tags:

views:

680

answers:

4
+3  Q: 

Are CNAMES slow ?

I'm using CNAMEs together with S3/CloudFront to serve some static files like js, css, images, etc.

I do it to make the bucket's URL pretty and because I think is better have all targeting to my site and in case in some future I want to move those files the change should be transparent.

Today reading blogs I saw some think CNAMEs are evil for speed.

So, what to think about it?

+5  A: 

CNAMES add another level of indirection using the DNS lookup, so some penalty will be incurred. However, once the IP has been looked up through DNS, it should remain cached and the penalty shouldn't occur anymore for that client.

Make sure to set the expiry times correctly in your DNS entry and you shouldn't see any visible delay.

Ben S  2009-04-14 17:29:05
I acepted your Answer because made me check the expiration times. TTY
Gabriel Sosa  2009-04-14 22:34:14
On the other hand, the DNS calls "expiry" a completely different thing. I believe Ben S meant "TTL", not "expiry".
bortzmeyer  2009-04-17 06:46:34
I am setting up a similar structure. What did you set the TTL to?
Declan Shanaghy  2010-09-29 18:17:12
+3  A: 

One thing to be aware of with CNAMES is that if the target of the CNAME is not cached, it will require another lookup, as Ben S said.

HOWEVER, if the target of the CNAME is yet another CNAME, then it will require YET ANOTHER lookup, ad nauseum.

I would suggest against pointing your CNAME to another CNAME.

Moose  2009-04-14 17:32:47
+4  A: 

The impact of using CNAME is in most cases very low. The DNS response format allows the server to put some additional data in the message, and in many situation when you look up CNAME record, the server will add the corresponding A record in the additional data section, so no more look ups are required.

Michał Piaskowski  2009-04-14 17:44:15
Yes, that's usually the case.
Gleb  2009-04-14 17:56:29
but incorrect...
Alnitak  2009-04-14 18:00:21
Yes, incorrect for a long time. RFC 2181, in july 1997, advised against doing that, for security reasons (section 5.4.1, "Ranking data").
bortzmeyer  2009-04-17 06:45:19
Using the dig command with a lookup for, say, www.toyota.com, I get an answer section with four entries: two CNAMEs and two A records. Are you telling me that these four entries didn't all come in the same response packet?
Barry Brown  2009-06-27 07:49:46
+3  A: 

As per other answers, using a CNAME should only cause very minimal additional DNS resolution delay, and only if the result is not already in the recursive DNS server's cache.

Note that DNS clients don't routinely ask explicitly for CNAME records. Typically they'll ask for whatever record type they actually want - for a web browser that would be an A or AAAA record.

It's the job of the upstream servers to recognise that the queried domain name has a CNAME entry in it, and then look up and return the target result. In this case both the CNAME record and the required result are returned in the Answer Section of the DNS response (and not in the Additional Section as someone else answered).

For optimum performance it's best that the target of the CNAME be hosted on the same authoritative DNS server as the domain name that contains the CNAME so that the CNAME resolution can be done without further DNS requests.

Alnitak  2009-04-14 18:10:16
+1, thanks for correcting me.
Michał Piaskowski  2009-04-14 18:14:18

related questions

How do I add a MIME type to .htaccess?
Difference between the Apache HTTP Server and Apache Tomcat?
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Cleanest & Fastest server setup for Django
Installing Apache Web Server on 64 Bit Mac
Running Apache alongside another web server?
Algorithm behind MD5Crypt
Can you compile Apache HTTP Server and redeploy its binaries to a different location ?
mod_rewrite rule to redirect all requests except for one specific path
How do I create a self signed SSL certificate to use while testing a web app.
Software for Webserver Log Analysis?
What is the difference between an endpoint, a service, and a port when working with webservices?
What are the proper permissions for an upload folder with PHP/Apache?
mod_rewrite to alias one file suffix type to another
How do you redirect HTTPS to HTTP?
Using mod_rewrite to Mimic SSL Virtual Hosts?
User authentication on Resin webserver
How do you set up Python scripts to work in Apache 2.0?
Block user access to internals of a site using HTTP_REFERER
.htaccess directives to *not* redirect certain URLs
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP