The RFC or the reason why you can not create CNAME record for the "root record"

phil-news-nospam at ipal.net phil-news-nospam at ipal.net
Wed Jun 2 05:04:43 UTC 2004 

On Tue, 01 Jun 2004 18:56:29 +0100 Jim Reid <jim at rfc1035.com> wrote:

| Rewrite RFCs 1034 & 2181 and get them accepted by IETF and then
| adopted as standards. Then have everyone's DNS software support your
| rewritten standards. After that, get all the world's deployed name
| server software -- not just name servers! -- update/migrate to the new
| standards. In other words, not in our grandchildren's lifetime.

So you're saying that once done, no changes can be made?  That would seem
to say that DNS cannot even evolve.  I don't believe that.  But I don't
want to get into the politics of IETF.  If I make it work, people will
use it, then someone will figure it needs to be standardized to make sure
there is just one uniform way to accomplish what people obviously want to
do.


|    Phil> I think a hack/patch is the only way.
| 
| You might think that. But you'd be wrong. Sure, you can come up with a
| kludge for your name server to make it violate these fundamental DNS
| standards. This won't help everybody else's DNS software. That may
| fail or give undefined behaviour when it gets a response from your
| name server that has an owner-name as a CNAME and some other record
| type, something that RFC1034 and RFC2181 clearly state isn't allowed.
| Even if all this came to pass, it still wouldn't be enough. There
| could well be applications software which looks up CNAMEs directly.
| This stuff could get confused if a response returned A or AAAA records
| (or whatever) as well as the desired CNAME.

If one is going to propose a change in the standard, doesn't it have to
at least be tested?  The patch would be the test.

FYI, my intentions are not to intermingle records.  The only thing that
needs to be done is give the CNAME answer to get the resolving server to
re-query with the new name.  There is no need to also send along any A
or AAAA records ... only a CNAME record.  The fact that CNAME cannot exist
with A or AAAA records is not the issue.  The fact that CNAME cannot exist
with SOA or NS records is the issue.  If things work by hacking BIND to
allow loading a zone with SOA+NS+CNAME, then that's an option.  If things
work by hacking BIND to allow loading a zone with CNAME alone, then that's
an option.  If it turns out all possible arrangements confuse resolvers or
recursers, then I'll have to get more clever.

-- 
-----------------------------------------------------------------------------
| Phil Howard KA9WGN       | http://linuxhomepage.com/      http://ham.org/ |
| (first name) at ipal.net | http://phil.ipal.org/   http://ka9wgn.ham.org/ |
-----------------------------------------------------------------------------

More information about the bind-users mailing list