tag:blogger.com,1999:blog-1310592211703201999.post8661052133942997215..comments2023-03-22T00:24:44.986-07:00Comments on David Ebbo: Using a naked domain with a Windows Azure Web SiteDavid Ebbohttp://www.blogger.com/profile/10231048261702011658noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-1310592211703201999.post-3407459369510087822012-08-01T15:06:41.161-07:002012-08-01T15:06:41.161-07:00One somewhat related caveat: You can't curren...One somewhat related caveat: You can't currently do SSL with this approach. https://davidebbo.azurewebsites.net works, but https://www.davidebbo.com will not. This isn't so much because of the DNS config (I don't think), but more because Azure doesn't currently support it and give you a place to put a SSL certificate.Daniel Roothttps://www.blogger.com/profile/04004685127300233374noreply@blogger.comtag:blogger.com,1999:blog-1310592211703201999.post-91157640241663693112012-08-01T06:14:32.603-07:002012-08-01T06:14:32.603-07:00@Sam: thanks for sharing this info, which gives so...@Sam: thanks for sharing this info, which gives some good context from people who obviously know more than me :)<br /><br />At this point, I'm waiting to find a concrete case that's broken for me. This very blog is using a CNAME for blog.davidebbo.com, and the 'illegal' naked CNAME entry is apparently not hurting it.<br /><br />I guess time will tell. I'll update this post if I run into anything interesting.David Ebbohttps://www.blogger.com/profile/10231048261702011658noreply@blogger.comtag:blogger.com,1999:blog-1310592211703201999.post-5466424603663214002012-08-01T06:13:36.035-07:002012-08-01T06:13:36.035-07:00@Mark: glad to hear that! It gives me hope that it...@Mark: glad to hear that! It gives me hope that it won't completely blow up in my face :)David Ebbohttps://www.blogger.com/profile/10231048261702011658noreply@blogger.comtag:blogger.com,1999:blog-1310592211703201999.post-14035896712000405222012-08-01T01:55:05.171-07:002012-08-01T01:55:05.171-07:00Hi David,
I encountered this issue about a year a...Hi David,<br /><br />I encountered this issue about a year ago for the Azure site for my open source minification tool hosted on Azure (http://rejuice.me)<br /><br />I had a discussion with my (awesome!) DNS provider (http://dnsimple.com) and they gave a great, detailed explanation:<br /><br />"It is true that some DNS providers allow it, but it goes against the DNS protocol and thus we do not. From RFC 1912 (http://www.ietf.org/rfc/rfc1912.txt):<br /><br />2.4 CNAME records<br /><br /> A CNAME record is not allowed to coexist with any other data. In<br /> other words, if suzy.podunk.xx is an alias for sue.podunk.xx, you<br /> can't also have an MX record for suzy.podunk.edu, or an A record, or<br /> even a TXT record. Especially do not try to combine CNAMEs and NS<br /> records like this!:<br /><br /><br /> podunk.xx. IN NS ns1<br /> IN NS ns2<br /> IN CNAME mary<br /> mary IN A 1.2.3.4<br /><br /><br /> This is often attempted by inexperienced administrators as an obvious<br /> way to allow your domain name to also be a host. However, DNS<br /> servers like BIND will see the CNAME and refuse to add any other<br /> resources for that name. Since no other records are allowed to<br /> coexist with a CNAME, the NS entries are ignored. Therefore all the<br /> hosts in the podunk.xx domain are ignored as well!<br /><br />If there were a way to do it and still be compliant I assure you we would. Perhaps you can use an A record with a low TTL and dynamically update it from the host if the host address changes? Jason Seifer put together a nice example of how to do this with a shell script: http://jasonseifer.com/2011/04/04/auto-update-ip-dnsimple"<br /><br /><br />I hope that helps.<br /><br />SamSamhttps://www.blogger.com/profile/17226728707140949433noreply@blogger.comtag:blogger.com,1999:blog-1310592211703201999.post-31623270744265522752012-07-31T22:44:27.665-07:002012-07-31T22:44:27.665-07:00I've personally used a CNAME on the naked doma...I've personally used a CNAME on the naked domain, also using NameCheap for DNS, but to a Azure VM and I can confirm it breaks MX records, but otherwise it seems to work okay.Anonymoushttps://www.blogger.com/profile/07248672722521995883noreply@blogger.com