BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT "Illegal"
Barry Margolin
barmar at alum.mit.edu
Wed Jan 28 04:48:36 UTC 2009
In article <glmqqb$jvv$1 at sf1.isc.org>,
mlelstv at serpens.de (Michael van Elst) wrote:
> Barry Margolin <barmar at alum.mit.edu> writes:
>
> >customer.com. IN MX 10 mx.yourdomain.com.
> >mx.yourdomain.com. IN CNAME mx.outsourcer.com.
> >mx.outsourcer.com. IN A ...
>
> That's just the same as
>
> | customer.com. IN MX 10 mx.outsourcer.com.
> | mx.outsourcer.com. IN A ...
>
> except to people with half-a-knowledge about DNS queries.
It's the same in layer 7, but not in layer 8. If you decide to change
outsourcing companies, you have to get hundreds of customers to change
their MX records, instead of just changing one CNAME record.
I used to work at an ISP, and we provided slave DNS for many customers.
At various times we had to change the names and/or addresses of our
servers, as the business grew (e.g. when we acquired other companies,
and wanted to migrate the domains they were hosting to our servers). We
frequently saw obsolete glue records in our customers' domains years
after these changes, and they often found their way into caches so they
interfered with other domains we hosted as well.
So anything you can do to avoid depending on customers to make changes
at their end makes operating a business easier.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list