0
votes

We have a variety of domain names that all point to a central location. For example:

company.com (main organization)
[A] => 10.10.10.1
[MX] => 10.10.10.2
[MX] => 10.10.10.3

subsidiary.com (secondary organization)
[A] => 10.10.10.1

We want to be able to point both domain names to a CNAME record so that both domains can be rapidly changed. For example:

company.com (main organization)
[CNAME] => another.record.com
[MX] => 10.10.10.2
[MX] => 10.10.10.3

subsidiary.com (secondary organization)
[CNAME] => another.record.com

Of course, this obviously causes a problem because the CNAME record and MX record for company.com are on the same level. If we were only dealing with two domain names, it wouldn't be an issue, but in our real-world example there are hundreds of domain names. The problem is, if our IP changes for our server environment (despite being static we have had hosts revoke an IP) we have to go through and manually update hundreds of records.

One example of needing to rapidly change IP location would be on-demand DDOS protection. Most use a reverse proxy and it will require updating all the DNS zone files to point to their environment. Then of course, after a DDOS you have to route it all back. It could mean updating almost a thousand records.

A final point: we don't have control over about half of the domains so introducing a DNS software solution to automatically re-provision the records isn't feasible.

Is there any way around this that sticks to RFC standards? I realize this may be an impossible question -- it would be nice to know it's impossible for certain though.

1
I had the fortune of talking to a variety of top networking specialists and this is completely, 100% impossible to do sticking to RFC standards and not using a third-party DNS management tool.OrangeFrog

1 Answers

-1
votes

This is impossible. See comment below the question.