DNS CNAME Records
DNS CNAME records, also known as aliases, indicate a hostname whose IP address is the same as another hostname. The
response to a CNAME query is another hostname requiring a second DNS query for that new hostname to determine the
IP.
In plain English, the DNS server is telling you "Hey! The IP address of this host is the same as this other host so
you'll need to go look that host up."
E.g.
Here we can see www.dnsmonks.com is a CNAME of dnsmonks.com.
% dig www.dnsmonks.com CNAME +short
dnsmonks.com.
%
If we further queried for the IP address of dnsmonks.com:
% dig dnsmonks.com +short
18.188.64.96
%
We can see that the final IP address of www.dnsmonks.com is 18.188.64.96.
Unlike A records, CNAMEs cannot have more than one record associated with a particular hostname or owner. I could
not for example have an A record for www.dnsmonks.com and a CNAME for www.dnsmonks.com. This introduces interesting
hurdles for the apex of a zone (e.g. dnsmonks.com). Because the apex of a zone always contains at least one NS
record and one SOA record, you cannot have (without some behind the scenes magic) a CNAME at the apex of a zone.
In practice, DNS is typically smart enough to return a CNAME even if you request an A record where only a CNAME
exists.
% dig www.dnsmonks.com +short
dnsmonks.com.
18.188.64.96
%
Here, we didn't specify a CNAME query in our dig command. We didn't actually specify which kind of record we wanted
which means dig defaulted to querying for an A record. But you can see it figured out that there was a CNAME there
and even went ahead and looked up that new hostname's A record to get the final IP.
It is possible to chain CNAMEs. You could for example:
dnsmonks.com A 18.188.64.96
www.dnsmonks.com CNAME dnsmonks.com.
www2.dnsmonks.com CNAME www.dnsmonks.com.
This would essentially generate three different DNS lookups. Assuming your DNS query response times are quick, this
wouldn't be the end of the world. However generally speaking, you want to avoid CNAME chaining if possible.