Forum Discussion

Altostratus

Jun 07, 2012

Cannot create a CNAME for a domain root

My customer has a site to be hosted behind GTMs. The ISP is authoritative for site.example.com. The GTMs are authoritative for wip.example.com. They want the site to be accessible via site.example.com...

Historic F5 Account

Jun 07, 2012

Indeed a common issue. The RFC you quote on MX records is referring to the right hand side, the rrdata part of the MX record - mail.site.example.com in your case cannot be an alias.

As I recall this explained in the O'Reilly book by Liu, "a name can be a cannonical name or an alias, but not both".

A few solutions:

- a GTM in authoritative screening mode in front of site.example.com servers eliminates the need for aliasing altogether. If the name isn't a WIP, it falls through to the pool member(s) and gets answered by the authoritative NS. Tough to do in this case.

- have the parent rr DNS across all the possible answers, then have the LTM/web server redirect to a WIP name handled by GTM.

- have the ISP delegate site.example.com to GTM. In this case, it would be a zone and a WIP. That's ok. ;-)

Forum Discussion

Cannot create a CNAME for a domain root

Recent Discussions

Wildcard SSL Certificate Deployment on F5 LTM

Migration from i series 10200 with 1 child VCMP to r series 10900 series

Open Redirection Mitigation

GTM Packet Capture command

How to Implement 2 Way SSL in F5 LTM

Related Content

Create a DevCentral account

Creating device trust / trust-domain through iControl REST Call(s)

Create F5 BIG-IP Next Instance on Proxmox Virtual Environment

Enriching AFM with public domain Threat Intelligence

domain blocking