[dns-operations] Adding CNAME for the root domain issue
Fred Morris
m3047 at m3047.net
Wed Apr 27 20:42:01 UTC 2016
Top-posting, because I quoted a lot. Ok now I'm a little disturbed.
To me, this looks like a label which is CNAMED to a zone. What's laid out
seems like the most straightforward way to accomplish this. Paul, what
you're saying seems to be that CNAMEs can't just point to anything:
specifically they can't point to a domain containing NS and SOA records.
Maybe I'm lazy, and I should go read RFCs...
Anyway, this line of reasoning suggests to me that once a domain is
CNAMEd, nothing downstream (a subdomain) can ever be delegated. I'd never
really thought of it that way before.
On Wed, 27 Apr 2016, Paul Vixie wrote:
> John Levine wrote:
> > [...]
> > --- one zone ---
> > $ORIGIN foo.example
> > foo.example. CNAME bar.example.
> > www A 1.2.3.4
> >
> > --- another zone ---
> > $ORIGIN bar.example
> > bar.example. SOA ns.provider.example. hostmaster.bar.example. 1776070401 900 604800 7200
> > NS ns.provider.example.
> > NS ns2.provider.example.
> > www A 5.6.7.8
> >
> > That is, the CNAME at the apex is all by itself, pointing at another
> > apex with the right SOA and NS, no glue needed. Is that valid?
>
> no.
>
> Why
> > or why not?
>
> the SOA and an NS RRset are not optional at the apex.
>
More information about the dns-operations
mailing list