On Mon, 9 Aug 2010, mirror-maintainer@mirror.averse.net wrote:
On Mon, 9 Aug 2010, Yasuhiro Araki wrote:I understand. I would like to add new feature for cdn.debian.net which reply CNAME. I think it can use for CNAME virtual host.2 problems with this.1) cname to a cname should be avoided for efficiency reasons. Today, cdn.debian.net cnames to deb.cdn.araki.net. If deb.cdn.araki.net cnames to another hostname (like ftp.br.debian.org), you'd cause many dns lookups. Worse case could be that the dns resolution will timeout.$ host cdn.debian.net cdn.debian.net is an alias for deb.cdn.araki.net. deb.cdn.araki.net has address 150.65.7.130 deb.cdn.araki.net has address 202.229.186.27 [etc]2) I think the rfcs suggest that you should not return multiple cnames to a single query, but I can't pinpoint where it says so.
If you return a CNAME you must not return any other RRs. This includes a second CNAME record.
Also, 3) The Host: http field would be what the client thinks it is called (i.e. cdn.debian.net), no matter if it is a chain of CNAMEs or an A record directly.
So what is needed for people with name-based virtual hosts is to add cdn.debian.net (cdn.debian.org too while we're at it?) to their httpd config file.
I have one more thing I keep forgetting to mention regarding cdn:Is it necessary to return multiple A records to the same lookup? It seems to me that that would just open up the chances of them being out of sync from eachother. Why not just return a single record to each client, but cycle through the responses on the server side?
This also helps with broken resolvers that sort the A-records numerically, but hopefully they should not be many trying to get updates via apt.
/Mattias Wadenstein