Amazon Web Services Virtual Private Cloud (VPC).

In Manage IP Addressing with Virtual Private Clouds in Amazon Web Services on the Petri IT Knowledgebase, I demonstrated how to provision virtual machines (Elastic Compute instances) in a VPC, which is the equivalent of a virtual network in Microsoft Azure. In contrast to classic EC2 instances, VMs associated with a VPC are assigned an internal private IP address that remains with them throughout their entire lifecycle, which is important for some server workloads.

Obtaining a static IP address is a good start, but you’ll also need to consider how to get DNS name resolution working so that you can locate not only resources on the Internet, but also other VMs in your VPC. If you decide to use the internal DNS names automatically assigned to each instance, internal name resolution works out-of-the-box. If you want to set up Active Directory in your VMs, you’ll likely want to use a Windows DNS server, installed on a domain controller or dedicated VM. In this case, the DHCP settings for the VPC need to be modified.

DHCP Option Sets

VPCs are assigned a DHCP options set that’s configured to provide name resolution for Internet connectivity, and the internal DNS names automatically assigned to each instance. Otherwise known as Amazon Provided DNS, this server occupies the second IP address of your VPC’s assigned address block. For example, my VPC has a 10.0.0.0/16 subnet configured, and the IP address for Amazon Provided DNS is 10.0.0.2.

Create a New DHCP Options Set using PowerShell

Before running the commands below, you’ll need to set up the AWS Tools for Windows PowerShell on your PC. For information on how to do this, see Provision Windows Server in Amazon Web Services using PowerShell on the Petri IT Knowledgebase.

Open a PowerShell console, type get-ec2vpc and press ENTER. In the cmdlet output, make a note of the VpcId you want to configure, and the DhcpOptionsId assigned to it. To make the rest of the tutorial easier, I’m going to put my VpcId into a variable: $vpcId = “vpc-4eeb372b”, replacing vpc-4eeb372b with your VPC ID.

Unless you’ve changed the default settings for your VPC, both DNS and DHCP options should be enabled.

​
If you find that

EnableDnsSupport

 isn’t set to

true

, enable it as follows:
​
To get a list of all the DHCP option sets in your AWS subscription, type

Get-EC2DhcpOption

 and press

ENTER

. We have already established the

DhcpOptionsId

of the DHCP options set currently assigned to our VPC, so to check how its configuration run the cmdlet below, replacing

dopt-2af8ef48

 with the

DhcpOptionsId

you want to query.
​
In the output, you’ll see that only

Amazon Provided DNS

 is configured. It’s not possible to modify an existing DHCP options set in AWS, so we’ll need to create a new one and associate with a VPC. To create a new DHCP option set, use the code below. I copied the value for the

domain name

 option,

us-west-2.compute.internal

, from the default DHCP option set we queried above, and

10.0.137.249

 is the IP address of the instance where I have my domain controller and AD integrated DNS installed.
Configure DHCP and DNS in an AWS Virtual Private Cloud
Add DNS servers to a DHCP options set (Image Credit: Russell Smith)

​
Now I need to register the DHCP options set with my VPC. Only one DHCP options set can be registered with a VPC.
​


Run

Get-EC2DhcpOption

 again and you’ll see a new DHCP options set in the list. Run the cmdlet below, replacing

dopt-9b8663fe

 with the

DhcpOptionsId

of the new options set in your subscription, to check it was configured as expected.
Configure DHCP and DNS in an Amazon Web Services Virtual Private Cloud
Check the configuration of a DHCP options set (Image Credit: Russell Smith)
You should see two values for

domain-name-servers

, the IP address you specified and AmazonProvidedDNS. Reboot VMs running in your VPC, or run

ipconfig /renew

 on each VM to update the DHCP settings. If you run

ipconfig /all

 in an affected VM, you’ll see the DNS servers assigned by DHCP have changed.