CNAME from Subdomain to main domain-name.

Kevin Darcy kcd at chrysler.com
Fri Oct 10 21:31:56 UTC 2008 

An apex name is just the name of a zone itself. www.domain.com is 
usually _not_ an apex name; it's usually just the "www" node under the 
domain.com zone.

The record that is presumably -- if it's an apex name -- illegal in your 
example is "domain.com. IN CNAME www".

The other one should be fine as long as myserver.beta.domain.com doesn't 
own a CNAME.

Again, the relevant rules are:
1) if other data is present at a node (which is true by edict for an 
apex), it can't own a CNAME
2) you can't point one CNAME at another CNAME

The reason we have to hedge this constantly with "if it's an apex name" 
is because we don't assume that this is the Internet DNS. It could be a 
private DNS with a "fake" root. In the Internet DNS, domain.com is 
always going to be an apex name, because the maintainers of "com" always 
delegate subdomains as zones. In a private DNS, "domain.com" could be 
just-another-leaf-node in the private "com" zone or even the private 
root zone itself.

If you would confirm that this is the Internet DNS, then we could state 
unequivocally that "domain.com. IN CNAME www" is illegal.

                                                                         
            - Kevin

Beavis wrote:
> I'm a bind newbie i don't know what an apex is. what I'm trying to do is.
>
> direct traffic from www.domain.com ---> myserver.beta.domain.com.
>
> any help will be awesomely appreciated.
>
> -b
>
> On Fri, Oct 10, 2008 at 2:59 PM, Kevin Darcy <kcd at chrysler.com> wrote:
>   
>> Beavis wrote:
>>     
>>> Greetings,
>>>
>>>  Just wanted to ask if this is a possible scenario.
>>>
>>>
>>> domain.com. IN CNAME        www
>>> www             IN CNAME        myserver.beta.domain.com.
>>>
>>>       
>> I assume domain.com is the "apex" name of a _zone_, right?
>>
>> If so, then the above is illegal. Why? Because at the apex of a zone you
>> have an SOA record and at least 2 NS records. The rule is: you can't
>> have a CNAME at a node if there is other data present at that node. So
>> the presence of the SOA/NS records forbid the creation of the CNAME.
>> You'll get a "CNAME and other data" error if you try this.
>>
>> It is, however, perfectly legal and acceptable for www.domain.com to own
>> a CNAME pointing at a zone apex, or any other name that does not itself
>> own a CNAME, -unless- www.domain.com is itself a subzone of domain.com.
>>
>> Short version of answer: you can't CNAME the apex of a zone.
>>
>>
>>            - Kevin
>>
>>
>>
>>     
>
>
>

More information about the bind-users mailing list