Need information about AWS four name servers [closed]

Solution 1:

No, they're not located in the same place, and in fact, there are not actually only 4 of them assigned to your hosted zone. There are 4 authoritative nameservers, each with 1 IP address, but there are actually many more than 4 servers around the world doing the work for you.

IP address gecoding (assuming that's what you mean by "checked") is not exact. If that's what you're referring to, disregard that result.

Or, perhaps you're doing a traceroute. This, too, shouldn't be meaningful.

The IP addresses used by Route 53 addresses are anycast addresses -- meaning that they are IP addresses which, unlike normal (unicast) addresses, actually appear at multiple different places on the Internet.

This means not only will any geocoding result be meaningless, but if you access one of the servers from where you are, and I access the exact same IP address from where I am, there's a good chance we are actually talking to different servers in different data centers. Running a traceroute doesn't help much, either, because the location accessible to you is subject to change as well.

Q. Does Amazon Route 53 use an anycast network?

Yes. Anycast is a networking and routing technology that helps your end users’ DNS queries get answered from the optimal Route 53 location given network conditions. As a result, your users get high availability and improved performance with Route 53.

https://aws.amazon.com/route53/faqs/

So, no, they're not in the same location in any meaningful sense, even if it appears that they are.


Bonus material:

Similarly, the ns-xxxx.awsdns-yy.* hostnames use four different TLDs, .com, .net, .org, and .co.uk, and this is also unrelated to location.

This is for protection against administrative misconfiguration and global Internet infrastructure breakdowns.

With four independent domains involved, all four of then would have to be disrupted for service to be lost. Four independent domains for the NS records, even in the same top level, would protect against administrative error in just one, of course.

But even very serious corruption or disruption of the global DNS infrastructure would be very unlikely to make all the glue records in .com, .net, .org, and .co.uk inaccessible or incorrect, and Route 53 has presumably used these specific 4 top level domains for naming their servers in the interest of further redundancy against catastrophic failures that would largely be outside their control.

When configuring the name servers for your domain, you do need to use all 4 values, because this is all part of the high reliability of Route 53.

If it isn't apparent from the above, using the ns-xxxx.awsdns-yy.co.uk name server will not cause some fraction of your queries to be routed to a server in the UK. It's amazing how many people seem to believe that it will.

If you have multiple hosted zones, you'll also notice that they all seem to have different servers assigned. That, too, is for redundancy. When Route 53 assignes name servers, to a new hosted zone, of the 4 servers, not more than 2 of them (and usually even less) will be the same across any two hosted zones on your AWS account -- so a serious failure in 4 randomly selected systems that all (as bad luck would have it) happened to be authoritative for one of your hosted zones would not be able to impact more than one of your hosted zones, because the others would all have at least two entirely different servers.

Note also that you can provision the same domain name in more than one hosted zone. In this case, of course, all four name servers will be different between the two zones. They operate independently, and by changing the authoritative name servers (with your domain registrar) from one set of 4 to the other, you can do a hard conversion of a domain from one Route 53 hosted zone to another.