CNAME a domain and delegate the subdomain
August 29, 2008 1:33 PM   Subscribe

Can I CNAME a second-level domain, and delegate a subdomain to a nameserver? What if the nameserver is the same for both?

So here's my problem: I have a page at example.freehost.com, and I want to:
1) Buy domain example.com and forward (www.)example.com to example.freehost.com via CNAME.
2) Buy hosting for a subpart of the site (say, forum.example.com), in a host that uses cPanel (which means I should be able to delegate NS for forum.example.com to them).

The added complication is that I want to buy the domain and the hosting from the same company, which means the nameserver for forum.example.com could end up being the same as the one for example.com

So, in summary I want to have entries like these:

example.com CNAME example.freehost.com
www.example.com CNAME example.freehost.com
forum.example.com NS 1.1.1.1
forum.example.com NS 1.1.1.2

And on 1.1.1.1 & 1.1.1.2, the normal cpanel entries...
forum.example.com A [myhostsip]
forum.example.com MX [myhostsip]
blah blah blah etc etc.

My first question is - Is that a valid configuration (cnaming the second-level and delegating the third level)

My second question is: can I have both entries in 1.1.1.1 & 1.1.1.2 (that is, have the NS entry be a self-reference)?

Or will this self-reference make the internets asplode?

Also, if I can, will I be able to do it by just managing my DNS entries, and asking the hosting guys to put forum.example.com on cPanel, or will this require some black magic in part of the hosts? (which means they probably won't do, since I'm aiming for a cheap host)
posted by qvantamon to Computers & Internet (9 answers total) 2 users marked this as a favorite
 
The first two lines are valid.

Assuming the third line is a host entry (eg there really is a "forum.example.com" machine out there somewhere) that's invalid. NS entries are valid only at the domain level.

Now, there is sort of a way to do what you're trying to do. On 1.1.1.1, have this:

example.com CNAME example.freehost.com
www.example.com CNAME example.freehost.com
forum.example.com A your.ip.address.here
forum.example.com MX your.smtp.address.here

Then set your nameserver to be a secondary of 1.1.1.1 for example.com, but have it listed as the primary nameserver in your whois entry. That gives the illusion of your nameserver being authoritative without you actually managing the domain on that machine.
posted by mark242 at 1:57 PM on August 29, 2008


$ORIGIN example.com.$TTL 1h
; removed SOA and Retry/Refresh/etc. block    NS ns1.freehost.com.    NS ns2.freehost.com.
; can also use IN A [IP address] below@   IN CNAME example.freehost.com.www IN CNAME example.freehost.com.
forum A [myhostsip]forum MX [myhostsip]
P.S. I'm not sure what's up with the doublespacing of pre tags
posted by rhizome at 2:12 PM on August 29, 2008


oops, change the forum records to "IN A" and "IN MX"
posted by rhizome at 2:13 PM on August 29, 2008


Mark242, I'm not sure what you mean by "NS entries are valid only at the domain level". It's perfectly valid, and quite common, for subdomains to be in different zones. OTOH, NS records are supposed to have domain names, not IP addresses, in them, so maybe that's what you meant?

If you have an NS record that lists a name inside the zone that it's a server for, the solution is for the containing zone to contain "glue records" (basically, put a copy of the necessary NS records in the parent zone as well). But in this case, presumably the NS records in the example.com zone would be "forum.example.com NS dns1.hostingcompany.com" etc, wouldn't they? So you won't need any glue.
posted by hattifattener at 3:17 PM on August 29, 2008


Mark242. DNS is recursive, and by the time you are querying the authoritative nameservers for example.com, there have already been two other NS records fetched. The first for the ".com" nameservers, which then provide the authoritative nameservers for "example.com." It is perfectly valid to delegate name eservice for a subdomain of example.com.

Lines 2&3 are still wrong though, because they should be pointing to the hostnames of the delegated nameservers, rather than their IP addresses.

Of course there is the question of whether it is even necessary to delegate. If you are given an IP address or hostname for your forum host it is perfectly appropriate to have A or CNAME entries on your main nameservers.

There is another problem too. MX entries should point to a cannonical hostname (A entry), not an IP address. Also, do you intend for @forum.example.com to have a different mail exchanger from @example.com?
posted by Good Brain at 3:25 PM on August 29, 2008


Clarifications:
I expect cPanel to do all the forum.example.com lines for me (I've no preference on whether the MX is at example.com or at forum.example.com, but I'd be asking the host to use the subdomain in cPanel, so I guess forum.example.com is what it'd end up being).

My question (rewritten) is:
I'll have two "chunks" of DNS configuration: one for example.com (which I get because I'm paying for my domain), and one for forum.example.com (which is managed by cPanel because I gave it forum.example.com). The one for example.com has the CNAME's, the one for forum.example.com will have the A's and MX's.

The problem is that I don't know for sure whether the two chunks will be kept in the same nameserver.
can I have those two NS entries:

forum.example.com NS dns1.hostingcompany.com
forum.example.com NS dns2.hostingcompany.com

regardless of whether the two chunks are located in dns{1,2}.hostingcompany.com or just the cPanel chunk?
In case they are in the same server, the NS entries are probably useless (are they?), but what will be the effect:
* zero useless queries (the query gets resolved locally and ignores the NS entries)
* one useless query (the query starts a new query on the same server, but for the subdomain, then gets what it needs)
* general brokeness (the query enters an infinite loop, or detects the loop and fails, or something of the sort)
posted by qvantamon at 3:52 PM on August 29, 2008


It is perfectly valid to delegate name eservice for a subdomain of example.com.

Yes. The OP is not talking about subdomains, they are talking about delegating service for an A record.
posted by mark242 at 5:32 PM on August 29, 2008


I think there's some confusion because you're using "subdomain" in a non-standard way. Is forum.example.com a host or domain? That is to say, are you planning for there to be hosts under forum.example.com (such as A records for customer.forum.example.com and sales.forum.example.com) or are you just planning to run some site there?

A "domain" describes a collection of hosts and subdomains. A "subdomain" is a domain, and it describes a collection of hosts and subdomains. A "subdomain" most assuredly is not the term for "a host in my domain," but you seem to be using it that way.

If you just want an A record for the host forum.example.com, just use an A record. There's nothing to delegate if it's a host.
posted by majick at 8:17 PM on August 29, 2008


majick: "forum.example.com" is a subdomain of "example.com". It may also name an individual host. "example.com" is a subdomain of "com", which is a subdomain of the root domain (".").

qvantamon: the technical name for the "chunk" you're talking about is "zone" (a collection of RRs, with an SOA at the top, originating from the same place, etc.).

It is true that all the records for a given domain have to be in the same zone— you can't delegate just the A records— but it doesn't sound like that will keep you from doing what you're trying to do.

I think in most cases you'll get zero useless queries (because the client resolver doesn't query a particular zone, it queries a particular nameserver). I don't think it will cause the internet to asplode; I've done vaguely similar things myself.

If you want, you could read e.g. RFC 1034 or other DNS RFCs.
posted by hattifattener at 11:55 AM on August 30, 2008


« Older Do I need to replace parts of a breast pump after...   |   having a ball with the watchmen? Newer »
This thread is closed to new comments.