DNAME RecordHow does DNAME record work?
DNAME record (Delegation Name Record) is a type of DNS record that redirects an entire subtree of the DNS namespace to another domain. Unlike a CNAME record which creates an alias for a single hostname, a DNAME record delegates an entire domain subtree, causing all names under the owner name to be remapped to the corresponding names under the target domain.
When a DNS resolver encounters a DNAME record, it synthesizes a CNAME record for the queried name by substituting the delegated subtree with the target domain. This makes DNAME records especially useful for domain migrations and renaming scenarios, allowing an entire domain tree to be transparently redirected without creating individual CNAME records for every hostname.
For example, if a company renames its domain from oldcompany.com to newcompany.com, a DNAME record at oldcompany.com pointing to newcompany.com would cause mail.oldcompany.com, www.oldcompany.com, ftp.oldcompany.com, and any other subdomain to resolve transparently under newcompany.com.
DNAME record format
A typical DNAME record looks like the following in standard BIND format:
$ORIGIN example.com.
old 3600 IN DNAME new.example.com.
legacy 86400 IN DNAME current.example.net.
An anatomy of the DNAME Record
old 3600 IN DNAME new.example.com.
looks like the below:
| Host Label | TTL | Record Class | Record Type | Target |
|---|---|---|---|---|
| old.example.com. | 3600 | IN | DNAME | new.example.com. |
It defines the hostname of a record and whether the hostname will be appended to the label. Fully qualified hostnames terminated by a period will not append the origin. The DNAME record applies to all names in the subtree below this owner name.
TTL
The time-to-live in seconds. This is the amount of time the record is allowed to be cached by an outside DNS server.
Record Class
Mainly 3 classes of DNS records exist:
- IN (Internet) – default and generally what internet uses.
- CH (Chaosnet) – used for querying DNS server versions.
- HS (Hesiod) – uses DNS functionality to provide access to databases of information that change infrequently.
The record format is defined using this field. Common record types are A, AAAA, CNAME, CAA, TXT etc. In the case of a DNAME record, the record type is DNAME.
Target
The target domain to which the subtree is delegated. This parameter must be a Fully Qualified Domain Name (FQDN), never an IP address. All names in the subtree below the owner name are remapped to corresponding names under this target domain.
DNAME record restrictions
DNAME applies to the subtree, not the owner name itself
A DNAME record redirects names in the subtree below the owner name. The owner name itself is not remapped. For example, a DNAME at old.example.com pointing to new.example.com will remap www.old.example.com to www.new.example.com, but does not itself define old.example.com as an alias for new.example.com.
DNAME and CNAME cannot coexist at the same owner name
A DNAME record must not be present at the same owner name as a CNAME record. Because a DNAME synthesizes CNAME records for names in its subtree, having both at the same node would create a conflict. (RFC 6672 section 2.4)
NS records cannot point into a DNAME-redirected subtree
A zone delegation (NS record) must not point to a name that falls within a DNAME-redirected subtree, as the DNAME substitution would interfere with the proper resolution of the delegated zone.
A DNAME record must not appear at the zone apex
A DNAME record cannot be placed at the zone apex (root of the zone). The zone apex must contain SOA and NS records, and placing a DNAME there would conflict with those mandatory records and the definition of zone authority. (RFC 6672 section 2.3)
Only one DNAME record per owner name
Only a single DNAME record may exist for a given owner name. Multiple DNAME records at the same node are not permitted, as there would be no defined way to choose between conflicting target domains.
DNAME synthesis example
To illustrate how DNAME synthesis works, consider the following zone configuration:
old.example.com. 3600 IN DNAME new.example.com.
www.new.example.com. 3600 IN A 192.0.2.1
When a resolver queries www.old.example.com, the authoritative nameserver returns the DNAME record along with a synthesized CNAME:
old.example.com. 3600 IN DNAME new.example.com.
www.old.example.com. 3600 IN CNAME www.new.example.com.
www.new.example.com. 3600 IN A 192.0.2.1
The synthesized CNAME is not stored in the zone file; it is generated on the fly by the authoritative nameserver (or by a DNAME-aware resolver) during query processing.
DNAME record glossary
DNAME
A DNAME record delegates an entire subtree of the DNS namespace to another domain. When a resolver encounters a DNAME, it synthesizes a CNAME for the specific name queried and continues resolution under the target domain. This allows an entire domain tree to be remapped without individual CNAME records.
CNAME
A CNAME (Canonical Name) record creates an alias from one hostname to another. Unlike DNAME, it applies only to the single hostname it is defined for, not to an entire subtree. DNAME records cause CNAME records to be synthesized dynamically for queried names within the delegated subtree.
DNSSEC
DNSSEC stands for Domain Name System Security Extensions and is a means of securing the authenticity of the DNS response. DNS security is compromised by the prevalence of cache poisoning for phishing, so DNSSEC is a way to authenticate the DNS response.
BIND
Berkeley Internet Name Daemon - is the most commonly used DNS software on the Internet and Dynu observes BIND format.
FQDN
Fully Qualified Domain Name. A complete domain name that specifies its exact location in the DNS hierarchy, terminated with a trailing dot (e.g. new.example.com.). The target of a DNAME record must always be an FQDN.
SOA Record
Start of Authority Record. It is the first record in every zone file and contains information including serial number, refresh, retry, expire and TTL and how nameservers get the zone file information.
NS Record
Name Server records identify the DNS servers responsible (authoritative) for a zone.