Questions about DNAME records

Chris Buxton cbuxton at menandmice.com
Tue Jun 16 14:40:14 UTC 2009 

On Jun 16, 2009, at 1:37 AM, Braebaum, Neil wrote:
> What I was getting at - probably worded poorly - was say I wanted to
> provide resolution for something like:-
>
> _service._tcp.example.com.
>
> if I'd previously created the DNAME record (example.com.	IN
> DNAME		example2.com.), would creating a SRV RR record in
> example2.com.:-
>
> _service._tcp.example2.com.
>
> work as resolution for it?

Yes. The final and complete answer will be:

_service._tcp.example.com.	IN	CNAME	_service._tcp.example2.com.
_service._tcp.example2.com.	IN	SRV	... 4 fields here ...

> As to the forwarding thing, what I was thinking of, is that
> example2.com. forwards out to internet DNS servers for external
> resolution

Unfortunately, that's a nonsensical assertion. A domain does not  
forward. A DNS server forwards.

> and it just so happens that example.com. is a namespace we
> use externally. So would it work in the scenario I've given, that if I
> wanted to provide resolution for _service._tcp.example.com. (if it  
> works
> with the DNAME scenario I've described above), would other records for
> example.com. that aren't catered for in example2.com., be obtained by
> merit of example2.com. forwarding? Or would the DNAME configuration  
> not
> allow it?

A DNAME record precludes child names. That is, you cannot have any  
names of the form "foo.example.com" and also have a DNAME record named  
"example.com".

> I guess what I'm wondering is that if example.com. is DNAMEd
> to example2.com. and the records aren't in example2.com. does the
> enquiry end there, or could / would the question be dealt with by  
> merit
> of example2.com. forwarding to internet DNS servers?

If you have a DNAME record named example.com, then aside from other  
records named example.com, there cannot be any other records in the  
example.com zone. No subdomains are allowed.

So if example.com is hosted on the outside, and example2.com is  
internal, an internal resolver will see the external DNAME record (and  
related, synthesized CNAME records) and be able to resolve them inside  
example2.com (assuming it can find example2.com).

If there is no external version of example2.com, then you're creating  
problems, because a DNAME record from a public zone to a strictly  
private zone will cause resolution for the public for names in the  
example.com domain (except example.com itself) to fail.

Unfortunately, if this explanation isn't clear, I would need to know  
exactly what you're trying to accomplish, probably including real  
names, in order to help further. My employer offers confidential DNS  
consulting service for a fee, if that would be useful to you.

Chris Buxton
Professional Services
Men & Mice

More information about the bind-users mailing list