30

I have a Heroku app and I need to set up a domain for it. The common way to set it up is to use a CNAME record to specify that this domain is an alias to <your-domain-name>.herokuapp.com.

But I also want to add some integrations that require me to add TXT record for the domain. I set it up like that for the domain example.com:

@ IN TXT google-site-verification=xxxxxxx @ IN TXT yandex-verfication:xxxxxxxxx www IN CNAME example.herokuapp.com

I also need to add similar TXT records on www.example.com, but apparently this isn't possible since a CNAME already exists.

So, the question: is there any way to add CNAME and TXT records for the same subdomain?

Improve this question
2
  • The obvious answer is not to use a wildcard CNAME. Commented Feb 23, 2017 at 0:42
  • 1
    @tim can you explain a little what should I change? Commented Feb 23, 2017 at 0:45

2 Answers 2

Reset to default
56

You can't. As RFC1034 says in s3.6.2,

If a CNAME RR is present at a node, no other data should be present

If you want a TXT record for (say) www.example.com, you can't have a CNAME for www.example.com, and will have to find another way to achieve what you want. This may mean monitoring example.herokuapp.com yourself, and when the IP address changes, updating your own A records for www.example.com.

Edit from the future: in his (excellent) sysadmin blog, Chris Siebenmann gives a very good analysis of why it is forbidden, plus the pros and cons of provider-specific workarounds like ALIAS records (it turns out those do exactly what I described above).

I personally find because the RFCs say so a more acceptable answer than Chris does, but then again I suspect my brain harbours a fuzzy image of Jon Postel going up Mount Sinai on a regular basis, each time returning with the latest RFCs in a semi-portable format.

Improve this answer
3
  • 1
    I would challenge this. Doesn't the word "should" indicate a recommendation here rather than a hard law? In what scenario would there be any practical real world issue with a TXT record coinciding with a CNAME? I've personally added TXT records to hostnames containing CNAME's without any problems. Commented Dec 11, 2020 at 10:03
  • 2
    @DavidBackeus famously, one should be conservative in what one sends, and generous in what one accepts. You're right that it often doesn't cause problems to publish such records, but sometimes it does, and they can be unpredictable, and difficult to diagnose. Why set yourself up for Heisenbugs? Commented Dec 11, 2020 at 11:18
  • RFC2119 does define what a SHOULD actually means. That said, this RFC1034 doesn't use RFC2119 to define it's language, so who knows without looking at the erratas, what should means here. Commented Apr 2, 2024 at 0:45
9

A workaround would be to use an ALIAS record if your registrar supports it. It is a type of records that provides CNAME-like behavior on apex domains. Read more: https://support.dnsimple.com/articles/alias-record/#whats-an-alias-record

For example, you could create an ALIAS record for @ which points to myapp.herokuapp.com. This would allow you to also have TXT records for @ on the same domain name.

Improve this answer
2
  • ALIAS is not defined by any standard, this is created by some providers, and called differently either ALIAS or ANAME or APEXCNAME or whatever else. Commented Nov 13, 2020 at 18:50
  • Not only by some providers. ALIAS is supported by PowerDNS, an alternative to bind9, which is available in both Ubuntu's and Debian's official repositories. Also, since ALIAS is purely server-side, it doesn't have to be defined by any standard, fortunately. Commented Oct 5, 2021 at 20:24

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.