[dns-operations] Curious use of cname

Andrew Sullivan ajs at anvilwalrusden.com
Thu Aug 7 00:06:39 UTC 2014

On Thu, Aug 07, 2014 at 07:51:53AM +1000, Mark Andrews wrote:
> Those with developers that don't read RFC 1034 which tried to prevent
> this from happening.

You're probably right.  But of course, RFC 1034 was written a number
of years ago, and some of the protocol-specification language that
later became well-understood isn't used in it.  In particular,

> RR.  If a CNAME RR is present at a node, no other data should be
> present; this ensures that the data for a canonical name and its aliases
> cannot be different. 

this makes it sound like "nothing at a CNAME but a CNAME is a good
idea" instead of "if you have a CNAME, that means by definition
nothing else can be there."  To a naïve reader, the text above might
read as, "You shouldn't do this, but you could.  But it'd have a bad
consequence, and you don't want that, right?"  What it should say, of
course, is more like, "CNAME just means that the name you looked up is
actually some other name, therefore there MUST be no other data at the
owner name of a CNAME."  Something like that.

I've talked to people who've been facile with the DNS for a number of
years, who didn't get that this wasn't some arbitrary rule, but was
the very meaning of "canonical name".  If you explain it, the lights
always go on.  But RFC 1034 does a poor job of explaining it.

Best regards,


Andrew Sullivan
ajs at anvilwalrusden.com

More information about the dns-operations mailing list