CNAME as MX, NS, SOA
Barry Margolin
barmar at alum.mit.edu
Mon Jan 19 22:41:57 UTC 2004
In article <buhc3a$13b9$1 at sf1.isc.org>, /dev/rob0 <rob0 at gmx.co.uk>
wrote:
> I've seen numerous warnings against using a CNAME as MX, NS or SOA, but
> no explanation about why this is wrong. I think it would be useful, just
> as I use CNAMEs for all other services.
It may be useful, but it has overhead in a section of DNS processing
that you want to be as efficient as possible. It forces an extra step
of quering to resolve the CNAME, and possibly multiple steps. A records
associated with MX or NS records will often be included in the
Additional Records section of a reply, but this won't follow CNAME
records.
> I previously was running a master and slave server on my home LAN, but
> since have come to my senses. :) The master was a virtual machine (user-
> mode Linux), and I would like to have changed its A record "ns.rob0.lan"
> into a CNAME pointing to the slave. (This hostname is also the SOA.)
>
> What I did instead was to change the A record to point to the IP of the
> slave. So now I have 2 A records for that IP: ns and server. The reverse
> zone resolves to "server.rob0.lan". Is that the right way to do this, or
> should I change SOA to "server.rob0.lan."? Does the lack of reverse DNS
> for the SOA matter?
This is the proper way. I've never heard of anything performing a
reverse DNS check on the MNAME field of the SOA record (in fact, there's
very little use of the SOA MNAME field at all, outside of dynamic
updates).
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
More information about the bind-users
mailing list