Verify DNS

Verify DNS Communication Between the Datacenter and VPCs

  1. In the AWS Management Console choose Services then select Systems Manager.

  2. From the menu on the left, Scroll down and select Session Manager. Session Manager allows us to use IAM role and policies to determine who has console access without having to manage ssh keys for our instances.

  3. In the main pane, click the Start session button. Pick The Datacenter Instance to shell into. You will now enter a bash shell prompt for that instance.

  4. Let Ping Every one second or so, you should see a new line showing the reply and roundtrip time.


sh-4.2$ ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=254 time=1.09 ms
64 bytes from icmp_seq=2 ttl=254 time=0.763 ms
64 bytes from icmp_seq=3 ttl=254 time=0.807 ms
64 bytes from icmp_seq=4 ttl=254 time=0.891 ms
64 bytes from icmp_seq=5 ttl=254 time=0.736 ms
64 bytes from icmp_seq=6 ttl=254 time=0.673 ms
64 bytes from icmp_seq=7 ttl=254 time=0.806 ms
+++ ping statistics +++
7 packets transmitted, 7 received, 0% packet loss, time 6042ms
rtt min/avg/max/mdev = 0.673/0.824/1.096/0.130 ms
  1. Since we dont allow pings the other way, lets test by using Session Manager to shell to NP1, and using dig to lookup a name provided by the Bind server in the Datacenter (test._your_domainname). It should return the private ip address of the Bind Server.


sh-4.2$ dig

; <<>> DiG 9.9.4-RedHat-9.9.4-61.amzn2.0.1 <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59048
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 4096
;                  IN      A

;; ANSWER SECTION:           60      IN      A

;; Query time: 5 msec
;; WHEN: Fri Feb 01 16:33:27 UTC 2019
;; MSG SIZE  rcvd: 57