CNAME as NS record?

[Mark_Andrews at isc.org]

> Hello,
> I believe it is illegal to have an NS record point to a CNAME as per the
> RFC? But can it actually cause lookup problems in the real world? I have a
> customer having some odd problems and noticed all of his NS records are
> CNAMEs. Any information will be appreciated.
> 
> Thanks,
> 
> Brady

	The problem with NS that refer to CNAMEs is that the CNAMEs
	would also have to be stored as glue and be followed in
	additional section processing.  This is a lot of work for
	little benefit and highly likely to be got wrong.  We have
	enough problems with just keeping address records correct
	without having to keep CNAME chains correct as well.

	In addition to having to store the CNAME chains as glue we
	would have to change the additional section processing to
	have the CNAMEs returned.  If you didn't do that you would
	have places where you could use CNAMEs and get away with
	it and places where you can't assuming that nameservers
	follow the CNAMEs when looking up address of nameservers.

	Rather than have to deal/explain with is messy situation
	where it works sometimes and not others named enforces the
	rule that NS records refer to address records by not following
	the CNAME when looking up address of nameservers internally.

	This means that any NS record that refers to a CNAME is
	effectively ignored and if all the records refer to CNAMEs
	the zone will be unreachable.

	Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org