DNS resolution between Stax-created VPCs is performed using Amazon Route 53's Private Hosted Zones (PHZ). Once you configure a PHZ suffix on your Networking Hub, and PHZ prefixes on your VPCs, you will be able to perform DNS resolution between them.
For example, a PHZ suffix of example.cloud with a VPC prefix of prod-website would allow resolution of hostnames across the Networking Hub by using DNS names such as web-server-16.prod-website.example.cloud.
Instances and resources within your AWS VPCs must be using the default AWS DNS resolver IP address to utilize the Stax DNS implementation.
DNS Resolution between AWS and On-Premises Networks
A Stax Network can utilize AWS Route 53 Resolver endpoints to resolve DNS requests between AWS and on-premises.
To utilize Route 53 Resolver Endpoints there must be a networking link between AWS and your on-premises network, using either AWS Direct Connect or a Site-to-Site VPN.
The Stax Network will use the Outbound Route 53 Resolver Endpoint in combination with Route 53 Resolver Rules to forward DNS requests from AWS to the on-premises DNS server.
For on-premises resources to resolve AWS resources you must configure your on-premises DNS server to forward requests to the internal IP addresses of the Inbound Route 53 Resolver endpoint.
DNS Resolvers
Creating a DNS Resolver within your Stax Networking Hub will provision two Amazon Route 53 Resolver endpoints within your Networking Hub's Transit VPC: one for inbound DNS requests, and the other for outbound DNS requests.
You can choose to provision either two or three network interfaces per DNS resolver, depending on the number of availability zones your Networking Hub is configured to utilize.
The Inbound Route 53 Resolver endpoint receives DNS requests forwarded from your on-premises DNS servers. DNS requests to this endpoint use the AWS DNS Resolver of the Transit VPC to resolve the query.
The Outbound Route 53 Resolver endpoint forwards DNS requests to your on-premises DNS servers based on DNS Rules you configure.
DNS Rules
Creating a DNS Rule within your Stax DNS Resolver will create a new Forwarding Route 53 Resolver Rule and automatically associate it with all VPCs within the Stax Networking Hub.
A DNS Rule contains a domain name and a list of target IP addresses. Each DNS request to the AWS DNS Resolver within a VPC that matches the domain name of a DNS Rule will be forwarded to one of the target IP addresses for resolution.
A Route 53 Resolver Rule takes precedence over a PHZ for DNS resolution.
When should I use this?
DNS Resolvers are a simple, low maintenance approach to connecting your AWS resources to on-premises and vice versa. It enables your on-premises servers to resolve any AWS Private Hosted Zone that is associated with your Transit VPC.
By using DNS Resolvers you are able to retain your existing on-premises DNS servers (and their configuration), whilst taking advantage of the features of Amazon Route 53. For example, your AWS deployed applications can manage their DNS records with code and have full control over their specific DNS records without impacting everything else.