[dns-operations] does anybody know why yahoo+akamai are doing this?

Paul Vixie paul at vix.com
Tue Mar 21 20:45:50 UTC 2006

# > RFC 1034 assumes that CNAMEs will not have out-of-zone targets
# I'm having trouble finding this assumption in RFC 1034.

i know.  but the alg described by marka and ref'd by ed is an example
of at least one way in which out-of-zone cname's aren't fully supported.

# Moreover, on page 15 I find the following example.
# This RR appears again in the example starting on page 36, where the
# ARPA TLD is shown in the root zone, and the EDU TLD has its own zone.
# These illustrations appear inconsistent with the suggested assumption.

i know.  but CNAMEs are described as temporary transition mechanisms,
but are now used in many permanent everyday DNS designs, i think there's
a reason to discount the value of the example on page 15 compared to the
implications on "what NS RRset will be added if a CNAME chain exits a

when i first started working on BIND4 in 1989 or so, one of the bugs i
had to content with was the resolver's assumption that CNAME chains would
always terminate within a single message.  my first approach was to add
the now widely despised/reviled "fetch-glue" logic.  later i added CNAME
following in gethostbyname() et al.  later on, i asked pvm which fix was
better, RFC-wise, and he said, darkly and mysteriously, "both."

More information about the dns-operations mailing list