Interaction of CNAME and A records with regard to TTL

Kross Joachim ICM N PG U ID A 1 joachim.kross at
Wed Jan 22 09:25:04 UTC 2003


thank your for your answers. A follow-up question: how about the TTL of
CNAME records and the records they point to, is there a constraint that they
have to be equal? (I assume that not.) If not, if the CNAME record expires
before the records it points to, does the server always resolve those
records as well and includes them with the response (I assume that it is
usually the server authoritative for the CNAME is responsible for including
the records the CNAME points to with the answer)? (I assume yes.) I saw that
recursion can be switched off in bind 9 servers even if a client requests
it. Does that influence that behavior (fetching the records the CNAME record
points to)? (I assume it does, that is disables that behavior). How do other
servers implement this?

Another question: The RFC on SRV records explicitly forbids that the rdata
portion contain an alias. I could not find anything of that kind for NAPTR
records. Is there a similar restriction on NAPTR records, which I just
haven't found, or are these two cases handled differently? If yes, does
anyone know why is that?

Thank you!


> -----Original Message-----
> From: Mark.Andrews at [mailto:Mark.Andrews at]
> Sent: Friday, January 17, 2003 2:28 PM
> To: Kross Joachim ICM N PG U ID A 1
> Cc: 'bind-users at'
> Subject: Re: Interaction of CNAME and A records with regard to TTL 
> > 
> > Hi all,
> > 
> > I am wondering about the following scenario:
> > 
> > A name server receives a request for an A record and tries 
> to resolve it. It
> > finds a CNAME record with multiple A records attached. I 
> assume it puts all
> > those records into its cache. Now, assume all those records 
> have different
> > TTLs. At some point in time, when some of the A records have already
> > expired, another query for the original A record comes in. 
> The CNAME record
> > and some of the related A records are still in the cache of 
> the name server.
> > What is the behavior of the name server: does it return the 
> CNAME record and
> > the A records it still has, i.e. an incomplete set with 
> regard to all the
> > applicable records that exist, or does it forward the CNAME 
> request to make
> > sure it has all the related A records?
> 	Well you don't put differing ttls into the DNS for the same
> 	name and type.
> 	The authoritative servers should be correcting this if you
> 	do by taking the lowest ttl and using that for the set.  Both
> 	BIND 9 and BIND 8 do this.
> 	The caches should also take differing ttls and normalise
> 	them to the lowest ttl when it receives them.  If it doesn't
> 	do that it should at the least expire the whole set of records
> 	if a record in the set expires.  BIND 9 does the former, BIND 8
> 	the later.
> 	There was a benefit in preserving the differing ttls as
> 	they were usually the result of nameservers merging RRsets.
> 	When you had two differnet RRsets there was a high probability
> 	that the one with multiple ttls was the result of a merger
> 	and should be dropped in preference to the one with consistant
> 	ttls.
> 	Mark
> > I guess this is not applicable only to CNAME and A records, 
> just A records
> > would pose the same question: If there are multiple A 
> records for a domain
> > name, with different TTLs, what does a name server do if it 
> receives a query
> > for that domain name after some of the records have 
> expired: return the
> > incomplete list, or complete the list before returning it?
> > 
> > Does this possibly have something to do with the 
> authoritative nameserver
> > portion of DNS responses?
> > 
> > Thanks!
> > 
> > Best regards,
> > Joachim
> > 
> --
> Mark Andrews, Internet Software Consortium
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at

More information about the bind-users mailing list