Question 224325 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

Amazon web services – Route53 domain not connecting to cloudfront distribution with static site

Problem

I have a nextjs static site I am hosting on S3 and serving with cloudfront. I have already validated that the website works fine with the cloudfront url. The problem arises when trying to connect it to my domain I have registered in route53. If it makes a difference, I originally created the domain with bluehost and then transfered over to aws.

  • dig NS <my-domain> returns SERVFAIL instead of the nameservers
  • going to the domain in the browser gives ERR_NAME_NOT_RESOLVED

I tried following this article pretty closely but seems I’m still missing something: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html

current configuration

Cloudfront

  • alternate domains set as www.<my-domain>.com and <my-domain>.com
  • custom ssl cert is set as the same ACM cert I created and validated
  • ipv6 is on

Route53 hosted zone

  • records
    • A alias record for www.<my-domain>.com -> cloudfront dist
    • AAAA alias record for www.<my-domain>.com -> cloudfront dist
    • A alias record for <my-domain>.com -> cloudfront dist
    • AAAA alias record for <my-domain>.com -> cloudfront dist
    • NS record that I’ve changed to be the same as what shows up under name servers in the registered domains page
  • under hosted zone details, shows different name servers than both the NS record and what appears in the registered domain page

Route53 registered domains

  • Domain status code
    • clientDeleteProhibited
    • clientTransferProhibited
    • clientUpdateProhibited

ACM

  • cert requested and email validated successfully
  • domains are <my-domain>.com and *.<my-domain>.com
  • associated resources shows my cloudfront dist
  • status is "Issued"

Is there anything I am missing that is causing the dns to not resolve? Let me know if I need to provide more info.

  • dig NS <my-domain>.com or www.<my-domain>.com returns SERVFAIL instead of the nameservers
  • going to the domain in the browser gives ERR_NAME_NOT_RESOLVED instead of website
  • updating the NS record in route53 to match the registered domain did not resolve dns
  • updating the name servers list in route53 registered domains to match hosted zone’s name servers (shows status "failed")
Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    The missing piece that prevented DNS resolution was that the NS records, hosted zone details name servers, and glue records in the domain registration page were not identical when they should be. They got out of sync after I tried re-creating my hosted zone and editing the NS records while troubleshooting.


  2. 0

    "NS record that I’ve changed to be the same as what shows up under name servers in the registered domains page"

    You should have done the opposite. You need to update your registered domain’s name servers to be whatever the hosted zone initially gave you.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search