An ALIAS/ANAME record functions as an alias for domain names, similar to how a CNAME record does for subdomains. It's used to point one domain (or hostname) to another, such as a website.
This is also named CNAME flattening; it allows you to use a CNAME record at your zone apex (example.com).
What is an ALIAS/ANAME DNS record?
An ALIAS (Apex Alias) or ANAME (Alias Name) record redirects a domain (only apex) to another domain. The domain then becomes an alias, or synonym, of the domain it points to. It can be used like a CNAME but offers greater flexibility.
An ALIAS/ANAME record is a type of record created to achieve CNAME-like behavior on apex domains. It combines a CNAME record with an A record (hence the name ANAME).
Unlike a CNAME, an ANAME record can coexist with other records (except with A and AAAA). The principle is that the authoritative DNS server resolves the target (the right-hand side of the ANAME record) and responds with the target's IP address when queried.
For instance, if your domain is example.com and you want it to point to a hostname like app.brandshelter.com, you cannot use a CNAME record, which only applies to subdomains, but you can use an ALIAS record. The ALIAS record will automatically resolve your domain to one or more A records at the time of resolution, and resolvers will simply see your domain as if the zone contained only A records.
It is important to note that the ALIAS/ANAME record can cause problems with DNSSEC.
With this type of record, the authoritative server that loaded the zone will be responsible for changing the record's value when the TTL expires. Since the authoritative server will need to modify the zone's contents more or less frequently (depending on the TTL), it will have to sign the created records. This requires having the private key available (it's sometimes preferable to keep it offline for security reasons, which is operationally feasible if the zone isn't modified too often). And this will require a server that can dynamically sign, or some specific workarounds. Therefore, it's recommended not to use this type of record with DNSSEC, as this risks invalidating DNSSEC and breaking the zone. More information.
Example of an ALIAS record:
@(yourdomain.com) 33200 IN ALIAS example.example.com.| yourdomain.com | Record Type | Value | TTL |
|---|---|---|---|
| @ | ALIAS | example.example.com | 33200 |
Conditions for using an ALIAS/ANAME record
For an ALIAS record to be valid:
- There must be no existing A or AAAA records at the apex of the zone (@).
-
Apex ALIAS are only allowed on the zone apex (example.com). It is not possible to use them on subdomains.
-
DNSSEC must not be enabled for your domain. An ALIAS record will break DNSSEC on the root domain (@) because the @ A and @ AAAA responses will lack the RRSIG records necessary for DNSSEC to function (an RRSIG record contains the signature of the record sent by the authoritative server), which will prevent resolution by all resolvers.
Important: Do not use DNSSEC and ALIAS at the same time; they are not compatible. An ALIAS record will invalidate DNSSEC, rendering your DNS records unusable.
How does an ALIAS/ANAME record work?
When a client browser queries the domain name pointed to by an ANAME record, the browser responds with an IP address. A CNAME record, on the other hand, cannot point to an IP address, but an ANAME record can. This is one of the advantages of ANAME over CNAME.
Furthermore, another advantage of ANAME over CNAME is that it can coexist with other records for the same domain name (only at apex). Apex ALIAS are only allowed on the zone apex.
Apex alias conflicts with A, AAAA, web forwards or other apex ALIAS.
What are the differences between an ALIAS record and A, CNAME, and URL records?
A and CNAME records are standard DNS records.
ALIAS and URL (web rerouting) records are custom DNS records provided by BrandShelter's DNS solution. They are not standard or normalized by IANA and IETF. These two types of records are internally translated into A records to ensure compatibility with the DNS protocol.
Understanding the Differences Between A, CNAME, Alias, and URL Records
Here are the main differences between A, CNAME, Alias, and URL records:
1/ An A record maps a domain name to one or more server IP addresses;
2/ A CNAME record maps a subdomain to another target name. It can only be used if there are no other records for that name;
3/ The ALIAS record matches a name (apex) to another target name; it can be added to a domain and can coexist with other records for that name;
4/ The URL record (web redirect) redirects the name to the target name using the 'HTTP 301' redirect code.
Important rules:
• A, CNAME, and ALIAS records resolve a name to an IP address.
• At the opposite, the URL record redirects the name to another destination name/address or URL. The URL record (or web redirect) is a simple and effective way to apply a redirect from one name to another, for instance, redirecting www.example.com to example.com.
• The A record must point and resolve a name to an IP address.
• CNAME and ALIAS records must point to a hostname (not an IP address).
Which type of record should you use and in which cases?
- Use an A record to point a domain or subdomain to an IP address. If you are managing the IP addresses assigned to a particular machine or if the IP addresses are static (this is the most common case).
- Use a CNAME record if you want to map a subdomain to a name (alias) and you don't need other records (such as MX records for email) for the same subdomain.
- Use an ALIAS record if you are trying to create an alias for the domain (apex zone).
- Use a URL record (web redirect) record if you want the name to redirect to another name (address change) instead of resolving to a target.
→ You cannot add a CNAME record for your apex domain name (example: @domain.com).
→ If you know you won't need to add other records for a subdomain, use a CNAME record.
→ If you are not using DNSSEC and have other records to add, use ALIAS/ANAME at zone apex.
Important note: ALIAS/ANAME is not a standardized record listed by IANA and IETF.
More information on DNS records and their settings
How to add a DNS ALIAS record
On your BrandShelter Portal > DNS Management interface select the record type APEXALIAS: CNAME functionality on zone apex
