Hacker News new | ask | show | jobs
by quintin 2778 days ago
https://serverfault.com/questions/145777/what-s-the-point-in...

" One of the reasons why you need www or some other subdomain has to do with a quirk of DNS and the CNAME record.

Suppose for the purposes of this example that you are running a big site and contract out hosting to a CDN (Content Distribution Network) such as Akamai. What you typically do is set up the DNS record for your site as a CNAME to some akamai.com address. This gives the CDN the opportunity to supply an IP address that is close to the browser (in geographic or network terms). If you used an A record on your site, then you would not be able to offer this flexibility.

The quirk of the DNS is that if you have a CNAME record for a host name, you cannot have any other records for that same host. However, your top level domain example.com usually must have an NS and SOA record. Therefore, you cannot also add a CNAME record for example.com.

The use of www.example.com gives you the opportunity to use a CNAME for www that points to your CDN, while leaving the required NS and SOA records on example.com. The example.com record will usually also have an A record to point to a host that will redirect to www.example.com using an HTTP redirect."
4 comments
cortesoft 2778 days ago
A lot of DNS providers these days will give you a pseudo-cname on apex... basically having the dns resolver do a lookup of another dns name and return that as an A record for the apex.
link
guitarbill 2778 days ago
CloudFlare calls this CNAME flattening, right? [0][1] Personally, I always enjoy engineering solution that mean we're not stuck with old decisions forever. I chose the non-www as a teenager, and I'm glad 10+ years later I could add email to my domain no problem.

[0] https://blog.cloudflare.com/introducing-cname-flattening-rfc...

[1] similar discussion, 2014: https://news.ycombinator.com/item?id=7293512

link
paranoidrobot 2777 days ago
Except that the IP that your DNS provider resolves your apex to may be on the other side of the planet.

Fine if all you are doing is 302 to the www. Variant, but otherwise no.

link
X-Istence 2777 days ago
This is where the Client Subnet edns extensions come in handy. This allows the DNS provider to pass along the /24 the users IP address is in.

With an extra caching key, this can even be cached.

See https://developers.google.com/speed/public-dns/docs/ecs

link
paranoidrobot 2777 days ago
And that also only helps if your DNS provider and the client's DNS servers also pass along that information correctly.
link
tony101 2777 days ago
> "the IP that your DNS provider resolves your apex to may be on the other side of the planet"

Anycast addresses this issue, right?[1] Cloudflare uses Anycast for their IP addresses.[2]

[1] https://en.wikipedia.org/wiki/Anycast

[2] https://www.cloudflare.com/learning/cdn/glossary/anycast-net...

link
paranoidrobot 2777 days ago
Only if your CDN uses Anycast. Not all of them do.
link
paulddraper 2778 days ago
Yes. AWS Route 53 can do this for root or non-root records. They call these "ALIAS" records.
link
pluc 2778 days ago
Those only work for AWS services though, CloudFlare CNAME flattening works with any endpoint by providing some sort of HTTP proxy
link
twothamendment 2777 days ago
I wish there was a standard way to do the same thing. Route 53 is nice when I can use it, but it causes me pain on a regular basis because not all the domains I deal with are on Route 53.
link
snuxoll 2777 days ago
> The quirk of the DNS is that if you have a CNAME record for a host name, you cannot have any other records for that same host. However, your top level domain example.com usually must have an NS and SOA record. Therefore, you cannot also add a CNAME record for example.com.

I discovered this when using a CNAME for a root-level domain and then wondering why I had spotty mail delivery. Turns out, quite a few mail systems and/or DNS resolvers handle this fine - but there are still quite a lot that don't.

link
greenleafjacob 2777 days ago
Wouldn't anycast be a solution? Then the CDN can provide the same IP to all users, but the network layer ensures that the IP is one close to the user.
link
Ayesh 2777 days ago
Expensive, but yes, anycast solves it.
link
exikyut 2776 days ago
Curious how expensive. Obviously I realize I have to colocate or provision at least two servers, but beyond that...

- do I own the IP address(es), and BGP-route them to the machines in question?

- can I use any provider (who is willing to do the required configuration)? As a specific example, could I run anycast between two boxes purchased through Hetzner auction? (Translation: considering that I'm going fishing around in the auctions as opposed to other options, would I even be listened to? heh)

- who am I actually paying, and for what? (besides power, bandwidth, and possibly the server itself)

- ...how does anycast actually work _within the context of using it for hosting_? :/ https://en.wikipedia.org/wiki/Anycast is... distinctly not contextually-scoped to my intentions.

link
lotyrin 2778 days ago
Yep.

Source: had to navigate the shitty position of trying to CNAME to a CDN and have that CDN's DNS infra replicate our e.g. MX records.

link