canonical name (CNAME)
What is a canonical name?
A canonical name (CNAME) is a type of Domain Name System (DNS) database record that indicates that a domain name is the nickname or alias for another domain name. Also referred to as the "true name," the CNAME is especially important when multiple services run from a single IP address.
The CNAME is commonly used instead of an A record, which is a type of DNS record that shows the IP address of a domain. CNAME records must point to a domain and not an IP address. A domain with a CNAME record can either point to another domain with a CNAME record or to a domain with an A record.
How canonical names work
When the "www" subdomain is set as an alias to the root domain name, a subdomain like www.samplesite.techtarget.com will have a CNAME record that points to the root domain techtarget.com.
So, when a DNS server searches the DNS records for blog.samplesite.com, it will trigger another DNS lookup to techtarget.com, thus restarting the query using the canonical name. It then returns the IP address for techtarget.com via its A record. So, here, techtarget.com is the canonical or true name of samplesite.techtarget.com.
If the IP address of the host changes, only the DNS A record for the root techtarget.com needs to be updated. All CNAME records, including blog.techtarget.com, will automatically follow any changes made to the root.
Uses of canonical name records
Here are some common ways CNAME records are used:
- to point several websites owned by a single entity or organization to its primary website;
- to provide a separate hostname for different network services like File Transfer Protocol (FTP) or email, pointing each hostname to the root domain;
- to provide subdomains for each customer on a single service provider's domain and use the CNAME to point the subdomain to the customer's root domain; and
- to register the same domain in several countries and point each country-specific version to the main domain.
One advanced use of the CNAME is in multiple content delivery networks (CDNs), a set of geographically distributed and interconnected servers that provide cached internet content from a network location near a user to help speed its delivery.
CDNs are often deployed by adding the address of the CDN as a CNAME record for the origin server hosting a website's content. Doing this ensures that a user trying to access resources on the server is redirected to the CDN. Further, the same CNAME record based on dynamic parameters can be used to redirect users to one of several CDNs.
DNS handling of CNAME records
Consider an example root domain techtarget.com. With a CNAME record, a user accessing www.techtarget.com is referred to the CNAME techtarget.com.
For this example:
Here's how the DNS resolution process for CNAME records works:The A record translates the domain name techtarget.com into a corresponding IP address.
- A browser or a network device (DNS client) requests a specific address www.techtarget.com. Thus, a DNS request is created.
- This request is received by the DNS resolver, which finds the Authoritative Name Server holding the DNS Zone file with appropriate DNS records for techtarget.com domain.
- The CNAME record is returned to the client.
- The DNS client understands that www.techtarget.com is an alias of the root domain techtarget.com and issues a new DNS query for techtarget.com.
- The same request process is repeated, and the resolver returns the A record of techtarget.com with its IP address.
- The client connects to techtarget.com using its IP address.
How CNAME records differ from A records and alias records
The CNAME record is typically used with other types of DNS records like A records and alias records. However, CNAME records and the other two types are different.
One underlying difference between CNAME records and A records is that the former maps a hostname to another hostname, while the latter maps a specific hostname to one or more IP addresses.
An alias record, like a CNAME record, maps a hostname to another hostname. But the difference is that the CNAME doesn't allow other DNS records on the same hostname, while the alias record does.
Also, ALIAS directly returns an IP address and doesn't require the DNS client to resolve another hostname. In contrast, CNAME records create a request to resolve another hostname. This is why ALIAS usually performs better than CNAME.
How CNAME differs from redirects
A common misconception is that the CNAME record is the same as a web Hypertext Transfer Protocol (HTTP) redirect. However, this is not true because there's no direct correlation between a CNAME and an HTTP redirect.
Also, configuring CNAME in the DNS does not automatically result in an HTTP redirect. To perform the latter, it's necessary to configure the server responding to the HTTP request to return an appropriate HTTP response. Using CNAME does not ensure this.
Restrictions in using canonical name
CNAME records are handled in the DNS, and there are restrictions to their use. One reason is that there's a dangerous possibility for creating an infinite loop during a name's lookup. Therefore, it's essential to ensure that two CNAME records don't point to each other.
For example, suppose samplesite.techtarget.com points to the canonical name techtarget.com. At the same time, techtarget.com also points to the canonical name samplesite.techtarget.com. In this case, the lookup will keep checking one name against the other in an endless loop, affecting performance and the user's experience.
Pointing to a CNAME record is restricted in both Name Server (NS) and Mail Exchange (MX) records. An NS record that indicates which DNS server is authoritative for that domain and an MX record directing email to a mail server can only point to:
Similar to A records, AAAA records allow client devices to learn the IP address for a domain name, and the client device then connects with and loads the website.
Other restrictions on using CNAME records include the following:
- It must point only to another domain name, not an IP address.
- It cannot be placed at the root domain since the root domain must point to an IP address. This helps eliminate the possibility of creating an infinite loop during a name's lookup.
- Email domains should not have a CNAME record.
- A hostname defined in a CNAME record must not have other resource records of types A, MX, etc.
- It cannot coexist with another record for the same name.
Finally, pointing a CNAME record to another CNAME record is not restricted. However, this requires multiple DNS lookups before the domain is loaded. Since this affects the user experience, it is considered inefficient and undesirable. To avoid unnecessary performance slowdowns, the CNAME should point to the target name as closely as possible.
See also: How can domain generation algorithms be used to bypass ad blockers?, How are hackers using Unicode domains for spoofing attacks? and Set up remote domains to control Exchange messaging.