CNAME record
Encyclopedia
A CNAME record or Canonical Name record is a type of resource record in the Domain Name System
(DNS) that specifies that the domain name
is an alias of another, canonical
domain name. This helps when running multiple services (like an FTP server and a webserver; each running on different ports) from a single IP address. Each service can then have its own entry in DNS (like ftp.example.com. and www.example.com.). Network administrators also use CNAMEs when running multiple HTTP servers on the same port, with different names, on the same physical host.
.
For example, if there is a DNS zone as follows:
foo.example.com. CNAME bar.example.com.
bar.example.com. A 192.0.2.23
When an A record lookup for foo.example.com is done, the resolver will see a CNAME record and restart the checking at bar.example.com and will then return 192.0.2.23.
foo.example.com. CNAME bar.example.com.
may be read as:
The canonical name itself must be defined by a record other than a CNAME or DNAME record.
foo.example.com. CNAME bar.example.com.
bar.example.com. CNAME foo.example.com.
example.com. MX 0 foo.example.com.
foo.example.com. CNAME host.example.com.
host.example.com. A 192.0.2.1
, or with EDNS version 0, then a name server synthesizes a CNAME record to simulate the semantics of the DNAME record.
For example, if there is a DNS zone as follows:
foo.example.com. DNAME bar.example.com.
bar.example.com. A 192.0.2.23
xyzzy.bar.example.com. A 192.0.2.24
*.bar.example.com A 192.0.2.25
An A record lookup for foo.example.com will fail because a DNAME is not a CNAME.
However, a lookup for xyzzy.foo.example.com will be DNAME mapped and return the A record for xyzzy.bar.example.com which is 192.0.2.24; if the DNAME record had been a CNAME record, this request would have failed.
Lastly, a request for baz.foo.example.com would be DNAME mapped and return 192.0.2.25.
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
(DNS) that specifies that the domain name
Domain name
A domain name is an identification string that defines a realm of administrative autonomy, authority, or control in the Internet. Domain names are formed by the rules and procedures of the Domain Name System ....
is an alias of another, canonical
Canonical
Canonical is an adjective derived from canon. Canon comes from the greek word κανών kanon, "rule" or "measuring stick" , and is used in various meanings....
domain name. This helps when running multiple services (like an FTP server and a webserver; each running on different ports) from a single IP address. Each service can then have its own entry in DNS (like ftp.example.com. and www.example.com.). Network administrators also use CNAMEs when running multiple HTTP servers on the same port, with different names, on the same physical host.
Details
CNAME records are specified in RFC 1034. CNAME records are handled specially in the domain name system, and have several restrictions on their use. When a DNS resolver encounters a CNAME record while looking for a regular resource record, it will restart the query using the canonical name instead of the original name. (If the resolver is specifically told to look for CNAME records, the CNAME alias is returned, rather than restarting the query.) The canonical name that a CNAME record points to can be anywhere in the DNS, whether local or on a remote server in a different DNS zoneDNS zone
A DNS zone is a portion of the global Domain Name System namespace for which administrative responsibility has been delegated.-Definition:...
.
For example, if there is a DNS zone as follows:
foo.example.com. CNAME bar.example.com.
bar.example.com. A 192.0.2.23
When an A record lookup for foo.example.com is done, the resolver will see a CNAME record and restart the checking at bar.example.com and will then return 192.0.2.23.
Which is the "CNAME"?
RFC 2181, "Clarifications to the DNS Specification", includes a warning on the use of the word "CNAME". "The CNAME" or "a CNAME" is often used to refer to the label, or left-hand part, of a CNAME record. However, as "CNAME" is an abbreviation of "canonical name", this usage is inaccurate; the label is an alias for the right-hand side (the RDATA portion), which is (or should be) a canonical name. In other words, a CNAME record like this:foo.example.com. CNAME bar.example.com.
may be read as:
- foo.example.com is an alias for the canonical name (CNAME) bar.example.com.
The canonical name itself must be defined by a record other than a CNAME or DNAME record.
Restrictions
- An alias defined in a CNAME record must have no other resource records of other types (MX, A, etc.). (RFC 1034 section 3.6.2, RFC 1912 section 2.4) The exception is when DNSSECDNSSECThe Domain Name System Security Extensions is a suite of Internet Engineering Task Force specifications for securing certain kinds of information provided by the Domain Name System as used on Internet Protocol networks...
is being used, in which case there can be DNSSEC related records such as RRSIG, NSEC, etc. (RFC 2181 section 10.1)
- CNAME records that point to other CNAME records should be avoided due to their lack of efficiency, but are not an error. It is possible, then, to create unresolvable loops with CNAME records, as in:
foo.example.com. CNAME bar.example.com.
bar.example.com. CNAME foo.example.com.
- Other DNS record types, such as NS, MX, PTR, SRV, etc. that point to other names should never point to a CNAME alias. So, for example, a zone should not contain constructs such as:
example.com. MX 0 foo.example.com.
foo.example.com. CNAME host.example.com.
host.example.com. A 192.0.2.1
- Domains that are used for e-mail may not have a CNAME record. In practice this may work, but can have different behavior with different mail servers, and can have undesired effects.
DNAME record
A DNAME record or Delegation Name record is defined by RFC 2672. A DNAME record creates an alias for one or more subdomains of a domain. In contrast, the CNAME record creates an alias only of a single name (and not its subdomains). Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. If a DNS resolver sends a query without EDNSEDNS
Extension mechanisms for DNS is a specification for expanding the size of several parameters of the Domain Name System protocol which had size restrictions that the Internet engineering community deemed too limited for increasing functionality of the protocol...
, or with EDNS version 0, then a name server synthesizes a CNAME record to simulate the semantics of the DNAME record.
For example, if there is a DNS zone as follows:
foo.example.com. DNAME bar.example.com.
bar.example.com. A 192.0.2.23
xyzzy.bar.example.com. A 192.0.2.24
*.bar.example.com A 192.0.2.25
An A record lookup for foo.example.com will fail because a DNAME is not a CNAME.
However, a lookup for xyzzy.foo.example.com will be DNAME mapped and return the A record for xyzzy.bar.example.com which is 192.0.2.24; if the DNAME record had been a CNAME record, this request would have failed.
Lastly, a request for baz.foo.example.com would be DNAME mapped and return 192.0.2.25.
External links
- RFC 1912 is wrong Meng Weng WongMeng Weng WongMeng Weng Wong is a serial entrepreneur. In 1994 he founded pobox.com, an email services company. In 2003 he led the group that designed the Sender Policy Framework standard which was later embraced and extended by Microsoft...
's analysis of CNAME restrictions. - RFC 2219 - Use of DNS Aliases for Network Services