CNAME only zone?
John Wobus
jw354 at cornell.edu
Fri Dec 16 15:45:17 UTC 2011
> If CloudFlare is similar to Akamai's solution, recursive servers never
> see the CNAME record. Instead, when the auth server receives the
> query
> for the A record of the apex, it performs its own query for the CNAME,
> and returns the result of this.
In other words, if your theory is correct, this "CNAME"
is window dressing for the customer ("yes, they gave me a
CNAME, I'm happy!") while actually they serve A records
that they've specified to give the same answer as "whatever
address the A record of such-and-such name has". What they
present in their customer interface or store in their
zone-file-equivalent is arbitrary.
Makes DNSSEC interesting.
It's always helpful to be able to tell your customer "yes, we gave
you a CNAME, just like you asked for. We do it even if our competitors
say no!"
John Wobus
P.S. Hm, I wonder if a TLD will give me a three part CNAME:
if they've given me "example.com. CNAME foo", will they also give
me "www.example.com. CNAME foo"?
More information about the bind-users
mailing list