DNS CNAME limitations cname 在哪些情况下不能配置
https://www.rfc-editor.org/rfc/rfc1912.html
https://www.rfc-editor.org/rfc/rfc2181.html
说明:
domain name 不能配置cname 记录
cname 记录不能和其它记录同时存在以及其它规则
2.4 CNAME records A CNAME record is not allowed to coexist with any other data. In
other words, if suzy.podunk.xx is an alias for sue.podunk.xx, you
can't also have an MX record for suzy.podunk.edu, or an A record, or
even a TXT record. Especially do not try to combine CNAMEs and NS
records like this!: podunk.xx. IN NS ns1
IN NS ns2
IN CNAME mary
mary IN A 1.2.3.4 This is often attempted by inexperienced administrators as an obvious
way to allow your domain name to also be a host. However, DNS
servers like BIND will see the CNAME and refuse to add any other
resources for that name. Since no other records are allowed to
coexist with a CNAME, the NS entries are ignored. Therefore all the
hosts in the podunk.xx domain are ignored as well! If you want to have your domain also be a host, do the following: podunk.xx. IN NS ns1
IN NS ns2
IN A 1.2.3.4
mary IN A 1.2.3.4 Don't go overboard with CNAMEs. Use them when renaming hosts, but
plan to get rid of them (and inform your users). However CNAMEs are
useful (and encouraged) for generalized names for servers -- `ftp'
for your ftp server, `www' for your Web server, `gopher' for your
Gopher server, `news' for your Usenet news server, etc. Don't forget to delete the CNAMEs associated with a host if you
delete the host it is an alias for. Such "stale CNAMEs" are a waste
of resources. Barr Informational [Page 6]
RFC 1912 Common DNS Errors February 1996 Don't use CNAMEs in combination with RRs which point to other names
like MX, CNAME, PTR and NS. (PTR is an exception if you want to
implement classless in-addr delegation.) For example, this is
strongly discouraged: podunk.xx. IN MX mailhost
mailhost IN CNAME mary
mary IN A 1.2.3.4 [RFC 1034] in section 3.6.2 says this should not be done, and [RFC
974] explicitly states that MX records shall not point to an alias
defined by a CNAME. This results in unnecessary indirection in
accessing the data, and DNS resolvers and servers need to work more
to get the answer. If you really want to do this, you can accomplish
the same thing by using a preprocessor such as m4 on your host files. Also, having chained records such as CNAMEs pointing to CNAMEs may
make administration issues easier, but is known to tickle bugs in
some resolvers that fail to check loops correctly. As a result some
hosts may not be able to resolve such names. Having NS records pointing to a CNAME is bad and may conflict badly
with current BIND servers. In fact, current BIND implementations
will ignore such records, possibly leading to a lame delegation.
There is a certain amount of security checking done in BIND to
prevent spoofing DNS NS records. Also, older BIND servers reportedly
will get caught in an infinite query loop trying to figure out the
address for the aliased nameserver, causing a continuous stream of
DNS requests to be sent.
DNS CNAME limitations cname 在哪些情况下不能配置的更多相关文章
- centos6.7不联网的情况下安装配置本地yum源
1 cd / 2 mkdir -p /app/ios 3 cd /opt mkdir ios 4 把下载好的centos-6.7-x86_64-bin-dvd1.iso 上传到 /o ...
- git多站点多用户情况下SSH配置
个人使用github,但是公司使用的是 GitLab .那么在一个电脑上进行处理时,由于先设置了 github 的,导致没办法从 GitLab 上处理 git .其实是由于 ssh 的问题. 下面记录 ...
- 在UWSGI和NGINX配合的情况下,配置个别目录上传及超时
笨办法就是多加一个LOCATION. 然后,自定义以下类似参数 client_max_body_size uwsgi_connect_timeout uwsgi_read_timeout server ...
- 视图解析器InternalResourceViewResolver在什么情况下需要配置?在什么情况下不需要配置?
如果路径名是逻辑名的话,必须配置 -------------- 相对路径,即逻辑名称如果路径名是真实名的话,可选配置 若是绝对路径,则不用配置,即真实名称 注:试一下逻辑名和真实名的例子*****有用 ...
- 用SignalR 2.0开发客服系统[系列4:负载均衡的情况下使用SignalR]
前言 交流群:195866844 目录: 用SignalR 2.0开发客服系统[系列1:实现群发通讯] 用SignalR 2.0开发客服系统[系列2:实现聊天室] 用SignalR 2.0开发客服系统 ...
- DNS分别在什么情况下使用UDP和TCP
DNS同时占用UDP和TCP端口53是公认的,这种单个应用协议同时使用两种传输协议的情况在TCP/IP栈也算是个另类.但很少有人知道DNS分别在什么情况下使用这两种协议. 如果用wiresha ...
- oracle11g在没DNS情况下failover的配置方法
1.Oracle 11g引入scan ip ,可在没有DNS的情况下,客户端连接RAC配置failover时,很多情况还是使用oracle10g方式.即在客户端tnsname.ora中配置failov ...
- 默认情况下eth0网卡配置文件路径及客户端DNS的路径
默认情况下eth0网卡配置文件路径及客户端DNS的路径? eth0 网卡配置文件路径如下: /etc/sysconfig/network-scripts/ifcfg-eth0 客户端DNS的路径如下: ...
- DNS分别在什么情况下使用UDP和TCP?
看到一个题目问的是:DNS分别在什么情况下使用UDP和TCP? 仔细查了一下发现可查询的资料很少,大部分都把DNS所用协议归为UDP了其实不然,DNS同时占用UDP和TCP端口53,这种单个应用协议同 ...
- APACHE 与IIS同时存在的情况下,给APACHE添加反向代理 共用80端口
一.首先打开IIS,将IIS的端口改成81,不要让IIS占用了80端口 二.打开APACHE的httpd.conf配置文件,将里面的端口配置成80 三.打开APACHE的虚拟目录配置文件,如:http ...
随机推荐
- 34.MySQL 架构
一主两从 双机热备 原理:
- Lecture 2. Fundamental Concepts and ISA - Carnegie Mellon - Computer Architecture 2015 - Onur Mutlu
并不只有冯诺依曼模型,按照控制流顺序执行指令 还有 data flow 模型,按照数据流顺序执行指令 冯诺依曼模型和数据流模型的编程语言的一个对比 Control-driven 编程模型和 data- ...
- antd timePicker组件限制当前之前的时间不可选择
import React from 'react'; import ReactDOM from 'react-dom'; import {Input,DatePicker,Form,Col,Butto ...
- c#在代码中再次调用按钮点击事件
在一个按钮事件中调用另一个按钮(button1)的点击事件,可以直接如下: button1.PerformClick() 也称之为 以编程方式调用按钮的click事件
- 做好ssh远程访问安全
传统都是这样的: 1. 只允许跳板机登录2. 跳板机要用 vpn 登录 修改默认端口+fail2ban+ssh 密钥对 0. 保护好自己干活用的桌面机是一切安全的根本.1. 及时更新 /自动更新意义很 ...
- 【BOOK】动态渲染页面爬取--Selenium库
动态渲染页面爬取 JavaScript动态渲染 其中一种方式是Ajax请求,通过直接分析Ajax再用requests来实现数据爬取 另外一种方式是模拟浏览器运行 一. Selenium库 Seleni ...
- bgp多线互联
BGP(边界网关协议)主要用于互联网AS(自治系统)之间的互联,BGP的最主要功能在于控制路由的传播和选择最好的路由. 中国网通 .中国电信.中国铁通.教育网和一些大的民营IDC运营商都具有AS号,全 ...
- 平方损失函数为例的BP的关键公式推导
看了刘建平老师的博客https://www.cnblogs.com/pinard/p/6422831.html对如下其中两个公式进行详细推导 损失函数为(大写字母为矩阵,小写字母字母加粗为列向量,其中 ...
- count(1) and count(*),count(字段)区别及效率比较
执行结果: count(1)和count(*)之间没有区别,因为count(*)count(1)都不会去过滤空值, count(字段) 会统计该字段在表中出现的次数,忽略字段为null 的情况.即不统 ...
- Jetpack compose学习笔记之ConstraintLayout(布局)
一,简介 Jetpack compose中没有提供ConstraintLayout支持,所以需要添加下面的依赖来导入. // build.gradle implementation "and ...