带有DNS名称foo.com的CNAME类型的RRSet。不允许在bar.com的顶点 [英] RRSet of type CNAME with DNS name foo.com. is not permitted at apex in zone bar.com

问题描述

我拥有 foo.com 和 bar.com 。我正在Route53进行管理。 foo.com 托管我的网站，我想将流量从 bar.com 引导至 foo.com 。我试图设置 CNAME 记录 bar.com 指向 foo.com ，但是我收到错误消息：

I own foo.com and bar.com. I am managing both in Route53. foo.com hosts my site, and I'd like to direct traffic from bar.com to foo.com. I tried to set up a CNAME record for bar.com pointing to foo.com, but I got the error message:

RRSet of type CNAME with DNS name foo.com. is not permitted at apex in zone bar.com.

为什么这不工作，我该怎么办？

Why doesn't this work, and what can I do instead?

推荐答案

根据RFC1912第2.4节：

As per RFC1912 section 2.4:

 A CNAME record is not allowed to coexist with any other data.  In
 other words, if suzy.podunk.xx is an alias for sue.podunk.xx, you
 can't also have an MX record for suzy.podunk.edu, or an A record, or
 even a TXT record.  Especially do not try to combine CNAMEs and NS 
 records like this!:

           podunk.xx.      IN      NS      ns1
                           IN      NS      ns2
                           IN      CNAME   mary
           mary            IN      A

由于名称服务器不知道是否需要遵循CNAME或CNAME与CNAME重叠的实际记录进行回答，所以RFC完全正确。 bar.com 是一个区域，因此它隐含地具有 bar.com 名称的SOA记录。您不能同时拥有SOA记录和CNAME。

The RFC makes perfect sense as the nameserver wouldn't know whether it needs to follow the CNAME or answer with the actual record the CNAME overlaps with. bar.com is a zone therefore it implicitly has an SOA record for the bar.com name. You can't have both a SOA record and a CNAME with the same name.

但是，由于SOA记录通常仅用于区域维护，因此您在这些情况下想要在该区域提供一个CNAME是非常普遍的。尽管RFC禁止了这一点，但许多工程师都希望像以下行为：遵循CNAME，除非查询明确要求提供SOA记录。这就是为什么Route 53提供别名记录。这些是一个Route53的具体功能，它提供您所需的确切功能。看看 http://docs.aws.amazon.com/Route53 /latest/DeveloperGuide/CreatingAliasRRSets.html

However, given that SOA records are generally used only for zone maintenance, these situations where you want to provide a CNAME at the zone's apex are quite common. Even though the RFC prohibits it, many engineers would like a behaviour such as: "follow the CNAME unless the query explicitly asks for the SOA record". That's why Route 53 provides alias records. These are a Route 53 specific feature which offer the exact functionality you require. Have a look at http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/CreatingAliasRRSets.html

这篇关于带有DNS名称foo.com的CNAME类型的RRSet。不允许在bar.com的顶点的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！