[Pdns-users] Please test: ALIAS/ANAME apex record in PowerDNS
ppcharli at gmail.com
Tue Dec 30 08:28:12 UTC 2014
Are implemented these ALIAS/ANAME records in PowerDNS Authoritative
Server 3.4.1 ?
2014-09-21 12:54 GMT+02:00 bert hubert <bert.hubert at netherlabs.nl>:
> Hi everybody,
> Based on strong user interest, we are fast-tracking the implementation of
> ALIAS/ANAME records, to solve the 'CNAME at apex' problem. Because of the
> fast-tracking, we need rapid feedback to see if we got it right (see the end
> of the mail for details).
> In short, you can CNAME 'www.yourdomain.com' to a CDN or somewhere else, but
> you can't CNAME 'yourdomain.com', since that breaks DNS. This blogpost by
> CloudFlare expands on the problem:
> Today, we implemented ALIAS support as an experimental PowerDNS feature,
> which allows the following:
> $ORIGIN example.com.
> @ IN SOA ns1 ahu 2014091619 7200 3600 1209600 3600
> @ IN NS ns1
> @ IN NS ns2
> www IN CNAME xs.powerdns.com.
> ns1 IN A 188.8.131.52
> ns2 IN A 184.108.40.206
> @ IN ALIAS www.powerdns.com.
> @ IN MX 25 outpost.ds9a.nl.
> elsewhere IN CNAME @
> The branch can be found on https://github.com/PowerDNS/pdns/tree/alias and
> we should have packages soon.
> The current semantics for the ALIAS pseudo-record are that they only match
> if no real record did. So in the case above, an MX query for example.com
> would return "25 outpost.ds9a.nl". But a query for AAAA would return the
> IPv6 address obtained by following the www.powerdns.com CNAME chain to
> xs.powerdns.com. This also works for all other record types, btw.
> Our implementation uses a defined resolver to look up the actually requested
> record, and adds the data found to the packet built so far. This means that
> querying 'elsewhere.example.com' will include a CNAME to example.com, which
> in turn will lead to processing of the ALIAS record.
> Finally, for TTL, we currently use what the resolver gave us. But perhaps we
> could use the TTL of the ALIAS record instead, or as a maximum? Or minimum?
> Please let us know your thoughts based on the semantics outlined above.
> Would this work for you? Do you miss anything? Is there a need for multiple
> ALIAS statements for load balancing? Are we needlessly incompatible with
> existing implementations? Is there standardization work we could align
> Your input is highly welcome!
> PS: the above is currently not yet supported for DNSSEC domains!
> PowerDNS Website: http://www.powerdns.com/
> Contact us by phone on +31-15-7850372
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
More information about the Pdns-users