Define a domains addresses sole in terms of another
barmar at alum.mit.edu
Wed Jul 11 04:28:01 UTC 2007
In article <f6vap1$2jjk$1 at sf1.isc.org>,
Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote:
> On Mon, Jul 09, 2007 at 08:48:00PM -0400,
> Barry Margolin <barmar at alum.mit.edu> wrote
> a message of 46 lines which said:
> > The RFC recommends against it for performance reasons, but doesn't
> > prohibit it.
> Yes, it does.
> RFC 1034, 3.6.2 "Aliases and canonical names" :
> > Domain names in RRs which point at another name should always point at
> > the primary name and not the alias. This avoids extra indirections in
> > accessing information. For example, the address to name RR for the
> > above host should be:
> > 126.96.36.199.IN-ADDR.ARPA IN PTR C.ISI.EDU
> > rather than pointing at USC-ISIC.ARPA. Of course, by the robustness
> > principle, domain software should not fail when presented with CNAME
> > chains or loops; CNAME chains should be followed and CNAME loops
> > signalled as an error.
> BIND follows the advice, it works with CNAME chains. Not all resolvers do.
> > It even mentions that resolvers must follow CNAME chains,
> Not "must", "should".
Be aware that this RFC predates by many years the formal conventions for
use of the words MUST and SHOULD. My interpretation is that the first
sentence of the section is recommending a best practice, not a
requirement. The second sentence is the justification that I mentioned:
performance issues from extra indirections.
In any case, CNAME chains are extremely common. Common enough that I
think a resolver that failed to handle them would be quickly discarded.
Barry Margolin, barmar at alum.mit.edu
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users