[dns-operations] Adding CNAME for the root domain issue
John R Levine
johnl at taugh.com
Fri Apr 29 17:48:51 UTC 2016
> So in our last installment, it was seen that a CNAME for a "zone apex" looks
> ok (returns SOA, NS, MX, etc) but it doesn't work with subdomains (FQDNs
> under the apex); and DNAME works for stuff under the "apex" but doesn't look
> like a zone.
No, that's backwards. CNAME at the apex doesn't work because the apex has
to have NS and SOA records, and getting them indirectly via CNAME doesn't
count. CNAME anywhere else works fine so long as you don't try to put
other records at the same name, and don't expect it to redirect any name
other than the exact one that has the CNAME.
> (Why am I doing this? Quite frankly although I work with the DNS on a near
> daily basis, DNAMEs seldom if ever come over the transom. How do they work?
> What are they good for? I figure I'm probably not the only one, and I don't
> see them discussed much.)
DNAME does what it does, roughly speaking it redirects all names under the
name with the DNAME, but not the name itself. RFC 6672 explains it
reasonably clearly. If you're not writing DNSSEC software, you can skim
the DNSSEC parts.
Regards,
John Levine, johnl at taugh.com, Taughannock Networks, Trumansburg NY
Please consider the environment before reading this e-mail.
More information about the dns-operations
mailing list