Proper implamentation of A and CNAME records

Kevin Darcy kcd at daimlerchrysler.com
Thu Aug 5 23:25:19 UTC 2004 

MUELLER, STEVE (SBIS) wrote:

>Like so:
>domain.tld.		IN	A	1.2.3.4
>www.domain.tld.	IN	A	1.2.3.4
>
>Using CNAME for one or the other would work, 
>
No, you *can't* use a CNAME for the zone apex. The only alternative 
would be to make the "www" name an alias for the zone-apex name. *Not* 
the other way around.

>but forces hosts to 
>do another lookup just to get the final result. Not that it takes
>long, but it is another x milliseconds to get that taken care of.
>If you specify A records for each, you just got around that extra
>lookup mess and the end user is already loading the page. 
>Done
>
In the general case, there would not be an extra lookup, since the CNAME 
and the A record would both come from the authoritative server in the 
same response. And if the TTLs on both records were the same, they'd 
tend to time out of caches at the same time too, meaning, both records 
would tend to come as a matched set even from non-authoritative 
nameservers (or, more correctly, "caching resolvers").

One of the *benefits* of using CNAMEs in this scenario is that there is 
no ambiguity about where the reverse record should point. Besides, of 
course, the obvious maintenance benefit of only having to update one DNS 
record if the address changes.

Frankly, I've never quite understood this irrational fear of CNAMEs. 
This primitive "CNAMEs bad!" mindset would be like a caveman declaring 
"fire bad!" and then freezing to death in his cave. CNAMEs, like fire, 
are very useful when used properly and safely.

                                                                         
                     - Kevin

>>-----Original Message-----
>>From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
>>Behalf Of Eric Senf
>>Sent: Thursday, August 05, 2004 9:18 AM
>>To: comp-protocols-dns-bind at isc.org
>>Subject: Proper implamentation of A and CNAME records
>>
>>
>>OK... I have seen what's out on the Internet but I want to 
>>ensure that 
>>this is done properly.
>>
>>We have a web site. We want this site to be at both 
>>www.domain.com and 
>>domain.com. I know it is not proper to CNAME a root domain entry thus 
>>creating an A record for www.domain.com and a CNAME for domain.com 
>>won't work. I also know it's not proper (though this is what 
>>most site 
>>do like M$, Sun, etc.) is to create two A records for the 
>>same IP, one 
>>pointing to www.domain.com and domain.com.
>>
>>Is this properly accomplished by creating an A record for domain.com 
>>and then a CNAME for www.domain.com?
>>
>>Thanks for any guidance,
>>Eric.
>>
>>
>>
>>    
>>
>
>
>
>
>  
>

More information about the bind-users mailing list