RE: Selective forwarding from an internal only name server

Thu, 18 Aug 2016 09:48:52 -0700 

As I read it, you have to buy the "flattening" as an extra service from 
CloudFlare. Their default is to give CNAME at the apex, intentionally violating 
RFCs.

What a concept: charging extra for RFC-compliance.

                                                                                
        - Kevin


-----Original Message-----
From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Barry 
Margolin
Sent: Wednesday, August 17, 2016 9:08 PM
To: comp-protocols-dns-b...@isc.org
Subject: Re: Selective forwarding from an internal only name server

In article <mailman.301.1471466524.15653.bind-us...@lists.isc.org>,
 "Darcy Kevin (FCA)" <kevin.da...@fcagroup.com> wrote:

> Barry,
>       Cloudflare has been doing this for a while, so that their customers 
> won't be "limited by the DNS specifications (RFCs)" <rolls eyes>. 
> Having done that, they were compelled to offer another service -- so-called 
> "CNAME flattening"
> -- to fix the brokenness that's caused by their base offering.
> 
> See
> https://support.cloudflare.com/hc/en-us/articles/200169056-CNAME-Flatt
> ening-RF C-compliant-support-for-CNAME-at-the-root
> 
> I think Akamai also offers something similar.

But these don't work by sending an actual CNAME record. The server that 
implements flattening looks ip the IP of the target, and returns it as an A 
record for the domain.

That's why Cloudflare's method is "RFC-compliant", but what MS is doing with 
sharepoint.com is not.

> 
>                                                                       - Kevin
> 
> -----Original Message-----
> From: bind-users [mailto:bind-users-boun...@lists.isc.org] On Behalf 
> Of Barry Margolin
> Sent: Wednesday, August 17, 2016 4:34 PM
> To: comp-protocols-dns-b...@isc.org
> Subject: Re: Selective forwarding from an internal only name server
> 
> In article <mailman.299.1471461214.15653.bind-us...@lists.isc.org>,
>  "Darcy Kevin (FCA)" <kevin.da...@fcagroup.com> wrote:
> 
> > Well, sharepoint.com is a CNAME to sharepoint.microsoft.com, so you 
> > might need to make arrangements for that to be resolvable as well.
> 
> That doesn't seem valid to begin with. The .COM zone has delegation NS 
> records for sharepoint.com. Having a CNAME record for the same name is wrong.
> 
> --
> Barry Margolin
> Arlington, MA
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to 
> unsubscribe from this list
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

--
Barry Margolin
Arlington, MA
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to