OSX doesn't like CNAME to .local. domain...

2010-12-05 325 words, 2 minutes
cname
dns
osx

Looks like OSX doesn’t like CNAMEs pointing to local. DNS entries…

A bit of history

My DNS is configured with views. The public part resolves entries for the public services (like MX and WWW) and the private part resolves local services and servers name.

On the private side, entries are defined using those two rules :

Servers hostname are IN A ;
Services pointer are IN CNAME pointing to servers hostname.

I used to only have one single domain name for internal and external resolution.
But as I got used to dealing with Windows Server environnement, I start thinking using .local. domain for internal servers and services was not such a bad idea.

New DNS repartition

I now manage 3 internal name domains : carnat.net, tumfatig.net and tumfatig.local. The idea is to have servers and services name resolved in the tumfatig.local. domain and match the few public DNS entries in the other domains.

What doesn’t work

Here’s the first configuration I used:

---8<---------------------------------------------------
$ORIGIN tumfatig.local.
;
airport         IN A    10.0.0.1
guarana         IN A    10.0.0.50
(...)
log             IN CNAME        guarana.tumfatig.local.
mail            IN CNAME        zarafa.tumfatig.local.
www             IN CNAME        akela.tumfatig.local.
---8<---------------------------------------------------
$ORIGIN tumfatig.net.
;
airport         IN CNAME        airport.tumfatig.local.
guarana         IN CNAME        guarana.tumfatig.local.
(...)
log             IN CNAME        guarana.tumfatig.local.
mail            IN CNAME        zarafa.tumfatig.local.
www             IN CNAME        akela.tumfatig.local.
---8<---------------------------------------------------

The weird thing was the resolution process.
For example, host www.tumfatig.net worked well but ping www.tumfatig.net didn’t.
Also, both host www.tumfatig.local and ping www.tumfatig.local worked.

What works

Here’s what I finally ended up with (basically, don’t CNAME to tumfatig.local.):

---8<---------------------------------------------------
$ORIGIN tumfatig.local.
;
airport         IN A    10.0.0.1
guarana         IN A    10.0.0.50
(...)
log             IN CNAME        guarana.tumfatig.local.
mail            IN CNAME        zarafa.tumfatig.local.
www             IN CNAME        akela.tumfatig.local.
---8<---------------------------------------------------
$ORIGIN tumfatig.net.
;
airport         IN A    10.0.0.1
guarana         IN A    10.0.0.50
(...)
log             IN A    10.0.0.50
mail            IN A    10.0.0.61
www             IN A    10.0.0.62
---8<---------------------------------------------------
$ORIGIN carnat.net.
;
www             IN CNAME        www.tumfatig.net.
---8<---------------------------------------------------

Now it works like a charm… expect in the admin point of view ;-)