1

I'm writing an app that lets a user host our pages on their domains. To do that, they need to configure a couple records in their DNS. One is a TXT record with a unique value just to prove ownership. The other is for directing traffic to our site, and for that we have three options.

A CNAME record would work, but cannot be combined with the TXT record (CNAME needs to be the only record per RFC). An A record would work and would allow a TXT record as well, but we want to avoid using IPs directly because then it's hard to migrate to a different IP.

So we're looking into an NS record that points to our DNS. The problem is that while it's possible to configure a single domain with both an NS record and a TXT record, when you query for the TXT record on the original domain you get nothing, and I think it's because of the NS record. The TXT record query hits the customer's domain which says "My name server is over there", and THAT nameserver has no TXT record.

Is there any way to combine both an NS record and a TXT record on a single domain and still be able to get the value of the TXT record from the original server?

Mike Snare
  • 111
  • 1
  • 1
    Why bother with "a TXT record ... to prove ownership"? The user can't actually change the really relevant domain settings unless they can control the DNS. The extra TXT record is redundant. – Michael Hampton Aug 04 '20 at 11:48
  • Because of subdomains and the possibility that some other user already registered a parent domain. Say user X sets up x.com with us and does so using an NS record. The NS record will handle requests to x.com as well as sub.x.com. I don't want user Y being able to set up sub.x.com as his own just because someone else set up x.com. But I *do* want different people to be able to use subdomains if they can set up the txt record. – Mike Snare Aug 04 '20 at 12:04
  • I've seen this method used in several places, google uses them as an alternative indicator of domain ownership, however, I think you're confused as to what you can do if you have a domain (or subdomain). It's entirely possible to have a separate record say `Iownthis TXT some_string_of_text` and another `mikesapp CNAME mikes.server.com` in either a primary domain or subdomain delegation.. All you really need to do is CNAME to a full TLDR (www.domain.com), not just the domain.com root. – NickW Aug 06 '20 at 12:47
  • Right. I've got several approaches that work. I can use an A record and a TXT record on the exact same node without issue. I can use a CNAME (except on the root node) but then I cannot not have a TXT record on the same node as the CNAME (either a sibling or sub-node works fine). Or I can have an NS record AND I can put a TXT record on a single node, but then I don't appear to be able to be able to query the user's domain for that specific TXT record. It doesn't come back. My question is specifically about having a TXT record and an NS record on a single node in DNS and being able to.... – Mike Snare Aug 06 '20 at 13:21
  • ...query the original server for the TXT record itself and get the value back. I appreciate the suggestions, but this is a technical question about having a TXT and NS record on the same node and being able to query the server for that TXT record's value. – Mike Snare Aug 06 '20 at 13:21
  • @MikeSnare I hope you found a solution because I have the same problem in my VPS and I cannot figure it out yet! – Ahmed Suror Nov 25 '21 at 15:17

0 Answers0