Last Update: Sep 04, 2024 | Published: Dec 02, 2014
In this Ask the Admin, I’ll show you how to get internal DNS resolution working in an Amazon Web Services Virtual Private Cloud (VPC).
In Manage IP Addressing with Virtual Private Clouds in Amazon Web Services on the Petri IT Knowledgebase, I demonstrated how to provision virtual machines (Elastic Compute instances) in a VPC, which is the equivalent of a virtual network in Microsoft Azure. In contrast to classic EC2 instances, VMs associated with a VPC are assigned an internal private IP address that remains with them throughout their entire lifecycle, which is important for some server workloads.
Obtaining a static IP address is a good start, but you’ll also need to consider how to get DNS name resolution working so that you can locate not only resources on the Internet, but also other VMs in your VPC. If you decide to use the internal DNS names automatically assigned to each instance, internal name resolution works out-of-the-box. If you want to set up Active Directory in your VMs, you’ll likely want to use a Windows DNS server, installed on a domain controller or dedicated VM. In this case, the DHCP settings for the VPC need to be modified.
VPCs are assigned a DHCP options set that’s configured to provide name resolution for Internet connectivity, and the internal DNS names automatically assigned to each instance. Otherwise known as Amazon Provided DNS, this server occupies the second IP address of your VPC’s assigned address block. For example, my VPC has a 10.0.0.0/16 subnet configured, and the IP address for Amazon Provided DNS is 10.0.0.2.
Before running the commands below, you’ll need to set up the AWS Tools for Windows PowerShell on your PC. For information on how to do this, see Provision Windows Server in Amazon Web Services using PowerShell on the Petri IT Knowledgebase.
Open a PowerShell console, type get-ec2vpc and press ENTER. In the cmdlet output, make a note of the VpcId you want to configure, and the DhcpOptionsId assigned to it. To make the rest of the tutorial easier, I’m going to put my VpcId into a variable: $vpcId = “vpc-4eeb372b”, replacing vpc-4eeb372b with your VPC ID.
Unless you’ve changed the default settings for your VPC, both DNS and DHCP options should be enabled.
If you find that
EnableDnsSupport
isn’t set to
true
, enable it as follows:
To get a list of all the DHCP option sets in your AWS subscription, type
Get-EC2DhcpOption
and press
ENTER
. We have already established the
DhcpOptionsId
of the DHCP options set currently assigned to our VPC, so to check how its configuration run the cmdlet below, replacing
dopt-2af8ef48
with the
DhcpOptionsId
you want to query.
In the output, you’ll see that only
Amazon Provided DNS
is configured. It’s not possible to modify an existing DHCP options set in AWS, so we’ll need to create a new one and associate with a VPC. To create a new DHCP option set, use the code below. I copied the value for the
domain name
option,
us-west-2.compute.internal
, from the default DHCP option set we queried above, and
10.0.137.249
is the IP address of the instance where I have my domain controller and AD integrated DNS installed.
Now I need to register the DHCP options set with my VPC. Only one DHCP options set can be registered with a VPC.
Run
Get-EC2DhcpOption
again and you’ll see a new DHCP options set in the list. Run the cmdlet below, replacing
dopt-9b8663fe
with the
DhcpOptionsId
of the new options set in your subscription, to check it was configured as expected.
You should see two values for
domain-name-servers
, the IP address you specified and AmazonProvidedDNS. Reboot VMs running in your VPC, or run
ipconfig /renew
on each VM to update the DHCP settings. If you run
ipconfig /all
in an affected VM, you’ll see the DNS servers assigned by DHCP have changed.