AKAMAICDN: ALIAS or custom record type?

469 views
Skip to first unread message

Steven Vernick

unread,
Jun 8, 2021, 11:46:29 AM6/8/21
to DNSControl-discuss
Hi.

AKAMAICDN is an Akamai record type that matches up very well with ALIAS, with one exception: the AKAMAICDN target is specially configured on the Akamai system.  The AKAMAICDN target must be one of the special hostnames.

The "ALIAS" testgroup fails for the AKAMAI provider because the targets are illegal for AKAMAICDN:

testgroup("ALIAS",
    requires(providers.CanUseAlias),
    tc("ALIAS at root", alias("@", "foo.com.")),
    tc("change it", alias("@", "foo2.com.")),
    tc("ALIAS at subdomain", alias("test", "foo.com.")),
    tc("change it", alias("test", "foo2.com.")),
),


-- Should AKAMAICDN be implemented as an ALIAS equivalent?  
I would have to add
    not("AKAMAI")
to the "ALIAS" testgroup.

or, alternatively:

-- Should AKAMAICDN be a custom record type?


This blog post describes "Zone Apex Mapping".  The customer configures ZAM for a zone by adding one or more AKAMAICDN records to the zone's configuration.

Thank you.

/Steve

Tom Limoncelli

unread,
Jun 9, 2021, 8:27:51 AM6/9/21
to Steven Vernick, DNSControl-discuss
My general recommendation is to implement the provider-specific type so that you can realize all the special features available. The name should be prefixed with the provider name.   

ALIAS should implement the lowest-common-denominator features, basically a CNAME that can be at the domain's apex.  It can simply be an edifice for AKAMAICDN if that makes sense, but the fact that Akamai is strict about the destination host makes me unsure what to do.  Could the integration test be modified so that it works for Akamai and other providers?  

For example, the target could create 2 A records and only refer to them in the tests. For an example, look at testgroup("R53_ALIAS2"):

      tc("modify an r53 alias",

        a("kyle", "1.2.3.4"),

        a("cartman", "2.3.4.5"),

        r53alias("kenny", "A", "cartman.**current-domain**"),

      ),


Tom

Steven Vernick

unread,
Jun 9, 2021, 9:45:40 AM6/9/21
to DNSControl-discuss
> My general recommendation is to implement the provider-specific type 
Then that's what I'll do.

> ALIAS should implement the lowest-common-denominator features, basically a CNAME that can be at the domain's apex.
AKAMAICDN does not fit that strict definition.

> Could the integration test be modified so that it works for Akamai and other providers
Unfortunately, no.  The target is customer-specific and specially configured.  There is no target that is guaranteed to always work.

> the fact that Akamai is strict about the destination host makes me unsure what to do. 
I think that the "CNAME at the apex" requirement is not met by AKAMAICDN, so I'll create a custom record type.

Thank you very much!

/Steve
Reply all
Reply to author
Forward
0 new messages