<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On 8 August 2014 13:58, Mark Summerfield <span dir="ltr"><<a href="mailto:mark@qtrac.eu" target="_blank">mark@qtrac.eu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi,<br>
<br>
Do A and AAAA DNS records conflict with CNAME records or is it OK to<br>
have both?<br>
<br></blockquote><div><br></div><div>It's not OK.</div><div><br></div><div>It's generally bad to have a CNAME. It's totally out to have a CNAME and anything else, with the exception of an SOA record. There are also many other cases where a CNAME is out.</div>
<div><br></div><div>Loosely, if a query hands back a CNAME, the query is restarted with the RHS of the CNAME as the query domain. The LHS of a CNAME RR is called an "alias", and the RHS is the "canonical name". The RHS of any record, if it's a name, cannot be an alias, and so cannot result in a CNAME.</div>
<div><br></div><div>To put it another way, CNAME (and DNAME) records are a bit like DNS macros rather than real records, and because they Do Things, unless you're happy you understand what Things they Do, you're best off avoiding them if you can.</div>
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Case #1.<br>
<br>
I have domain <a href="http://digitalcardbox.com" target="_blank">digitalcardbox.com</a> and a website for it on Google App<br>
Engine (GAE) at <a href="http://digitalcardbox.appspot.com" target="_blank">digitalcardbox.appspot.com</a><br>
<br>
To make GAE use the <a href="http://digitalcardbox.com" target="_blank">digitalcardbox.com</a> domain name I told GAE to verify<br>
my ownership which it did and then added a TXT record:<br>
<br>
@ 3600 IN TXT "google-site-verification=XXXX"<br>
<br>
It (or me, I can't recall which) then added two CNAME records:<br>
<br>
* 10800 IN CNAME <a href="http://ghs.googlehosted.com" target="_blank">ghs.googlehosted.com</a>.<br>
www 10800 IN CNAME <a href="http://ghs.googlehosted.com" target="_blank">ghs.googlehosted.com</a>.<br>
<br>
And after a couple of days it seemed to work fine.<br>
<br></blockquote><div><br></div><div>Argh! Never never never never have a CNAME wildcard. It'll just ruin your life.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Case #2.<br>
<br>
I also have domain <a href="http://qtrac.eu" target="_blank">qtrac.eu</a> with the website hosted by <a href="http://plus.net" target="_blank">plus.net</a>.<br>
And I have a GAE version of the website at <a href="http://diffpdf.appspot.com" target="_blank">diffpdf.appspot.com</a>.<br>
<br>
Around 4am this morning <a href="http://plus.net" target="_blank">plus.net</a> shut down <a href="http://qtrac.eu" target="_blank">qtrac.eu</a> on the grounds that<br>
there was too much traffic. They didn't say whether this was due to<br>
popularity (which I doubt) or a DoS attack or simple extortion on their<br>
part.<br>
<br>
So, I tried to get GAE to take over the website.<br>
<br>
First I reset the DNS back to gandi (from whom I get my domain names)<br>
from <a href="http://plus.net" target="_blank">plus.net</a> and that worked OK.<br>
<br>
Unfortunately GAE couldn't create the TXT record so I did that manually:<br>
<br>
@ 10800 IN TXT "google-site-verification=XXXX"<br>
<br>
But unlike with digitalcardbox, GAE did not give me any CNAMEs to add,<br>
so I added the two shown above.<br>
<br>
GAE did ask me to add 4 A and 4 AAAA records (the A's look like IPv4 and<br>
the AAAA a bit like IPv6 but I'm guessing), which I duly added.<br>
<br></blockquote><div><br></div><div>Good guess.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
My question is: will the CNAME records I added (and which GAE didn't ask<br>
me to add) conflict with the A and AAAA records, or is it safe to have<br>
them all?<br>
<br></blockquote><div><br></div><div>No, stick with the A/AAAA records only. Ideally, go back to digitalcardbox and see if you can replace the CNAME with the A/AAAA records.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
If you get the impression I don't understand any of this you'd be right.<br>
<br>
Thanks!<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Mark Summerfield, Qtrac Ltd, <a href="http://www.qtrac.eu" target="_blank">www.qtrac.eu</a><br>
Python and PyQt/PySide - training and consultancy<br>
DiffPDF for Windows - PDF comparison tool<br>
<a href="http://www.qtrac.eu/diffpdf.html" target="_blank">http://www.qtrac.eu/diffpdf.html</a><br>
<br>
_______________________________________________<br>
Swlug mailing list<br>
<a href="mailto:Swlug@mailman.lug.org.uk">Swlug@mailman.lug.org.uk</a><br>
<a href="https://mailman.lug.org.uk/mailman/listinfo/swlug" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/swlug</a><br>
</font></span></blockquote></div><br></div></div>