How should I configure DNS for my GoDaddy domain with CloudFront?

Question

I have a static web application being hosted in an S3 Bucket that I am currently hosting with Amazon CloudFront. It is a travel site, so I would like for users around the world to be able to quickly use it. I also want to use TLS for free with ACM (Amazon Certificate Manager).

What is the best practice architecture for doing this? I'm not trying to start a discussion or ask an open-ended question. Hear me out.

I don't know much about how DNS works, so correct me if I'm wrong. If I have GoDaddy DNS records to two GoDaddy NS servers/addresses/domains/whatever-they-are, does that mean that any time a user in Hong Kong wants to access my website, they have to contact those GoDaddy DNS servers, wherever they are, THEN contact DNS servers for CloudFront, THEN actually contact the nearest CloudFront server and retrieve my super-fast, locally-cached copy of my website?

As you might guess, I am afraid that this will slow down access to my site and defeat the purpose of using CloudFront to begin with. Is this a valid concern? How should I set this up? Would Route 53 help or make things worse?

Answer 1

If you have your domains registered with GoDaddy but use Route53 for DNS - no problems. Short version of my answer is that's the fastest / best way to do it.

Here's how I think it DNS works. If I'm not right I'm happy to make edits or remove the answer.

The browser looks up DNS for your domain, which is with GoDaddy DNS servers, wherever they are. It might take 20 - 200ms to do the DNS lookup to GoDaddy to get the CNAME (which is an alias to an AWS CloudFront IP). Then another DNS lookup of result of the first DNS lookup is done against an AWS DNS server which will most likely return an A record / IP address, which is probably 10 - 40ms. So, yes, there are two DNS lookups.

DNS servers are in a hierarchy, so if your local DNS server doesn't have the records you need it might take even longer.

If you had a Route53 DNS record then the first DNS lookup would be faster. CloudFlare, which has a good free tier, also has a very fast, well distributed DNS system.

One small hitch is you can't put a CNAME at the root of a domain (ie example.com), but you can on a subdomain (ie www.example.com). Both Route53 and CloudFlare have workarounds for that. If you're using GoDaddy DNS I'm not sure how it works - could be a custom feature, or you could have a web server listening to requests on the root of the domain, doing a 301 redirect to the www subdomain. That's another hop though.

Short version: best use Route53, it costs 50c per month plus 40 cents per million lookups.