canonical name (CNAME)

What is a canonical name?

A canonical name (CNAME) is a type of Domain Name System (DNS) database record that indicates that a domain name is the nickname or alias for another domain name. Also referred to as the "true name," the CNAME is especially important when multiple services run from a single IP address.

The CNAME is commonly used instead of an A record, which is a type of DNS record that shows the IP address of a domain. CNAME records must point to a domain and not an IP address. A domain with a CNAME record can either point to another domain with a CNAME record or to a domain with an A record.

How canonical names work

When the "www" subdomain is set as an alias to the root domain name, a subdomain like will have a CNAME record that points to the root domain

So, when a DNS server searches the DNS records for, it will trigger another DNS lookup to, thus restarting the query using the canonical name. It then returns the IP address for via its A record. So, here, is the canonical or true name of

If the IP address of the host changes, only the DNS A record for the root needs to be updated. All CNAME records, including, will automatically follow any changes made to the root.

Uses of canonical name records

Here are some common ways CNAME records are used:

  • to point several websites owned by a single entity or organization to its primary website;
  • to provide a separate hostname for different network services like File Transfer Protocol (FTP) or email, pointing each hostname to the root domain;
  • to provide subdomains for each customer on a single service provider's domain and use the CNAME to point the subdomain to the customer's root domain; and
  • to register the same domain in several countries and point each country-specific version to the main domain.

One advanced use of the CNAME is in multiple content delivery networks (CDNs), a set of geographically distributed and interconnected servers that provide cached internet content from a network location near a user to help speed its delivery.

CDNs are often deployed by adding the address of the CDN as a CNAME record for the origin server hosting a website's content. Doing this ensures that a user trying to access resources on the server is redirected to the CDN. Further, the same CNAME record based on dynamic parameters can be used to redirect users to one of several CDNs.

DNS handling of CNAME records

Consider an example root domain With a CNAME record, a user accessing is referred to the CNAME

For this example:






Here's how the DNS resolution process for CNAME records works:The A record translates the domain name into a corresponding IP address.

  1. A browser or a network device (DNS client) requests a specific address Thus, a DNS request is created.
  2. This request is received by the DNS resolver, which finds the Authoritative Name Server holding the DNS Zone file with appropriate DNS records for domain.
  3. The CNAME record is returned to the client.
  4. The DNS client understands that is an alias of the root domain and issues a new DNS query for
  5. The same request process is repeated, and the resolver returns the A record of with its IP address.
  6. The client connects to using its IP address.
CNAME DNS record request sequence
A canonical name (CNAME) serves as an alias for domain names that share an IP address. For example, in the diagram '' is an alias for '' Both point to the same IP address.

How CNAME records differ from A records and alias records

The CNAME record is typically used with other types of DNS records like A records and alias records. However, CNAME records and the other two types are different.

One underlying difference between CNAME records and A records is that the former maps a hostname to another hostname, while the latter maps a specific hostname to one or more IP addresses.

An alias record, like a CNAME record, maps a hostname to another hostname. But the difference is that the CNAME doesn't allow other DNS records on the same hostname, while the alias record does.

Also, ALIAS directly returns an IP address and doesn't require the DNS client to resolve another hostname. In contrast, CNAME records create a request to resolve another hostname. This is why ALIAS usually performs better than CNAME.

How CNAME differs from redirects

A common misconception is that the CNAME record is the same as a web Hypertext Transfer Protocol (HTTP) redirect. However, this is not true because there's no direct correlation between a CNAME and an HTTP redirect.

Also, configuring CNAME in the DNS does not automatically result in an HTTP redirect. To perform the latter, it's necessary to configure the server responding to the HTTP request to return an appropriate HTTP response. Using CNAME does not ensure this.

how a domain name server (DNS) works
Diagram of how a DNS works.

Restrictions in using canonical name

CNAME records are handled in the DNS, and there are restrictions to their use. One reason is that there's a dangerous possibility for creating an infinite loop during a name's lookup. Therefore, it's essential to ensure that two CNAME records don't point to each other.

For example, suppose points to the canonical name At the same time, also points to the canonical name In this case, the lookup will keep checking one name against the other in an endless loop, affecting performance and the user's experience.

Pointing to a CNAME record is restricted in both Name Server (NS) and Mail Exchange (MX) records. An NS record that indicates which DNS server is authoritative for that domain and an MX record directing email to a mail server can only point to:

  • an A record for IPv4
  • an AAAA record for IPv6

Similar to A records, AAAA records allow client devices to learn the IP address for a domain name, and the client device then connects with and loads the website.

Other restrictions on using CNAME records include the following:

  • It must point only to another domain name, not an IP address.
  • It cannot be placed at the root domain since the root domain must point to an IP address. This helps eliminate the possibility of creating an infinite loop during a name's lookup.
  • Email domains should not have a CNAME record.
  • A hostname defined in a CNAME record must not have other resource records of types A, MX, etc.
  • It cannot coexist with another record for the same name.

Finally, pointing a CNAME record to another CNAME record is not restricted. However, this requires multiple DNS lookups before the domain is loaded. Since this affects the user experience, it is considered inefficient and undesirable. To avoid unnecessary performance slowdowns, the CNAME should point to the target name as closely as possible.

See also: How can domain generation algorithms be used to bypass ad blockers?, How are hackers using Unicode domains for spoofing attacks? and Set up remote domains to control Exchange messaging.

This was last updated in February 2022

Continue Reading About canonical name (CNAME)

Dig Deeper on IT operations and infrastructure management

Cloud Computing
Enterprise Desktop
Virtual Desktop