Does "@" in CNAME record not work?

[Barry Margolin]

In article <9inndc$t60 at pub3.rc.vix.com>, Jim Lum  <jlum at cox.rr.com> wrote:
>IF someone "out there" had a hard-and-fast rule [I have no idea why,
>but, for the sake or argument, let's say the management in a company
>made such a rule] that said specifically that no A records within zone
>files could ever have duplicate IP addresses, THEN it seems like Bind
>would not be able to comply to this rule in all cases?

The problem isn't BIND, it's the DNS specification.  BIND is merely
enforcing rules that the DNS protocol requires.

If you had such a rule, you just would have to use the same name in
multiple contexts.  For instance, if you use the same server for web, DNS,
and mail, instead of doing:

@    IN A  192.168.10.1
     IN NS ns1.domain.com.
     IN MX 10 mail.domain.com.
ns1  IN A  192.168.10.1
mail IN A  192.167.10.1
www  IN CNAME domain.com.

you would have to do:

@    IN A  192.168.10.1
     IN NS domain.com.
     IN MX 10 domain.com.
www  IN CNAME domain.com.

There's no rule that says you have to use different names for each role
that the machine performs.  Of course, if that same silly manager also had
a hard-and-fast rule requiring different names for each role, then he's
asking for you to implement things that violate the protocol.

Why doesn't management just make a hard-and-fast rule that all system
administration be done by chimps?  I'll bet the bean-counters would like
the reduction in payroll expenses (although the cleaning expenses will
probably increase).  But making stupid hard-and-fast rules that don't work
is no way to run a business.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.