Wandering Thoughts archives


Why have an MX record to yourself?

In a recent entry, Russell Coker brings up an issue:

One issue that has been the topic of some pointless discussion is whether a mail server should have an A record or an MX record.

It's harmless not to have an MX record that points to yourself, but having one can save people a DNS query in many situations.

Answers to DNS queries have three sections: answer records, authority records, and additional records. Authority records are the NS records of the authoritative nameservers (and SOA records for negative answers); additional records are A records for any NS or MX records in the rest of the answer.

So if you have a self-pointing MX, anyone who queries your authoritative nameservers will get your MX record and your A record in one query. If you don't have an MX record, they will have to make two queries; one to find out that you don't have an MX record, and the second to get your A record.

(Similar clever tricks can be pulled through NS records. For example, if you make your web server one of your nameservers, people who go to your website will probably save a DNS lookup. But there are downsides to such tricks.)

There are two flies in the ointment:

  • nameservers only return additional records that they know at the time; if a caching nameserver has discarded your A record but not your MX record, that's it.

  • some caching nameservers, including at least djbdns's dnscache, deliberately don't include authority records or additional records in their replies in order to make their replies smaller.

sysadmin/DNSAdditionalData written at 23:17:14; Add Comment

Page tools: See As Normal.
Login: Password:
Atom Syndication: Recent Pages, Recent Comments.

This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.