CNAME record

A Canonical Name record (abbreviated as CNAME record) is a type of resource record in the Domain Name System (DNS) that maps one domain name (an alias) to another (the canonical name).

This can prove convenient when running multiple services (like an FTP server ''and'' a web server, each running on different ports) from a single IP address. One can, for example, use CNAME records to point ''ftp.example.com'' and ''www.example.com'' to the DNS entry for ''example.com'', which in turn has an A record which points to the IP address. Then, if the IP address ever changes, one only has to record the change in one place within the network: in the DNS A record for ''example.com''.

CNAME records must always point to another domain name, never directly to an IP address.

Details

DNS CNAME records are specified in RFC 1034 and clarified in Section 10 of RFC 2181.

CNAME records are handled specially in the domain name system, and have several restrictions on their use. When a DNS resolver encounters a CNAME record while looking for a regular resource record, it will restart the query using the canonical name instead of the original name. (If the resolver is specifically told to look for CNAME records, the canonical name (right-hand side) is returned, rather than restarting the query.) The canonical name that a CNAME record points to can be anywhere in the DNS, whether local or on a remote server in a different DNS zone.

For example, if there is a DNS zone as follows:
NAME TYPE VALUE
--------------------------------------------------
bar.example.com. CNAME foo.example.com.
foo.example.com. A 192.0.2.23
when an A record lookup for ''bar.example.com'' is carried out, the resolver will see a CNAME record and restart the checking at ''foo.example.com'' and will then return 192.0.2.23.

Possible confusion

With a CNAME record, one can point a name such as "''bar.example.com''" to "''foo.example.com''." Because of this, during casual discussion the ''bar.example.com.'' (left-hand) side of a DNS entry can be incorrectly identified as "the CNAME" or "a CNAME." However, this is inaccurate. The canonical (true) name of "''bar.example.com.''" is "''foo.example.com''." Because CNAME stands for Canonical Name, the right-hand side is the ''actual'' "CNAME"; on the same side as the address "A".

This confusion is specifically mentioned in RFC 2181, "Clarifications to the DNS Specification." The left-hand label is an alias for the right-hand side (the RDATA portion), which ''is'' (or should be) a canonical name. In other words, a CNAME record like this:
bar.example.com. CNAME foo.example.com.
may be read as:

''bar.example.com'' is an alias for the canonical name (CNAME) ''foo.example.com''. A client will request ''bar.example.com'' and the answer will be ''foo.example.com''.

Restrictions

DNAME record

A DNAME record or Delegation Name record is defined by RFC 6672 (original RFC 2672 is now obsolete). A DNAME record creates an alias for an entire subtree of the domain name tree. In contrast, the CNAME record creates an alias for a single name and not its subdomains. Like the CNAME record, the DNS lookup will continue by retrying the lookup with the new name. The name server synthesizes a CNAME record to actually apply the DNAME record to the requested name—CNAMEs for every node on a subtree have the same effect as a DNAME for the entire subtree.

For example, if there is a DNS zone as follows:
foo.example.com. DNAME bar.example.com.
bar.example.com. A 192.0.2.23
xyzzy.bar.example.com. A 192.0.2.24
*.bar.example.com. A 192.0.2.25
An A record lookup for ''foo.example.com'' will return no data because a DNAME is not a CNAME and there is no A record directly at ''foo''.

However, a lookup for ''xyzzy.foo.example.com'' will be DNAME mapped and return the A record for ''xyzzy.bar.example.com'', which is 192.0.2.24; if the DNAME record had been a CNAME record, this request would have returned name not found.

Lastly, a request for ''foobar.foo.example.com'' would be DNAME mapped and return 192.0.2.25.

ANAME record

Several managed DNS platforms implement a non-standard ALIAS or ANAME record type. These pseudo records are managed by DNS administrators like CNAME records, but are published and resolved by (some) DNS clients like A records. ANAME records are typically configured to point to another domain, but when queried by a client, answer with an IP address. ANAME record types was going through standardization, but there probably exist many non-conforming implementations, so they can do whatever the owner of the DNS platform chooses, including existing at the apex of a zone and existing for domains that receive mail. One possible advantage of ANAME records over CNAME records is speed; a DNS client requires at least two queries to resolve a CNAME to an A record to an IP address, while only one query is necessary to resolve an ANAME to an IP address. The assumption is that the DNS server can resolve the A record and cache the requested IP address more efficiently and with less latency than its DNS clients can. The ANAME record type was a draft standard being considered by the IETF, but the latest draft document expired in January 2020.

See also

* List of DNS record types
* Internet Assigned Numbers Authority
* ICANN

References

External links

RFC 1912 is wrong
– Meng Weng Wong's analysis of CNAME restrictions
* {{IETF RFC, 2219, link=no – Use of DNS Aliases for Network Services

DNS record types

da:Zonefil#CNAME