Based on the discussions here (thanks!), I've now written this up as:
https://github.com/PowerDNS/pdns/blob/alias/pdns/docs/alias.md
The ALIAS record
The ALIAS record leads authoritative servers to synthesize A or AAAA records
in case these are not present. The source of the synthesized A or AAAA
record is specified by the target of the ALIAS record.
etc..
Feedback welcome! I note that there has been discussion on EDNS0 probing and
other fancy things, but please note that this feature is needed to solve a
problem we have today. This means it can't involve upgrades to
infrastructure except for that operated by the people with the problem -
authoritative servers.
Bert
On Sun, Sep 21, 2014 at 01:52:22PM +0200, bert hubert wrote:
> Hi everybody,
>
> Your input on the initial implementation described below would be most
> appreciated. I see this as a dns operations issue since it does not
> describe an on-the wire change, except when we do AXFR perhaps. It is
> mostly a feature.
>
> However, even features could have interoperability issues, and it would be
> nice if we were aligned.
>
> The last forwared paragraph below says "Please let us know your thoughts
> based on the semantics outlined above. Would this work for you? Do you
> miss anything? Is there a need for multiple ALIAS statements for load
> balancing? Are we needlessly incompatible with existing implementations?
> Is there standardization work we could align against?"
>
> Thanks!
>
> Bert
>
> ----- Forwarded message from bert hubert <bert.hub...@netherlabs.nl> -----
>
> Date: Sun, 21 Sep 2014 12:54:07 +0200
> From: bert hubert <bert.hub...@netherlabs.nl>
> To: pdns-us...@mailman.powerdns.com
> Subject: [Pdns-users] Please test: ALIAS/ANAME apex record in PowerDNS
>
> Hi everybody,
>
> Based on strong user interest, we are fast-tracking the implementation of
> ALIAS/ANAME records, to solve the 'CNAME at apex' problem. Because of the
> fast-tracking, we need rapid feedback to see if we got it right (see the end
> of the mail for details).
>
> In short, you can CNAME 'www.yourdomain.com' to a CDN or somewhere else, but
> you can't CNAME 'yourdomain.com', since that breaks DNS. This blogpost by
> CloudFlare expands on the problem:
> https://support.cloudflare.com/hc/en-us/articles/200169056-CNAME-Flattening-RFC-compliant-support-for-CNAME-at-the-root
>
> Today, we implemented ALIAS support as an experimental PowerDNS feature,
> which allows the following:
>
> $ORIGIN example.com.
> @ IN SOA ns1 ahu 2014091619 7200 3600 1209600 3600
> @ IN NS ns1
> @ IN NS ns2
> www IN CNAME xs.powerdns.com.
> ns1 IN A 1.2.3.4
> ns2 IN A 4.3.2.1
> @ IN ALIAS www.powerdns.com.
> @ IN MX 25 outpost.ds9a.nl.
> elsewhere IN CNAME @
>
> The branch can be found on https://github.com/PowerDNS/pdns/tree/alias and
> we should have packages soon.
>
> The current semantics for the ALIAS pseudo-record are that they only match
> if no real record did. So in the case above, an MX query for example.com
> would return "25 outpost.ds9a.nl". But a query for AAAA would return the
> IPv6 address obtained by following the www.powerdns.com CNAME chain to
> xs.powerdns.com. This also works for all other record types, btw.
>
> Our implementation uses a defined resolver to look up the actually requested
> record, and adds the data found to the packet built so far. This means that
> querying 'elsewhere.example.com' will include a CNAME to example.com, which
> in turn will lead to processing of the ALIAS record.
>
> Finally, for TTL, we currently use what the resolver gave us. But perhaps we
> could use the TTL of the ALIAS record instead, or as a maximum? Or minimum?
>
> Please let us know your thoughts based on the semantics outlined above.
> Would this work for you? Do you miss anything? Is there a need for multiple
> ALIAS statements for load balancing? Are we needlessly incompatible with
> existing implementations? Is there standardization work we could align
> against?
>
> Your input is highly welcome!
>
> Bert
>
> PS: the above is currently not yet supported for DNSSEC domains!
>
> --
> PowerDNS Website: http://www.powerdns.com/
> Contact us by phone on +31-15-7850372
>
> _______________________________________________
> Pdns-users mailing list
> pdns-us...@mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>
> ----- End forwarded message -----
>
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop
>
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www.ietf.org/mailman/listinfo/dnsop
