Results 1 to 12 of 12
  1. #1
    Join Date
    Dec 2001
    Location
    Melbourne, Australia.
    Posts
    208

    Question Use A or CNAME records?

    When setting up DNS it is better to use A or CNAME records?

    At least one A host record is going to be need for your zone, and convention says that the other records like www etc. are CNAME records.

    So you'd have something like this:
    @ IN A 12.34.56.78
    www IN CNAME @
    servername IN CNAME @
    mail IN CNAME @


    When someone is looking for www, are there 2 lookups? One for the www CNAME and then a second for the A record? Or does the server just resolve the CNAME before sending the IP back to the client?

    If you setup your DNS like this:
    @ IN A 12.34.56.78
    www IN A 12.34.56.78
    servername IN A 12.34.56.78
    mail IN A 12.34.56.78


    Obviously if you wanted to change your IP you'd have a bit of trouble, but is this a better or worse way to setup DNS?

  2. #2
    Join Date
    Jun 2001
    Location
    Australia
    Posts
    36
    G'day Wolfy,

    I actually use CNAME entries quite liberally myself and it helps greatly with DNS maintenance. However, be sure to keep in mind the following RFC.

    Canonicalization: RFC-821 Section 3.1

    The domain names that a Sender-SMTP sends in MAIL and RCPT commands MUST have been "canonicalized," i.e., they must be fully-qualified principal names or domain literals, not nicknames or domain abbreviations. A canonicalized name either identifies a host directly or is an MX name; it cannot be a CNAME.

    Best Regards,

    LBJ
    Life's Short - Play Fair
    Just Do It... Responsibly, Morally & Ethically

  3. #3
    Join Date
    Jun 2000
    Location
    Southern California
    Posts
    12,136
    Well recently I had a bit of trouble with a cached cname entry, so my suggestion would be to use the IP when you can. It is how I used to do it, never had any problems, and when I started using cnames there was a problem.

    Sample that works fine:

    woobster.com. NS ns1.spacechicken.com.
    woobster.com. NS ns2.spacechicken.com.
    woobster.com. A 64.247.6.150
    mail.woobster.com. A 64.247.6.150
    www.woobster.com. CNAME woobster.com.
    woobster.com. MX 10 mail.woobster.com.
    64.247.6.150/24 PTR woobster.com.
    HostHideout.com - Where professionals discuss web hosting.

    • Chicken

  4. #4
    Join Date
    Apr 2001
    Location
    Denmark, Europe
    Posts
    614
    Originally posted by Chicken
    Well recently I had a bit of trouble with a cached cname entry, so my suggestion would be to use the IP when you can. It is how I used to do it, never had any problems, and when I started using cnames there was a problem.
    Personally, I think that using CNAME records in DNS is simply a "bad thing todo" (TM).

    Instead use _administrative_ CNAMEs (which probably doesn't ring a bell to those, who doesn't use some kind of software for managing their DNS). This means that you in the management (or administration) of your zones, you can use "names" or "labels" (like CNAMEs), but when used in actually "day to day business" they will be transformed into ordinary A records.

    This _reduces_ management trouble _and_ avoid the double lookup common with CNAMEs (unless your DNS server is smart enough to feed the A record with the CNAME record, which most servers do in most cases...... but it in any case it's a waste of bandwidth).
    Jens Kristian Søgaard, Mermaid Consulting ApS,
    jens@mermaidconsulting.dk,
    http://www.mermaidconsulting.com/

  5. #5
    Join Date
    Apr 2001
    Location
    Depok, Indonesia
    Posts
    988
    You should use A records whenever you can. Using CNAME too generously can lead to very deep aliasing, which can take a long time to resolve. In your case, you have control to both the target and the alias, so I recommend using A records.

  6. #6
    Join Date
    Oct 2000
    Location
    Israel
    Posts
    1,288
    Originally posted by Chicken
    ns1.spacechicken.com
    Great name, Chicken! One of the great ones.

  7. #7
    Repeat afte me.

    CNAME bad. A good. CNAME bad. A good.

    There. That's better.

    -t
    myOstrich Internet - OpenSRS Domain Names & Digital Certificates
    http://www.myostrich.net

  8. #8
    Join Date
    Jun 2000
    Location
    Southern California
    Posts
    12,136
    Originally posted by Abu Mami
    Great name, Chicken! One of the great ones.
    I'm partial to that one heh...

    Side note:
    Personally, as I said, I would never use CNAMES for anything. Plesk had a default set up which included them, and has a quirk (I suppose there is some reason for it), which does not permit me to add www.woobster.com A <IP Address> (returns an error).

    I haven't used this server long enough to fully understand why. I have another domain set up which just points to an IP and it lets me set up both the domain and the www in DNS to point to an IP and I honestly can't figure out the difference, except that this domain isn't actually set up on the server, it is just added to the cp and DNS'ed, nothing more.

    So for now I live with that CNAME until I can figure out why it says this. The exact error it returns is:

    "Unable to insert new DNS record: This IP-Address is used by another IP-based domain or is not available."

    As I said, I set up another domain (which is IP-based), and it let me point it to the IP. It seems to not have a problem with that one, so I'm just confused as to what's going on, but not enough to spend 5 hours figuring it out at the moment.
    HostHideout.com - Where professionals discuss web hosting.

    • Chicken

  9. #9
    Join Date
    Dec 2001
    Location
    Melbourne, Australia.
    Posts
    208
    Originally posted by thewitt
    Repeat after me.

    CNAME bad. A good. CNAME bad. A good.
    CNAME bad ...
    A good .....

    Thankyou, that about answers my question.

    I just thought it may be contrary to the DNS RFC or something to have multiple A records all pointing to the same IP. There must be some reason they made CNAME in the first place.

  10. #10
    Initially the idea of a CNAME record was great. You would have one A record for any unique IP address in your zone file, and then you would have CNAME records that pointed to this named, A record. The theory was that when you changed IP addresses, you would only have to find and change one record for any IP address.

    In practice, they don't work well however, due mostly to the way that DNS records are cached and the distributed nature of the domain information.

    CNAME records have their largest failing in their use as MX records. If you ever change IP addreses, there is a good chance that they will end up pointing to old A records in someone's cache - either a DNS cache or an MTA cache - and your mail will stop being delivered. This can go on for months after you change your IP address.

    They also require multiple queries in order to be resolved - first to fetch the CNAME record, and then to fetch the A record - unless of course you have the A record cached, and then the second fetch is not needed. If the A record you have cached is incorrect however - did I talk about cached CNAME/A record problems and mail...

    -t
    myOstrich Internet - OpenSRS Domain Names & Digital Certificates
    http://www.myostrich.net

  11. #11
    Join Date
    Apr 2001
    Location
    Denmark, Europe
    Posts
    614
    Originally posted by thewitt
    CNAME records have their largest failing in their use as MX records. If you ever change IP addreses, there is a good chance that they will end up pointing to old A records in someone's cache - either a DNS cache or an MTA cache - and your mail will stop being delivered. This can go on for months after you change your IP address.
    But that's not the CNAME record's fault - it's the TTL setting on the A record.

    They also require multiple queries in order to be resolved - first to fetch the CNAME record, and then to fetch the A record
    Most DNS servers sends the A record with the CNAME records, so that in reality only one lookup is needed.

    (However, I'm still a supporter of the "CNAME is bad" principle)
    Jens Kristian Søgaard, Mermaid Consulting ApS,
    jens@mermaidconsulting.dk,
    http://www.mermaidconsulting.com/

  12. #12
    Here's a really interesting page on DNS configuration and some of the problems associated with CNAME records.

    http://www.dns.net/dnsrd/rfc/rfc1912.html

    -t
    myOstrich Internet - OpenSRS Domain Names & Digital Certificates
    http://www.myostrich.net

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •