'Why do we use canonical hostname in DNS system? [closed]

I read a document which says that a host with a complicated hostname can have one or more alias names. For example, relay1.west-coast.media.com is a canonical hostname whereas media.com is an alias. They both are related with each other by 'A' record and 'CNAME' record in DNS system follows:

media.com CNAME  relay1.west-coast.media.com  
relay1.west-coast.media.com A 210.23.25.32

What makes us use the complicated canonical hostname? Can't we simply associate alias with the ip address by adding record 'A' in the DNS system as follows:

media.com A 210.23.25.32
dnsaliashostnamecanonical-link


Solution 1:[1]

CNAME entries are useful when running multiple services on a single server. For example you could point www.media.com, ftp.media.com, and mud.media.com all to relay1.west-coast.media.com.

That way if the IP address of relay1... ever needed to change, it would be a single update to the A record instead of multiple.

Solution 2:[2]

Yes, you can.

First, as Lanexbg explained your specific example is wrong since you can not have a CNAME at apex (root) of the zone because by definition a CNAME record can not coexist with anything else (we will forget about the exceptons here) and at apex you need to have SOA and NS records for your zone to work correctly.

So let us just instead use the appropriate names for configuration/documentation needs and discuss about the difference between www.example.com A and www.example.com CNAME www.example.net + www.example.net A

The end result of the www.example.com A resolution would be the same for an end user, besides various points that can be neglected on a first approach (like performance issues).

If you are maintaining both the authoritative nameservers for example.com and example.net you are free to choose between the two cases. As Chris Meueur noted, the big difference is when you need to change the data (IPv4 address) of the A record. In the first case you will need to change it as many times as you have records for it where in the second case you will need to change it only once, and all other records having a CNAME pointing to www.example.net will get automatically updated.

CNAME have their drawbacks too: they can influence performance, you need to avoid chains of them and even more loops, they can not be used everywhere in the same way as a name in an A record, etc.

So it is a compromise.

But there is another case to take into account: if you are the administrator of example.com but not of example.net. ExampleNET Inc. could be a big hosting company, or a CDN. You want to use their services for your www.example.com website. If they give you an A record to put in your zone they have the problem that they will basically never be able to change it if they need because all their clients will have its current value hardcoded in all their zonefiles, so that is a big problem against agility, and sometimes you need to be able to renumerate in an hurry, like during a DDOS attack. Instead if they advise you to do a CNAME, they would be free to change their A record without anything else having anything to do and with the results "immediately" applied to everyone.

This is a very common case, specifically for CDN.

Among many others see this live example when asking for www.microsoft.com:

;; ANSWER SECTION:
www.microsoft.com.  3600    IN  CNAME   www.microsoft.com-c-3.edgekey.net.
www.microsoft.com-c-3.edgekey.net. 20499 IN CNAME www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net.
www.microsoft.com-c-3.edgekey.net.globalredir.akadns.net. 3600 IN CNAME e13678.dspb.akamaiedge.net.
e13678.dspb.akamaiedge.net. 3600 IN A   23.67.120.106

(of course advanced setups can also be enable for load-balancing and/or fail-over and/or varying the result based on the geography of the source).

This is not the only way to do it (for example, instead, they could have asked you to change the authoritative nameservers for your example.com zone so that they could control it), and it has limits too (the most important one being the one outlined at the beginning: you could not put a CNAME at apex so if you wanted also a website on http://example.com/ (note the lack of www) you would need other solutions).

Solution 3:[3]

I think media.com could have different sub-domains under the actual domain, for example - www.media.com, ftp.media.com, mud.media.com these are some of the sub-domains under media.com. Each and every sub-domain will have a different IP address also, so if we just point it to media.com A 210.23.25.32, it won't be able to resolve the full query that the user needs.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Chris Meurer
Solution 2 Patrick Mevzek
Solution 3 cigien

Related Questions

Redirect Elastic Beanstalk URL to domain name

Redirect my sub.my-domain.com to discord

Docker cannot resolve DNS on private network

How to access domain controller running on VMware from client pcs

Which cmdlet to use for creating a domain (folder) under a Primary Zone on the DNS-server?

How can I eliminate slow resolving/loading of localhost/virtualhost (a 2-3 second lag) on Mac OS X Lion?

DNS ERROR resolving MX

Error "Maximum DNS-interactive terms limit (10) exceeded"

Multiple DKIM and SPF records on Google Apps/G Suite/Google Workspace for MailChimp

Example URIs for unit testing IDN domains

OVH Api specific task sequence

preconnect vs dns-prefetch resource hints

Curl cant resolve host with kubernetes dns

Do I need a separate WAF if I want to use Azure Deployment Slot on production instance?

Do I need a separate WAF if I want to use Azure Deployment Slot on production instance?