4

I am running a small hosting service and from time to time I have a new user using cloudflare.

To use cloudflare users

1) copy the DNS zone via the cloudflare interface

2) set cloudflare nameservers

In the DNS zone there is a bunch of A records such as

apex.com A 6.6.6.6

www A 6.6.6.6

However from time to time I need to move websites across servers with different IPs.

I would replace A records with CNAME records eg.

apex.com CNAME apex.hosting.com

www CNAME apex.hosting.com

if it weren't for the SOA/NS vs zone apex CNAME issue.

What alternative is open to overcome this problem at DNS zone level?

It's beyond me why I can't find a solution to such a problem at DNS zone level.

Load balancer/virtualization are not an option unfortunately.

wlf
  • 371
  • 2
  • 13
  • This is one reason why CloudFlare and many other providers strongly recommend that sites use a 301-redirect from the apex to `www`. – Michael Hampton Aug 24 '13 at 15:43
  • but that means pointing to a server with a web server configured to redirect, I am sure there is a more efficient way - but I can't see it. – wlf Aug 24 '13 at 15:53
  • It's also a trivial four-line virtual host you can put on any server anywhere. – Michael Hampton Aug 24 '13 at 16:06
  • @MichaelHampton your comments were the best thing I got out of this question. However leaving aside the "dummy" virtual hosts, I can already hear users screaming asking why the hell they can't have their non-www website. – wlf Aug 30 '13 at 07:41
  • We've answered that question before. See for instance [What’s the point in having “www” in a URL?](http://serverfault.com/q/145777/126632) as well as [Why does Heroku warn against “naked” domain names?](http://serverfault.com/q/408017/126632) – Michael Hampton Aug 30 '13 at 14:19
  • @MichaelHampton my question is not what is the problem (I googled those pages many times over believe me) but rather how can I overcome it. Your 301 solution is OK but I have a feeling that in the long run it's going to bite me. Do you think I can create custom DNS record types with BIND? They have ALIAS at DNSimple http://blog.dnsimple.com/zone-apex-naked-domain-alias-that-works/ but then would people be able to use such record types on services such as cloudflare? I don't think so. – wlf Aug 30 '13 at 14:36
  • 1
    No, those hacks are utterly nonstandard and aren't compatible with anything other than their own services. You'll be much more likely to have problems if you _do_ use them. – Michael Hampton Aug 30 '13 at 14:37

1 Answers1

3

There is a hosted option that provides for what Michael Hampton suggests above. It's called wwwizer.com.

Set your zone apex A record to this IP address and it provides a 301 redirect from the non-WWW version of your domain to the WWW version.

Just point your naked domain to 174.129.25.170 and it will be redirected to the same domain with www in front. Read more...

Amazon's CTO Werner Vogels used to use this for his own blog before Amazon S3 offered S3 Website Root Domain support. The Amazon Route53 DNS service has since started offering a special type of record called an 'alias record':

Additionally, Route 53 offers ‘Alias’ records (a Route 53-specific virtual record). Alias records are used to map resource record sets in your hosted zone to Elastic Load Balancing load balancers, CloudFront distributions, or S3 buckets that are configured as websites. Alias records work like a CNAME record in that you can map one DNS name (example.com) to another ‘target’ DNS name (elb1234.elb.amazonaws.com). They differ from a CNAME record in that they are not visible to resolvers. Resolvers only see the A record and the resulting IP address of the target record.

However, this only applies to Amazon customers. I frequently use wwwizer with domains I host via Rackspace Cloud DNS, and I'm very pleased with it.

Aaron
  • 301
  • 3
  • 9
  • Thanks, I read about the "alias". Do you think it's possible to change BIND's default behaviour and achieve something similar... I can't help feeling DNS have failed on me for the first time ever. – wlf Aug 24 '13 at 16:07
  • @wlf DNS is working exactly as it's meant to; a FQDN is either a CNAME or something else (and "something else" includes the possibility of "does not exist"). You can't have it both ways, unfortunately. (Well, in theory you probably can, but support will be spotty at best and almost certainly unreliable.) – user Aug 24 '13 at 16:46
  • @MichaelKjörling we are talking about the zone apex here, a FQDN is the complete domain name for a specific computer or host such as mail.hosting.com, not quite the same thing. – wlf Aug 30 '13 at 07:34
  • @wlf You can put an address record at the top of the zone causing that name to become a "host name". There's nothing magical about `abcdef.co.uk` that sets it apart from `www.abcdef.co.uk`, nor is `server01.webservers.example.com` necessarily any different from `webservers.example.com`; they are both DNS names which can have different types of DNS record data ssociated with them. – user Aug 30 '13 at 08:19
  • @MichaelKjörling abcdef.co.uk is a domain apex. www.abcdef.co.uk is not. I don't think you are getting what is meant by domain apex otherwise you wouldn't have said there is nothing different between abcdef.co.uk and www.abcdef.co.uk. – wlf Aug 30 '13 at 08:58
  • @wlf `abcdef.co.uk` is delegated from some higher level (`uk`, in this case). There's nothing saying abcdef.co.uk can't delegate `www` further, which creates a zone boundary just as much as between uk and abcdef.co.uk. The *only* difference between the "zone apex" and "not zone apex" names is the existence of a SOA RR at the name, and NS RRs at some higher level (closer to the root zone) doing the delegation. *The existence of a SOA RR means there cannot also exist a CNAME RR at the same name*, hence your problem. – user Aug 30 '13 at 11:22
  • 1
    @MichaelKjörling The SOA/NS vs CNAME problem was mentioned in the question from the beginning. TLDs have nothing to do with the question. If you still don't grasp the difference between abcdef.co.uk and www please see this link http://blog.cloudflare.com/zone-apex-naked-domain-root-domain-cname-supp You can have a CNAME for www, db or whatever, but you can't for abcdef.co.uk. That's the reason why services such as DNSimple have come forward with custom DNS record types. – wlf Aug 30 '13 at 13:08