[dns-operations] Adding CNAME for the root domain issue
Dave Warren
davew at hireahit.com
Wed Apr 27 21:21:11 UTC 2016
On 2016-04-27 14:12, Andrew Boling wrote:
> Trying again, with the mailing list included this time.
>
> On Wed, Apr 27, 2016 at 4:56 PM, John Levine <johnl at taugh.com
> <mailto:johnl at taugh.com>> wrote:
>
>
> That is, the CNAME at the apex is all by itself, pointing at another
> apex with the right SOA and NS, no glue needed. Is that valid? Why
> or why not?
>
>
> It's explicitly invalid per RFC 2181. A zone is required to have SOA
> and NS records at the apex, and a CNAME record cannot exist at a label
> where those record types exist.
>
> https://tools.ietf.org/html/rfc2181#section-6.1
> https://tools.ietf.org/html/rfc2181#section-10.1
>
rfc1035 gets us most of the way too in section 5.2. Use of master files
to define zones
When a master file is used to load a zone, the operation should be
suppressed if any errors are encountered in the master file.
<...>
Several other validity checks that should be performed in addition to
insuring that the file is syntactically correct:
<...>
2. Exactly one SOA RR should be present at the top of the zone.
Without the SOA, you don't have a zone file, and therefore the zone
should not be loaded. Once a SOA exists, a CNAME cannot coexist.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160427/ef60985d/attachment.html>
More information about the dns-operations
mailing list