I need to create an NS record for a domain that is a CNAME, for the purpose of having two domains pointed at one IP, and not having to maintain the current IP address in two different places.
The DNS provider for this domain is DynDNS, but they block this operation:
CNAME cannot be created with label that is equal to zone name
I can do this with another domain whose DNS is served by 1and1:
root@srv-ubuntu:~# dig myseconddomain.co.uk
; <<>> DiG 9.4.2-P1 <<>> myseconddomain.co.uk
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61795
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;myseconddomain.co.uk. IN A
;; ANSWER SECTION:
myseconddomain.co.uk. 71605 IN CNAME myfirstdomain.co.uk.
myfirstdomain.co.uk. 59 IN A www.xxx.yyy.zzz
;; Query time: 298 msec
;; SERVER: 10.0.0.10#53(10.0.0.10)
;; WHEN: Tue Aug 18 14:17:26 2009
;; MSG SIZE rcvd: 78
Is this a breach of the RFCs or does DynDNS have a legitimate reason for blocking this action?
Followup Thanks to the two answers already posted I now know that 1and1 IS breaching RFCs to do this. However it does work and they seem to support it. For a company that hosts so many domains it seems very odd that they get away with doing this on such a massive scale without objection.
More followup
The output of "dig myseconddomain.co.uk ns" as requested.
root@srv-ubuntu:~# dig myseconddomain.co.uk ns
; <<>> DiG 9.4.2-P1 <<>> myseconddomain.co.uk ns
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18085
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUESTION SECTION:
; myseconddomain.co.uk. IN NS
;; ANSWER SECTION:
myseconddomain.co.uk. 4798 IN NS ns67.1and1.co.uk.
myseconddomain.co.uk. 4798 IN NS ns68.1and1.co.uk.
;; ADDITIONAL SECTION:
ns67.1and1.co.uk. 78798 IN A 195.20.224.201
ns68.1and1.co.uk. 86400 IN A 212.227.123.89
;; Query time: 59 msec
;; SERVER: 10.0.0.10#53(10.0.0.10)
;; WHEN: Wed Aug 19 12:54:58 2009
;; MSG SIZE rcvd: 111
Correct, it is a breach of RFC 1034, section 3.6.2, paragraph 3:
This applies here because the root of your zone must also have SOA and NS records.
Use the DynDNS WebHop service. This is free for their DNS customers.
It allows you to redirect traffic for the second domain to the first one, and not break any RFCs.
The redirect is a
302(temporary) one, so it may harm some search engine rankings. (I suspect this could also be a problem withCNAMErecords.) See the above link for more information.Yes, there is breach on the RFC for that. Check this explanation . I think is possible but not fully compliant with the RFC.
The cname would be invalid and can cause problems down the road. The work around is to use the apache alias or rewrite modules to redirect the traffic. Check out this post explaining how to do this in apache. Migrating one domain to another
Yes, it does normally break the DNS standard when creating a CNAME record at the root/apex, however some DNS providers have implemented workarounds:
I'm a happy Cloudflare customer, and have found their solution to work really well.