Backgroup:

I have an AWS Managed Active Directory(domain.com). I created a DHCP options set  to my domain.com and DNS IP address. Finally I applied it to the VPC. By default all of your EC2 instance in this VPC cannot resolve region-name.compute.internal, and I would like to create a conditional DNS forwarder on our domain.com to the Amazon default DNS provider.

Overview of the Steps - 
        1. Use an EC2 instance that is joined to the domain as an administrator's machine.

2. On this machine, install the DNS Server Tools under Remote Administration Tools, from the Add Roles and Features Wizard.

3. Run DNS Manager (dnsmgmt.msc) as the admin user from the domain, which prompts you to connect to the server. 
        [The Microsoft Active Directory type within AWS Directory Service provides two domain controllers (each in separate AWS Availability Zones) and an *Admin account* that has permissions for the most common administrative activities. These include user and group management, resource management, delegation, Group Policy management, and management of DNS configurations.]

Here, Select the button "The following computer" and type the IP address of one of the two provisioned AWS Directory Service for Microsoft AD domain controllers (10.0.0.16 or 10.0.0.248). Preferably, try with the Primary - 10.0.0.248.

4. After you have connected the DNS Manager to a Microsoft AD DNS service, you can configure the server and conditional forwarders. 
        For example, if you want these DNS servers to forward requests for your VPC-provided DNS, right-click Conditional Forwarders and select New Conditional Forwarder. Then, you can specify the private hosted zone and VPC-provided DNS IP address.

Please note that the VPC-provided DNS IP address will always be your VPC CIDR block “plus two.” For example, if your VPC uses 10.10.0.0/16, the VPC-provided DNS is 10.10.0.2.
        And, if you store a conditional forwarder in AWS Directory Service for Microsoft AD, it handles the replication of this to the other domain controller.

Reference Link:

https://aws.amazon.com/cn/blogs/security/how-to-set-up-dns-resolution-between-on-premises-networks-and-aws-using-aws-directory-service-and-microsoft-active-directory/

http://tekbloq.com/2017/05/12/add-a-conditional-forwarder-on-a-dns-server-windows-server-2008-r2/

Create a conditional DNS forwarder on our domain.com to Amazon default DNS provider的更多相关文章

  1. DNS 系列(一):为什么更新了 DNS 记录不生效?

    我们在上网时如果想要访问到另一台机器上的内容,通常只需要直接输入一串地址,例如:www.upyun.com,就能够准确访问到自己想要访问的网站.但是实际上这只是方便我们记忆的字符形式网络标识,真正让我 ...

  2. DNS隧道工具汇总——补充,还有IP over DNS的工具NSTX、Iodine、DNSCat

    github上有一堆的工具:https://github.com/search?utf8=%E2%9C%93&q=DNS+tunnel+&type= DNS隧道大检阅 研究了一天的DN ...

  3. 【入门】广电行业DNS、DHCP解决方案详解(三)——DNS部署架构及案

    [入门]广电行业DNS.DHCP解决方案详解(三)——DNS部署架构及案 DNS系统部署架构 宽带业务DNS架构 互动业务DNS架构 案例介绍 案例一 案例二 本篇我们将先介绍DNS系统部署架构体系, ...

  4. DNS稳定保障系列1--服务双保障“辅助DNS”产品介绍

    背景 2016 年 10 月 21 日,DNS 服务商 dyn 的服务器遭遇黑客大流量的 ddos 攻击,使得美国大量互联网公司如 twitter,github等都出现解析失败,无法提供服务.如下图可 ...

  5. 《DNS攻击防范科普系列1》—你的DNS服务器真的安全么?

    DNS服务器,即域名服务器,它作为域名和IP地址之间的桥梁,在互联网访问中,起到至关重要的作用.每一个互联网上的域名,背后都至少有一个对应的DNS.对于一个企业来说,如果你的DNS服务器因为攻击而无法 ...

  6. [PowerShell Utils] Automatically Change DNS and then Join Domain

    I would like to start a series of blog posts sharing PowerShell scripts to speed up our solution ope ...

  7. DNS工作流程及原理 域名、IP与DNS的关系

    转自:http://blog.csdn.net/maminyao/article/details/7390208 一.DNS服务概述 DNS是Domain Name System的缩写,即域名系统.其 ...

  8. 6.DNS公司PC访问外网的设置 + 主DNS服务器和辅助DNS服务器的配置

    网站部署之~Windows Server | 本地部署 http://www.cnblogs.com/dunitian/p/4822808.html#iis DNS服务器部署不清楚的可以看上一篇:ht ...

  9. Fix “Could not flush the DNS Resolver Cache: Function failed during execution” When Flushing DNS

    ipconfig /flushdns It is possible that you’re getting an error message “Could not flush the DNS Reso ...

随机推荐

  1. xampps 不能配置非安装目录虚拟主机解决方案

    今天将前几天安装好的xampps配置下,准备开始php开发之旅,在我信心满满的将工作目录定在非安装目录上(安装目录在:D:\Program Files\xampps\apache\htdocs  我将 ...

  2. docker学习(三) 安装docker的web可视化管理工具

    1.docker是一个一款很轻便的应用容器引擎,为了更好的管理和使用docker,使用web可视化管理工具似乎更符合大多数人的需求.在这里,我给大家分享下自己使用过的几款web工具:docker UI ...

  3. 3 python3 编码解码问题 upd接受数据

    1.python3下的中文乱码:send_data.encode("utf-8") from socket import * udp_socket = socket(AF_INET ...

  4. How to set pycharm configure for remoting development

    配置pycharm远程连接,点击pycharm的tools,选择deployment选项,选择configuration. 2 点击左侧的加号按钮,新增一个连接,取个名字,根据个人配置选择协议,这里选 ...

  5. java集合浅谈(一)

    一.类库结构图概览 容器对象仅能持有对象引用(对象的指针),而不是Copy对象信息,从网上搜得几张Java中集合类库的结构图,如下所示: 二.解说Collection 2.1 Collection ( ...

  6. 26、js阶段性复习

    1.一元运算符 Operator + 可用于将变量转换为数字: <!DOCTYPE html> <html> <body> <p> typeof 操作符 ...

  7. Centos6.5

    1.首先我们需要检测系统是否自带安装mysql # yum list installed | grep mysql 2.如果发现有系统自带mysql,果断这么干 # yum -y remove mys ...

  8. MySQL☞Group By

    分组: group by 列名:根据某一列,把数据分成几组,经常对每一组的数据使用聚合函数,按照我的理解,该列有几种不同的值,那么就把该列分成几组,如下图 简单的来说,第二列中有两个不同的值a和b,那 ...

  9. Ruby中数组的&操作

    最近在忙一个项目,好久没有写日志了,项目终于接近尾声,可以适当放松一下,所以记一下在这个项目中发现的有趣事情: 数组的 与 操作 一直以为两个数组A和B相与,谁前谁后都一样,不过这次在项目中突然想试一 ...

  10. [POJ3585]Accumulation Degree

    题面 \(\text{Solution:}\) 有些题目不仅让我们做树型 \(\text{dp}\) ,而且还让我们换每个根分别做一次, 然后这样就愉快的 \(\text{TLE}\) 了,所以我们要 ...