Re: [fwd: my comments to the SPAN list]
- Date: Thu, 24 Oct 2002 12:09:33 +0200
On torsdag, okt 24, 2002, at 11:34 Europe/Stockholm, David Conrad wrote:
The only reason I think it is dangerous is that if it is used for
"permanent" solutions (as compared with "temporary", it will make
administration harder and harder. Just like soft links in a unix system
is a perfect tool for some things, but over time they "rotten" and more
and more of them end up being stale handles. This because there is no
backward reference, so when you change a domain name, you don't know
what DNAME's refer to this domain name.
On 10/24/02 2:26 AM, "Lawrence Conroy" lwc@localhost wrote:
DNAME sure looks like a natural solution. The fact that it *was*
seen as being tied up with A6 RRs doesn't mean that it's dangerous.
Right. DNAME is actually pretty useful.
Also, DNAME make the resolution slower to some degree as it forces a
restart of the lookup, which when adding DNSSEC will not make things
So, when I have said "don't use DNAME", I really mean "do not use DNAME
unless you are 100% sure you don't have any other tool".
Yes, it is useful, but one can also shoot oneself in the foot with it
by not having proper admin tools which keep track of them.