Forwarding rules for reverse DNS queries in Resolver - Amazon Route 53
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Forwarding rules for reverse DNS queries in Resolver

When the enableDnsHostnames and enableDnsSupport are set to true for a virtual private cloud (VPC) from Amazon VPC, Resolver automatically creates auto-defined system rules for reverse DNS queries. For more information about these settings, see DNS attributes in your VPC in the Amazon VPC Developer Guide.

Forwarding rules for reverse DNS queries are particularly useful for services like SSH or Active Directory, which have an option to authenticate users by performing a reverse DNS lookup for the IP address from which a customer is attempting to connect to a resource. For more information about auto-defined system rules, see Domain names that Resolver creates autodefined system rules for.

You can turn off these rules and modify all reverse DNS queries so that they are, for example, forwarded to your on-premises name servers for resolution.

After you turn off the automatic rules, create rules to forward the queries as needed to your on-premises resources. For more information about how to manage forwarding rules, see Managing forwarding rules.

To turn off auto-defined rules

  1. Sign in to the Amazon Web Services Management Console and open the Route 53 console at https://console.amazonaws.cn/route53/.

  2. In the navigation pane, under Resolver choose VPCs, and then choose a VPC ID.

  3. Under Autodefined rules for reverse DNS resolution, deselect the check box. If the check box is already deselected, you can select it to turn on auto-defined reverse DNS resolution.

For the related APIs, see Resolver configuration APIs.