Many A-records
Jonathan de Boyne Pollard
J.deBoynePollard at Tesco.NET
Mon Apr 5 17:27:39 UTC 2004
f> An IP should only have one A-record
Rubbish. I've mentioned RFC 2181 section 10 once already.
f> services should be pointed out using Cnames.
Rubbish. It's perfectly legitimate for service-specific domain names to _not_
be client-side aliases. Moreover, several DNS server softwares (both proxy
and content) don't deal with client-side aliases at all well, and they usually
cause more DNS traffic to occur than not using them would.
If there are two ways of doing things, only one of which involves using
client-side aliases, one should choose the other way.
f> Of cource if you have choosen to let http be the default
f> service for a domain [...]
There is no such concept of a "default service for a domain".
f> If webhosting companies uses "virtual name based hosting"
f> they should use one A-record and many Cnames.
False. Indeed, they _should not_ do this.
f> If webhosting companies uses subinterfaces they should have
f> one A-record per subinterface.
False. I refer you to RFC 2181 section 10 a third time.
f> If we have boght a SSL certificate that will protect
f> www.www.com and one of our customer want's to reach that
f> service using their own DNS namespace www.customer.com it
f> will not work smooth since the certificate was made for
f> www.www.com.
Good. Complete strangers should not be able to hijack one's SSL
certificates for their own ends simply by publishing a client-side
alias in the public DNS database.
More information about the bind-users
mailing list