DNS CNAME Record
Canonical Name RecordWhat is a CNAME Record?
A DNS CNAME record (Canonical Name record) creates an alias from one domain name to another. Instead of mapping a domain directly to an IP address like an A record, a CNAME points one domain name to another domain name, which is then resolved to an IP address. This is commonly used to point subdomains like www.example.com to the main domain example.com.
CNAME records are particularly useful for services hosted on third-party platforms. For example, if you host your blog on a platform like WordPress.com or your app on Heroku, you can create a CNAME record pointing blog.example.com to your-blog.wordpress.com. When the platform changes its IP address, your DNS automatically follows because the CNAME simply points to their domain name.
A critical limitation of CNAME records is that they cannot coexist with other record types at the same name. This means you cannot place a CNAME at the zone apex (the bare domain, e.g., example.com) because the apex must have SOA and NS records. Some DNS providers offer proprietary solutions like ALIAS or ANAME records to work around this restriction.
Syntax & Examples
The syntax of a DNS CNAME record is straightforward:www.example.com. 3600 IN CNAME example.com.
blog.example.com. 3600 IN CNAME mysite.wordpress.com.The fields are: alias name (the domain you want to create an alias for), TTL, class (IN), record type (CNAME), and canonical name (the target domain). The canonical name must be a fully qualified domain name. Note that CNAME records add an extra DNS lookup step, as the resolver must then query the canonical name for its A/AAAA record:www.example.com → CNAME → example.com → A → 192.0.2.1How to Query CNAME Records
To query CNAME records using dig, run: dig www.example.com CNAME. For concise output: dig +short www.example.com CNAME. Note that querying for A records on a domain with a CNAME will follow the chain automatically — dig www.example.com A will show both the CNAME and the final A record. Use +trace to see the full resolution path: dig +trace www.example.com.
With nslookup, run: nslookup -type=CNAME www.example.com. On Windows PowerShell: Resolve-DnsName -Name www.example.com -Type CNAME. To check if a CNAME chain is too long (which can cause resolution failures), use: dig +trace www.example.com A and count the CNAME hops. Most resolvers have a limit of 8-16 CNAME hops before giving up.
Related Record Types
Frequently Asked Questions
What is a DNS CNAME record?
A DNS CNAME (Canonical Name) record creates an alias that points one domain name to another domain name. For example, www.example.com can be a CNAME pointing to example.com. The resolver will then look up the A/AAAA record of the target domain to find the final IP address.
Can I use a CNAME at the zone apex (root domain)?
No, a CNAME record cannot be placed at the zone apex (e.g., example.com without a subdomain) because the DNS specification requires that a CNAME cannot coexist with other record types, and the apex always has SOA and NS records. Some providers offer ALIAS or ANAME records as a workaround.
What is the difference between CNAME and A records?
An A record maps a domain directly to an IP address, while a CNAME maps a domain to another domain name (alias). A records are more efficient since they don't require additional lookups, but CNAME records are more flexible since they automatically follow the target domain's IP changes.
Can a CNAME point to another CNAME?
Technically yes, CNAME records can form chains where one CNAME points to another CNAME. However, this practice is discouraged because it adds latency (each hop requires another DNS query) and some resolvers may fail if the chain is too long (typically 8-16 hops maximum). Keep CNAME chains as short as possible.
Why is my CNAME not working?
Common CNAME issues include: the CNAME is at the zone apex (not allowed), other records exist at the same name (CNAME must be exclusive), the target domain doesn't resolve, the CNAME chain is too long, or DNS propagation hasn't completed. Use 'dig +trace' to diagnose the resolution path.