Ambiguous def of multiple CNAME

Kevin Darcy kcd at
Tue Nov 30 21:42:02 UTC 1999

Christine.Tran at wrote:

> >>      IN      CNAME
> >> I am almost sure it's not kosher, but so far it's worked.  I'm on BIND8.2p1.
> >
> >You certainly can.  we've done that for vs. vs.
> >, etc.
> Sure, we do the same for our .com, .net and .org but I thought I read somewhere that stuck in my mind that to CNAME to a target outside of your control is to invite trouble because that target can move without you knowing.  If I CNAME to, and one day they decide to change it to, I'm doomed.

Strictly speaking, that's an administrative problem, not a technical problem. You shouldn't really be creating permanent aliases to other people's machines without them knowing about it, and, if they know about it, they shouldn't really be moving names around without informing everyone who is dependent on those names.

> I have an internal server authoritative for
>  IN      CNAME
> I use a forwarder.  When I look up, I time out.  My debug shows me finding as and the query is forwarded.  I expect an A RR back, but instead, I get a referal to the NS RR of  So my internal server tries to contact, which it can't, being internal and roped off from the world.
> However, if I first lookup my query is forwarded and answered, and I cache the response.  Now if I look up, I get an answer.  The repeats when the TTL for times out.  Why this disparate behavior?

Strange, but this works fine for me. I defined "" in a bogus version of the zone, as an alias to When I queried it, it translated the CNAME, then used the forwarder to fetch the A record. This is just using a generic type of configuration. Is yours different

                                                                                                                                                - Kevin

More information about the bind-users mailing list