Cant We See Cname Again in Blogspot

This postal service volition use the to a higher place question to explore DNS, dig, A records, CNAME records, and Allonym/ANAME records from a beginner'southward perspective. Then let'due south get started.

First, some definitions

• Domain Name Organisation (DNS): the overall system for converting a man memorable domain name (instance.com) to an IP address (93.184.216.34). The IP address is of a server, commonly a web server, where the files needed to display a webpage are stored.
• DNS Server (too known as a proper name server or nameserver): Uses DNS software to store data about domain addresses. In that location are several levels — those belonging to each ISP, Root (13 total worldwide), Top Level Domain (TLD, e.g. '.com'), and Domain level DNS Servers.
• Domain name: the domain (example) combined with the TLD (.com). The term 'domain' is often used synonymously with the domain name, though they are different. When yous buy a 'domain' from a a registrar or reseller, you buy the rights to a specific domain name (example.com), and any subdomains you want to create (my-site.example.com, mail.example.com, etc).

High level query flow

The loftier-level flow of what happens when yous type "case.com" into your browser tin can be simplified to remove the hops to the Isp, Root, and TLD DNS Servers equally below:

Simplified DNS request flow, more tin can be seen in a more detailed catamenia

A domain typically has two or more than proper noun servers, containing records relating to the domain name (example.com).

Many types of records can be stored, most of which tin have multiple entries per type:

• A: Accost records that map the domain proper noun to an IP address
• CNAME: Canonical Proper name Record. Used to alias one domain name (or subdomain proper noun) to some other. We'll look at this in more detail later.
• MX: Mail commutation records that tell email delivery agents where they should evangelize your e-mail
• TXT: flexible Text records, for storing strings for a variety of uses
• SOA: atypical Start of Authority record kept at the peak level of the domain. Contains specific required information almost the domain, for example its principal name server
• NS: The name servers associated with the domain

When your device sends a query that reaches a name server, the server looks in the domain's record node for an A record, and the associated stored IP address (example.com: 93.184.216.34). This is then returned to the device, to exist used to transport a request to the correct web server to recall the requested webpage or resource.

Using 'dig'

dig (domain information groper) is a control-line tool for querying DNS servers. This control is generally used for troubleshooting, or as at present to understand more about the setup of a system.

$ dig instance.com results in a long response printed to the terminal, the default output detailed hither, of which we are interested in the ANSWER Department.

                ;; ANSWER SECTION: instance.com.       72703      IN     A       93.184.216.34              

And there nosotros get, we can encounter that example.com returns an A record of 93.184.216.34. Sometimes domains will accept more than 1 A record, if more one web server can provide the information needed.

There's more! If we endeavour out some other examples, we can soon see that another common record appears: CNAME.

$ dig www.skyscanner.cyberspace:

                ;; Answer Department: www.skyscanner.net. 169 IN CNAME www.skyscanner.internet.edgekey.net. www.skyscanner.net.edgekey.net. 5639 IN CNAME e11316.a.akamaiedge.net. e11316.a.akamaiedge.net. xx IN A 23.217.6.192              

                www.skyscanner.net.edgekey.net. 5639 IN CNAME e11316.a.akamaiedge.internet.              

                e11316.a.akamaiedge.net. 20 IN A 23.217.6.192              

Using the +short flag allows us to clearly see the path formed:

$ dig www.skyscanner.net +brusque

                www.skyscanner.net.edgekey.net. e11316.a.akamaiedge.cyberspace. 23.217.six.192              

CNAME

A CNAME tape allows a domain name to be used as an alias for another canonical (true) domain.

When the DNS server returns a CNAME tape, it volition not return that to the client. Rather it volition over again wait upwards the returned domain proper name, and in turn render the A record'due south IP address. This chain can continue many CNAME levels deep, but and so suffers minor performance hits from multiple lookups earlier caching takes place.

A simple example of this could be if you have a server where you go on all your photos. You may normally access it through photos.case.com. Even so, y'all might too desire information technology to allow access via photographs.example.com. I manner to make this possible is to add a CNAME record that points photographs to photos. This means that when someone visits photographs.example.com they would be given the same content as photos.example.com.

Using the query $ dig photographs.example.com we would run across:

                photographs.case.com    IN   CNAME photos.example.com photos.example.com         IN   A     xx.xxx.10.xxx              

Information technology's of import to note that the CNAME is that slice to the right hand side. The left hand side is the alias name, or label.

Another common apply is for the world wide web subdomain. Having purchased example.com you lot likely also want users who type in world wide web.example.com to run into the aforementioned content.

It is worth noting here that example.com can exist called the apex, root, or naked domain name.

One choice would be to set up another A record, pointing to the same IP address as for example.com. This is completely valid, and is what the real example.com does, simply it does non calibration well. What happens if y'all demand to update the IP address that example.com points to? Y'all would as well need to update information technology for the www subdomain, and any others you may use.

If a CNAME record was used to alias www.example.com to signal to example.com so just the root domain would have to be updated, as all other nodes bespeak to it.

CNAME limitations

At the time when the DNS standards were written, some rules were set out to govern their use. RFC 1912 and RFC 2181 gear up out that:

• SOA and NS records are mandatory to exist present at the root domain
• CNAME records tin can only exist every bit single records and can not be combined with whatever other resource record ( DNSSEC SIG, NXT, and KEY RR records excepted)

This excludes a CNAME existence used on the root domain, every bit the two rules would contradict each other.

What'southward important hither is that this is a contractual limitation, non a technical one. It is possible to employ a CNAME at the root, but it tin can event in unexpected errors, as it is breaking the expected contract of beliefs.

An example of this is told by Cloudflare, describing problems they encountered with Microsoft Exchange postal service servers after having used a CNAME on their root domain:

Domains generally designate the servers that handle their email through what's known as a MX Record. The problem was that Exchange servers … could option upwards the CNAME at the root record and and so not properly respect the CNAME fix at the MX tape. Yous tin't really arraign Exchange. They were operating under the assumptions laid out by the DNS specification.

Hither you see the downside that tin appear in several server softwares or libraries. Because a standard is in place for a CNAME to exist the only record at a node, no other records are looked for. All other records will be silently ignored, without warning or error letters. Even if an MX record was ready to receive email, the MX will be ignored as if it doesn't exist because the CNAME is evaluated first. The same is true if there were an A record: the CNAME would accept precedence and the A tape would not be read.

The modern internet

So why is this a problem? Why would y'all e'er want to employ a CNAME for your root domain anyway? Surely that is the stop of the path when looking for the IP address of the spider web server hosting your content?

In the modern internet landscape, that is no longer the case. The globe is very different from when the DNS standards were written.

Y'all may choose to use a Platform equally a Service (PaaS) provider like Heroku and store content on their spider web servers. You control the content, merely not the infrastructure, and the PaaS provider does the heavy lifting of the network maintenance. They typically provide you with a URL (my-app.herokuapp.com) that is a subdomain of their root domain, and you can view the IP addresses for the web server(s) your content is on. But these are entirely under the PaaS provider'south control, and will change without alarm.

The scale and frequency of backend changes made by the PaaS provider can make it hard to maintain your root domain A record pointing at a single IP address. Ideally y'all would wish to do this:

                instance.com      IN   CNAME    my-app.herokuapp.com.www.instance.com  IN   CNAME    my-app.herokuapp.com.example.com      IN   CNAME    my-app.herokuapp.com. www.example.com  IN   CNAME    my-app.herokuapp.com.              

to allow Heroku (or your chosen host provider) to manage updating the A record that the CNAME points to without whatever changes made on your side. However, as we at present know, this breaks the DNS specification, so is a very bad thought.

Information technology is possible to simply implement a 301/302 redirect from instance.com to www.example.com. Still, that teaching takes identify either on the spider web server (so still having the trouble of needing to employ a fixed A record in DNS to signal to that web server), or a custom DNS provider redirect (that suffers complications with HTTPS).

This also has the side effect of irresolute the domain that you lot see in the URL bar, which you may non want. This method is intended for when your website has permanently moved, or when you're trying to preserve SEO rankings, rather than solving our problem of pointing to a complex changing backend in a scaleable way.

The solution

Several DNS providers take now adult custom solutions to piece of work around this problem, including:

• Alias at DNSimple
• ANAME at DNS Made Easy
• ANAME at easyDNS
• CNAME (virtual) at CloudFlare

These are all virtual record types that provide CNAME similar behaviour, with none of the downsides. The exact implementation tin can differ, but at a high level when the DNS server sees ane of these virtual record types, it acts every bit a DNS resolver. It follows the concatenation created by the alias until it resolves at an A tape (or records) and returns these A records to the DNS server. This 'flattens' the CNAME chain into the A record(due south) returned, and is indistinguishable to the sent query. The query sees only a pure A record, which doesn't break the DNS specification, and doesn't have whatsoever of the disadvantages of a CNAME.

These virtual records can sit alongside other records at the root without any fearfulness of unintended behaviours. Depending on the provider's method of DNS resolution when post-obit the CNAME chain, they may too have performance benefits from caching previous lookups.

For a DNSimple setup, we would then configure as below. This solution has all the advantages of domain proper noun aliasing, and none of the risks of using it at root level.

                instance.com      IN   Allonym    my-app.herokuapp.com.www.instance.com  IN   CNAME    my-app.herokuapp.com.              

Cheers for reading! ?

As e'er, open to whatever corrections or additional points.

Resources

• What is a DNS Server
• Set Upwards a DNS Name Server
• DNSimple support pages and Alias blog
• Cloudflare back up and CNAME blog
• dig HowTo
• Several great Stack Overflow or StackExchange posts
• Well written Wikipedia entries
• Netlify blog 'To world wide web or not www'

---

---

Learn to code for free. freeCodeCamp's open source curriculum has helped more xl,000 people get jobs every bit developers. Get started

bathursttooffer.blogspot.com

Source: https://www.freecodecamp.org/news/why-cant-a-domain-s-root-be-a-cname-8cbab38e5f5c/

Share this post