12

I'd like to set a domain's root name to a CNAME instead of the usual A record.

Here's a perfect example of what I'm trying to do:

dig lrnskls.com

Notice the answer section:

;; ANSWER SECTION:

lrnskls.com.            300     IN      CNAME   partner.adjix.com.

partner.adjix.com.      300     IN      A       67.121.212.61

The reason I'm trying to do this is so I can point a domain's root name, via a CNAME alias, to Amazon's S3. Using an A record doesn't work because S3's IPs change every few minutes for load balancing purposes.

PS - This seems to be legal under section 3.6.2 of RFC 1034 (note the USC-ISIC.ARPA example): http://www.faqs.org/rfcs/rfc1034.html

Kristian Glass
  • 280
  • 2
  • 10
  • 2
    Good point about it seemingly being legal according to the example in section 3.6.2. RFC1034 is from 1987, and should be read with an eye to present day needs. Some people / many people take it to be illegal in a modern day context, see http://serverfault.com/questions/55528/set-root-domain-record-to-be-a-cname/55545#55545 . The best is IMHO to err on the side of caution, i.e. don't try to push DNS by using a config that some DNS servers could reject. –  Sep 04 '09 at 21:01
  • 3
    @jesper - the RFC 1034 example is irrelevant. It shows a CNAME as a standalone record. A delegated .com domain _must_ have an SOA record and NS records. The lrnskls.com configuration is technically invalid. – Alnitak Sep 04 '09 at 23:05
  • You should fix your terminology, "root name" is not a common term for what you describe (which seems to be the name of the apex of your zone). – bortzmeyer Sep 07 '09 at 10:02

4 Answers4

14

Amazon is aware of the problem with root domains and the Elastic Load Balancer. They recommend this workaround:

  • Configure the root domain to a service that redirects mydomain.com to www.mydomain.com (or any other subdomain of your choice)
  • Set up a CNAME record that maps the load balancer DNS name to "www.mydomain.com".

I don't like this solution, but is more "clean" that the "force root domain to CNAME" solution.

UPDATE: Amazon now addresses this for ELB/S3 via ALIAS records, a Route53 DNS feature.

ceejayoz
  • 32,469
  • 7
  • 81
  • 105
hdanniel
  • 4,253
  • 22
  • 25
  • 5
    +1 for pointing to the compliant way of doing this. To re-phrase this solution (also see the linked Amazon answer): You make a valid A record for the root domain, with valid SOA. That A record points to a 3rd party service that you have contracted to send HTTP level 301 / 302 redirects to www.mydomain.com . –  Sep 04 '09 at 20:48
  • @JesperMortensen Can you recommend some contractors who do such redirects? It is really annoying that my users go to mycompany.com and only sees my domain name provider's advertisements. `A record` points to an IP address and I am definitely not going to buy a static IP just for this purpose. – foresightyj Aug 01 '14 at 01:31
10

No, it is not legal. CNAME is not allowed to coexist with other records and you need at least SOA here.

The example does not prove otherwise, because it does not imply having any other records there.

  • So, the real point of my question is how do I do this? How do I set up a domain's root name as a CNAME and not an A record? The "dig lrnskls.com" example works exactly as I'd expect it to work. Or, am I missing something is the dig example? –  Sep 04 '09 at 16:34
  • you can put it exactly like it's done for `lrnskls.com` — just put a `CNAME` record there, but it is illegal to have no `SOA` ;-) – Michael Krelin - hacker Sep 04 '09 at 16:42
  • So I'm guessing that there's no legal way to have a domain's root name point to S3 as a CNAME? –  Sep 04 '09 at 16:57
  • There's a legal way to have host, like `s3stuff.example.com` legally pointing to S3. – Michael Krelin - hacker Sep 04 '09 at 17:00
  • So, back to my last question: There's no legal way to have example.com point to S3 using a CNAME? –  Sep 04 '09 at 17:03
  • hacker, that's utter BS. you don't have to have an SOA record. and incidentally there isn't one for lrnskls.com –  Sep 04 '09 at 17:29
  • The fact that there's no one on `lrnskls.com` doesn't mean it's legal. – Michael Krelin - hacker Sep 04 '09 at 18:45
  • where is it written that the zone has to be delegated? –  Sep 05 '09 at 01:49
  • 3
    Indeed, the proper solution is to have example.com NOT delegated and convince the .COM registry, Verisign, to add a CNAME in the .COM zone... Technically sound but Verisign and ICANN will certainly find non-technical reasons to refuse it. – bortzmeyer Sep 07 '09 at 10:04
  • but much kudos to you if you can convince them :) –  Sep 12 '09 at 16:03
2

But, my DNS server doesn't allow this; nor goes GoDaddy's DNS manager. So, I'm looking to do exactly what the owner of lrnskls.com did. Anyone know how he did it?

You are probably going to need to do some search into DNS servers. Most DNS servers do not allow you to do this. I think I remember seeing another question on serverfault where someone posted which DNS server someone used to setup a cname at the root, but I can't find it.

See also: - Root Cname - WHM? - Set root domain record to be a CNAME

Zoredache
  • 128,755
  • 40
  • 271
  • 413
  • It was 1and1 according to this question http://serverfault.com/questions/55528/set-root-domain-record-to-be-a-cname/55547 – hdanniel Sep 04 '09 at 19:09
1

If you use Amazon's Route 53 DNS servers, then it will achieve what you want.

I was curious: the no CNAME in apex is forbidden by the RFC. What is the technical reason for this (assuming it isn't arbitrary).

  • 1
    CNAME overrides all other records. Therefore it's impossible to construct a valid zone where the apex has a CNAME, since it would also override the SOA. – Michael Hampton Sep 01 '13 at 22:09