On Sat, Jan 04, 2003 at 03:58:23PM -0000, Graham Turner wrote: > probably one of the simpler questions to the newsgroup but ... > there seem to be many rules in DNS on record data holding only the > canonical name of a host. > for example the data section of a CNAME record must hold this > canonical name of the host Graham, You should see section 3.6.2. of RFC 1034 (Aliases and canonical names). Canonical names refer to the aliasing of one name, via the CNAME resource record, to another name. An example would be: hostAlias.sub.example. CNAME realhost.sub.example. Section 10.1.1 of RFC 2181 addresses most of your confusion regarding CNAME as "canonical name". > WHAT by definition is the canonical name of a host - i have assumed > it as it's configured hostname (concatentation of hostname / domain > name) in the resolver config > is this correct - if not will be very glad to be put right > one other query on the same tack regards the data section of the NS > records - have read here that these should reference the host canonical > name - by my assumed definition above the many instances on the internet of > NS record lookup returning ns0 / ns1 data would seem to be contrary to this > rule ??? > i know from M$ sites of issues using aliases for NS records to cause issues. > similarly have read that an IP address as NS record data is a definite - > NO-NO You are correct that CNAMEs should not be RDATA for NS records. Reusing the information In the above example, you would not want an NS record like the following: sub.example. NS hostAlias.sub.example. Instead you would want something like: sub.example. NS realhost.sub.example. Reference sections 3.3.11 of RFC 1035 and 10.3 of RFC 2181. They say that the RDATA (right hand side) of an NS record should be a FQDN, not an IP address, and not a CNAME. HTH. -rob -- Attached file included as plaintext by Ecartis -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+F54tOVBTTvic5hMRAsBEAKCzXHuS5CHv9imqjfJ1Xqndcc1khwCdEd9d mc1r9IvVEQ/hCKtUeJNYke8= =RaoP -----END PGP SIGNATURE-----