I have a domain called "foo.com" that is currently managed by GoDaddy. Within my AWS Virtual Private Cloud (VPC), I have two services: db.foo.com and api.foo.com.
I want to set up a private zone in Amazon Route 53 that only includes these two entries:
- db.foo.com --> 10.0.1.201
- api.foo.com --> 10.0.1.202
However, entries like www.foo.com and app.foo.com do not reside in AWS. My question is whether I need to add these entries to the private host DNS for the VPC in addition to the GoDaddy DNS. Alternatively, can Route 53 be configured with DNS resolver rules to check the private DNS first and then forward the query to the "default" DNS if the entry is not found?
So the lookup follow for www.foo.com ideally would be:
- lookup www.foo.com in route53 private dns => NOT FOUND
- forward to godaddy dns or the true "SOA" for foo.com
It is possible. It's called Split-view DNS. A public and private DNS with the same name. I've done this before in R53, not sure if it will work if the public domain is in another provider. But I think it will. And you don't need extra configuration.
Checkout this Split-view DNS for explanation and example.