Does "@" in CNAME record not work?

Kevin Darcy kcd at daimlerchrysler.com
Thu Jul 12 19:19:16 UTC 2001


What version of _DNS_and_BIND_ are you using? In Third Edition, Chapter 15
(Miscellaneous), under "Using CNAME Records", it is explained that you can't
have a zone-apex CNAME (the book refers to this as a "CNAME attached to an
interior node"). This is a protocol restriction; it's not BIND-specific. I can
give you RFC references if you want.

You can, of course, have non-apex names own CNAMEs, and you can even point a
(non-apex) CNAME at a zone-apex name, e.g. "www.example.com" could be an alias
for "example.com". Something you can't do legally, though, is have the
zone-apex name own a CNAME.


- Kevin

Jim Lum wrote:

> Kevin,
>
> I'm running Bind 8.24 from http://bind8nt.meiway.com.
>
> I think that I just figured out why the zone name SEEMED to be working
> (sheepish :)).  I had a "*" CNAME, and I think that that was catching
> the mydomain.com name.
>
> Ok, let me explain why I (think) I don't want to use the "@ A
> 192.168.0.4".  I've been reading the O'Reilly BIND/DNS book, and in the
> section where it talks about CNAME records, there's a discussion about
> why A records shouldn't always be used instead of CNAME records.
> Something about sendmail and figuring out canonical names (I'm new!).
>
> So, given the warning in the BIND/DNS book, I figured I'd better use a
> CNAME for the base zone/domain name (i.e., mydomain.com).
>
> So, if, as in my case, the name server and the web server and the base
> domain all have the same IP address (as in my case), and if the @
> doesn't work, and if the mydomain.com. doesn't work, and I don't want to
> use an A record, how can I assign an IP address to the base zone/domain
> name??
>
> In other words, I want something like:
>
> mydomain.com            192.168.0.4
> ns1.mydomain.com        192.168.0.4
> www.mydomain.com        192.168.0.4
>
> Jim
>
> P.S.  I'm curious about WHY doesn't BIND allow the zone name or @ as an
> alias/CNAME?  Is that documented anywhere?
>
> Kevin Darcy wrote:
> >
> > Correct, "@" cannot own a CNAME record.
> >
> > Neither, legally, can the name of the zone, spelled out. I'm not sure why
> > named accepted this. Then again, you didn't say what version of BIND you
> > are running...
> >
> > You should use "@ a 192.168.0.4" instead.
> >
> > - Kevin
> >
> > Jim Lum wrote:
> >
> > > Hi,
> > >
> > > I'm setting a nameserver using Bind on my home network.
> > >
> > > I have a server running both my web server and Bind (i.e., the name
> > > server and the web server are on the same machine).
> > >
> > > In the Bind zone file, I have the name server named as 'ns1', i.e., I
> > > have an 'A' record:
> > >
> > > ns1     A       192.168.0.4
> > >
> > > And, for the web server, I have a CNAME record:
> > >
> > > www     CNAME   ns1
> > >
> > > But, I also wanted to be able to be able to have just the domain name
> > > (the origin, I guess it's called), so I added an additional CNAME
> > > record:
> > >
> > > @       CNAME   ns1
> > >
> > > When I do this, it doesn't work.  When I ping 'mydomain.com', instead of
> > > picking up the IP address for ns1.mydomain.com that I have set in my
> > > Bind files, it's getting some other IP address.
> > >
> > > If I replace the @ CNAME record with:
> > >
> > > mydomain.com.   CNAME   ns1
> > >
> > > it works correctly.
> > >
> > > Is the "@" notation not allowed in CNAME records?
> > >
> > > Thanks,
> > > Jim





More information about the bind-users mailing list