Saturday, August 11, 2012

How does CNAME resolution work?

There are plenty of places on the web explaining the purpose for CNAME DNS Records and how to configure them, so this post is not about aspects of CNAME records, but rather how they are actually resolved.

Among others, some of the questions that can be raised when one thinks about CNAMEs are:
  • Does the client has any knowledge about CNAMEs at all?
  • Do they need to check which records are available and only then perform a resolution specifying the right record type?
  • What are the requests and responses in order to resolve a domain that has a CNAME record rather than an A record?

In order to answer these questions, let's start to answer this question with an example which has a CNAME:
These are the DNS records currently configured for this domain:             IN CNAME   IN CNAME    IN A
Let's fire up the browser, open a traffic sniffer application, and type "". Now let's look at the traffic on the wire below.

As you can see, the query performed is for record type "A". This answers our question on whether the client specifically requests a response for type "CNAME" - the answer is no.

The other point is that the query above has the flag set to be a recursive query. This means that our ISP DNS server will resolve recursively, if required. We will understand recursive in this context in a moment.

Back to our main questions, if our query is on type A, how does the CNAME come into picture then? Let's look at the answer we get from the ISP DNS resolver to help us answer that:

On CNAMEs, we can note that we queried on type A, but received a CNAME record (

Because of the recursive flag, our ISP DNS resolver went ahead and queried record instead of returning the response. Like our original query, it was type A, and it received another CNAME ( We can try to simulate this query by typing on our browser bar.

Given the recursive flag again, it went ahead and resolved by sending another type A query, which finally resolves an IP for us to connect to. As you can see, in one response we get all the answers for all CNAME resolutions and also the final answer (

Answering our other questions:
  • The client does not need to know about whether it's a CNAME or A: it just sends a type A query. If it happens to be a CNAME, it needs to issue a type A query again based on the CNAME response it got.
  • If the recursive flag is set, these requires will be done by the ISP DNS resolver and the client will get all the responses in one shot.
Post a Comment