We have our DNS domain with 5 level CNAMEs for historical reasons. Some of the things got outsourced for high availability etc. but that's not the point here. My question is having 5 CNAMEs an overkill for the DNS resolver? I was not able to find out any famous website with more than 2-3 level nested CNAMEs pointing to Different DNS domains.
Our CNAME hops look as follows : (I am using xyz just as an example)
www.xyz.com -> xyz.akadns.net -> xyz.worldwide.akadns.net ->
xyz.cedexis.net -> xyz.msedge.net -> host1.msedge.net (final A\AAAA
record)
I am seeing many clients complain about DNS resolution issues to our website when other sites work fine for them, although when I use http://check-host.net/check-dns?host=www.xyz.com to test our DNS resolution.
It seems always working fine world wide. My conclusion is that mostly is that the Local ISP providers DNS resolver screwing up when one of the above Hops fails to resolve. nslookup fails on these client computers only for our website and that too sporadically.
Is this kind of multi level CNAME a bad design in general ?
Best Answer
CNAME to CNAME chains are not forbidden but as you already experience it is not a very robust solution.
Each additional CNAME increases the recursion depth for the resolver, and that depth is not always unlimited. Also you run the risk of creating loops, or triggering the loop detection algorithm.
To get an impression of how many and which queries a your users name server needs to do, run a DNS trace:
or on Windows