A records or CNAME??

Kevin Darcy kcd at daimlerchrysler.com
Tue Apr 30 20:20:17 UTC 2002 

CNAMEs are a _little_ inefficient, in that they make response packets a little
larger. But generally, I'm not as down on CNAMEs as some people here, and I use
them extensively. Don't chain CNAMEs though (i.e. point CNAMEs at CNAMEs);
that's bad news. And don't try to use CNAMEs as the targets of other records,
e.g. NS or MX targets, because that's illegal.


- Kevin

James Gray wrote:

> I'll look into that but I think we're on the right track.  Basically, what
> would be the drawbacks of doing the changes to CNAME's (even if we just do
> it, test it, and rule it out?).
>
> --James
>
> "Kevin Darcy" <kcd at daimlerchrysler.com> wrote in message
> news:aakvik$if4 at pub3.rc.vix.com...
> >
> > What software is doing this double resolution? Usually this
> > (so-called) authentication method starts with the IP address, reverse-maps
> it
> > to a name, and then does a forward lookup to ensure that the name maps to
> the
> > IP it started with. Given what you have, this should work. I'm not aware
> of any
> > software that does it the other way around. Are you sure you haven't
> > misdiagnosed the problem?
> >
> >
> > - Kevin
> >
> > James Gray wrote:
> >
> > > We have single machine that operates as a backup for 3 main network
> services
> > > FTP, DNS and SMTP.  Consequently, we have three hostnames mapping to a
> > > single address.  This is not a problem and is defined in the RFC's.
> > > However, we are hitting some problems when this machines connects to
> remote
> > > hosts that do a double resolution to verify the hostname/IP.  The
> forward
> > > lookup works ok, but the reverse maps the IP to a different host and the
> > > connection is refused.
> > >
> > > The snippet from the current zone file looks like this:
> > >
> > > ns2    IN    A    1.2.3.4
> > > ftp    IN    A    1.2.3.4
> > > mail   IN    A    1.2.3.4
> > > etc...
> > >
> > > but the revese lookup only maps 1.2.3.4 to ns2.  Can we get around this
> by
> > > changing the forward zone to this:
> > >
> > > ns2    IN    A    1.2.3.4
> > > ftp    IN    CNAME ns2
> > > mail   IN    CNAME ns2
> > > etc....
> > >
> > > Thanks in advance.
> > >
> > > James
> >
> >

More information about the bind-users mailing list