主页 / server / 问题 / 604089
Accepted
TRiG
Asked: 2014-06-11 06:12:17 +0800 CST

这个主域如何有 CNAME 记录?

  • 772

我的印象是只有子域可以有 CNAME 记录:主域需要定义自己的所有记录。但是,apt-get.com似乎只有一个 CNAME 记录。这怎么行?

$ dig apt-get.com 

; <<>> DiG 9.8.1-P1 <<>> apt-get.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45743
;; flags: qr rd ra; QUERY: 1, ANSWER: 9, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;apt-get.com.           IN  A

;; ANSWER SECTION:
apt-get.com.        86336   IN  CNAME   thie5ku9.dsgeneration.com.
thie5ku9.dsgeneration.com. 60   IN  A   208.73.211.242
thie5ku9.dsgeneration.com. 60   IN  A   208.73.211.246
thie5ku9.dsgeneration.com. 60   IN  A   208.73.211.166
thie5ku9.dsgeneration.com. 60   IN  A   208.73.211.232
thie5ku9.dsgeneration.com. 60   IN  A   208.73.211.161
thie5ku9.dsgeneration.com. 60   IN  A   208.73.210.233
thie5ku9.dsgeneration.com. 60   IN  A   208.73.211.186
thie5ku9.dsgeneration.com. 60   IN  A   208.73.211.188

;; Query time: 59 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jun 10 15:05:48 2014
;; MSG SIZE  rcvd: 193


$ dig apt-get.com ns

; <<>> DiG 9.8.1-P1 <<>> apt-get.com ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 43831
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;apt-get.com.           IN  NS

;; Query time: 26 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jun 10 15:12:37 2014
;; MSG SIZE  rcvd: 29


$ dig apt-get.com ns @b.gtld-servers.net

; <<>> DiG 9.8.1-P1 <<>> apt-get.com ns @b.gtld-servers.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38228
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;apt-get.com.           IN  NS

;; AUTHORITY SECTION:
apt-get.com.        172800  IN  NS  ns1.domainrecover.com.
apt-get.com.        172800  IN  NS  ns2.domainrecover.com.

;; ADDITIONAL SECTION:
ns1.domainrecover.com.  172800  IN  A   66.45.232.66
ns2.domainrecover.com.  172800  IN  A   65.23.159.179

;; Query time: 70 msec
;; SERVER: 192.33.14.30#53(192.33.14.30)
;; WHEN: Tue Jun 10 15:07:05 2014
;; MSG SIZE  rcvd: 111

域确实解析。我得到以下标题:

GET / HTTP/1.1
User-Agent: Testing_Sniffer/4.15
Host: apt-get.com
Accept: */*

HTTP/1.0 200 (OK)
Cache-Control: private, no-cache, must-revalidate
Connection: Keep-Alive
Pragma: no-cache
Server: Oversee Turing v1.0.0
Content-Length: 1347
Content-Type: text/html
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=3, max=96
P3P: policyref="http://www.dsparking.com/w3c/p3p.xml", CP="NOI DSP COR ADMa OUR NOR STA"
Set-Cookie: parkinglot=1; domain=.apt-get.com; path=/; expires=Wed, 11-Jun-2014 14:10:37 GMT

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN" "http://www.w3.org/TR/html4/frameset.dtd">
<!-- turing_cluster_prod -->
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

    <title>apt-get.com</title>
    <meta name="keywords" content="apt-get.com" />
    <meta name="description" content="apt-get.com" />
    <meta name="robots" content="index, follow" />
    <meta name="revisit-after" content="10" />


    <meta name="viewport" content="width=device-width, initial-scale=1.0" /> 



    <script type="text/javascript">
      document.cookie = "jsc=1";
    </script>

  </head>
  <frameset rows="100%,*" frameborder="no" border="0" framespacing="0">
    <frame src="http://apt-get.com?epl=5PfLSSqWrYDAt-gbwMDK_rA3b1UJCYVTJHfxTzr9FTDQV84b6vAgVhU3FTeCRQNiuRNv79Ni0V3mkEVNRhpqo2gpMjp5iOIR1w2_EISPENaqzoXohVXl2QI3ryXlRCB4FaIIaxynnWXWY6QBgBgNiIZ6agD1NBoNGg0ajXpUCXUAIJDer78AAOB_AwAAQIDbCwAAe_NWlVlTJllBMTZoWkKPAAAA8A" name="apt-get.com">
  </frameset>
  <noframes>
    <body><a href="http://apt-get.com?epl=5PfLSSqWrYDAt-gbwMDK_rA3b1UJCYVTJHfxTzr9FTDQV84b6vAgVhU3FTeCRQNiuRNv79Ni0V3mkEVNRhpqo2gpMjp5iOIR1w2_EISPENaqzoXohVXl2QI3ryXlRCB4FaIIaxynnWXWY6QBgBgNiIZ6agD1NBoNGg0ajXpUCXUAIJDer78AAOB_AwAAQIDbCwAAe_NWlVlTJllBMTZoWkKPAAAA8A">Click here to go to apt-get.com</a>.</body>
  </noframes>
</html>
domain-name-system

2 个回答

  1. Best Answer

    您误解了 RFC 的性质。任何人都可以完全自由地违反它们,但可能会导致不可预测的行为。您正在看到一个完美的例子:当您NS.com服务器请求域的记录时,您会得到一个答案(一对记录),但是当您通过正常递归进行时,您会得到不同的结果(SERVFAIL)。

    正如您所期望的那样,域名解析是有效的(毕竟有一个 CNAME),但是很难以可靠的方式对该域(没有邮件,没有服务器)做任何其他事情。www.

    您已经发布了一个完美的示例,说明为什么违反 RFC 是不明智的。

    • 7

  2. 这实际上是对 CNAME 的有效使用。您可以在 DNS 区域的顶点使用 CNAME,但不能将其与任何其他记录类型(例如 MX)一起使用。对于大多数域所有者来说,这是一个不可接受的权衡,但它有时会被使用。

    • -3

相关问题