Re: Load balancing/Multiple CNAME's (Was: Re: Beyond DNS...)
In article <35788244.55A2D71@san.rr.com>, Studded <Studded@san.rr.com> wrote:
For the same reason you can't CNAME a zone's root to something else (meaning, if I am setting up the zone map for n.ml.org, I can CNAME web.n.ml.org to narnia.n.ml.org,
Right.
but I can't CNAME n.ml.org to narnia.n.ml.org, nor can I CNAME n.ml.org to ftp.microsoft.com, or any other host),
Why not?
Because you cannot have CNAME RRs along with any other RR, including NS and SOA. DNSSEC RRs are excepted.
Finally, if you plan to disagree with anything in this post, please quote chapter and verse from the relevant RFC. I've spent a lot of time studying this topic and am quite sure of my facts.
RFC 2181 section 10.1. -- Shields, CrossLink.
Michael Shields wrote:
In article <35788244.55A2D71@san.rr.com>, Studded <Studded@san.rr.com> wrote:
For the same reason you can't CNAME a zone's root to something else (meaning, if I am setting up the zone map for n.ml.org, I can CNAME web.n.ml.org to narnia.n.ml.org,
Right.
but I can't CNAME n.ml.org to narnia.n.ml.org, nor can I CNAME n.ml.org to ftp.microsoft.com, or any other host),
Why not?
Because you cannot have CNAME RRs along with any other RR, including NS and SOA. DNSSEC RRs are excepted.
True, the example was a little fuzzy. If n.ml.org is the origin of that zone then no, you can't add a CNAME for it. My point was that if it's valid to point a name at a CNAME there is nothing wrong with pointing it to one outside the zone, which is a common misconception. Sorry for the confusion.
Finally, if you plan to disagree with anything in this post, please quote chapter and verse from the relevant RFC. I've spent a lot of time studying this topic and am quite sure of my facts.
RFC 2181 section 10.1.
Sorry I wasn't clear. I meant that you should actually quote the material you want to refer to. I can't find any RFC 2181 either at ftp://rs.internic.net/rfc/ or ftp://ftp.ietf.org/. If you would be so kind as to quote exactly what you are referring to and provide a URL so that I can check out the context I'd appreciate it. Thanks, Doug -- *** Chief Operations Officer, DALnet IRC network *** *** Proud designer and maintainer of one of the world's largest *** Internet Relay Chat servers with 5,328 simultaneous connections *** Try spider.dal.net on ports 6662-4 (Powered by FreeBSD)
ftp://ftp.isi.edu/in-notes/rfc2181.txt 10.1. CNAME resource records The DNS CNAME ("canonical name") record exists to provide the canonical name associated with an alias name. There may be only one such canonical name for any one alias. That name should generally be a name that exists elsewhere in the DNS, though there are some rare applications for aliases with the accompanying canonical name undefined in the DNS. An alias name (label of a CNAME record) may, if DNSSEC is in use, have SIG, NXT, and KEY RRs, but may have no other data. That is, for any label in the DNS (any domain name) exactly one of the following is true: + one CNAME record exists, optionally accompanied by SIG, NXT, and KEY RRs, + one or more records exist, none being CNAME records, + the name exists, but has no associated RRs of any type, + the name does not exist at all. Stephen Studded wrote:
RFC 2181 section 10.1.
Sorry I wasn't clear. I meant that you should actually quote the material you want to refer to. I can't find any RFC 2181 either at ftp://rs.internic.net/rfc/ or ftp://ftp.ietf.org/. If you would be so kind as to quote exactly what you are referring to and provide a URL so that I can check out the context I'd appreciate it.
-- Stephen Sprunk, KD5DWP "Oops." Email: sprunk@paranet.com CCIE #3723 -Albert Einstein ICBM: 33.00151N 96.82326W
Stephen Sprunk wrote:
ftp://ftp.isi.edu/in-notes/rfc2181.txt
10.1. CNAME resource records
[snip]
That is, for any label in the DNS (any domain name) exactly one of the following is true:
+ one CNAME record exists, optionally accompanied by SIG, NXT, and KEY RRs, + one or more records exist, none being CNAME records, + the name exists, but has no associated RRs of any type, + the name does not exist at all.
Thanks, someone else was kind enough to send me the ref last night too. This RFC has been on the standards track for about a year, and isn't moving forward (that I've seen). I follow most of the standards track stuff but not all of it. In any case, all this does is reinforce Paul Vixie's statement in the FAQ that I quoted previously. Basically he said that multiple CNAME's are allowed now, but may go away at some point in the future. That doesn't mean it's not a valid tool now, especially since there aren't any better tools yet. Thanks for the quote, Doug -- *** Chief Operations Officer, DALnet IRC network *** *** Proud designer and maintainer of one of the world's largest *** Internet Relay Chat servers with 5,328 simultaneous connections *** Try spider.dal.net on ports 6662-4 (Powered by FreeBSD)
participants (3)
-
shields@crosslink.net -
Stephen Sprunk -
Studded