How to set up a CNAME record for a custom domain name
Last updated
Last updated
We ask customers to set up their domain names using CNAMEs rather than the possibly more familiar A record method because:
If we need to upgrade or downgrade your service we can do this without your tech team having to be involved.
It allows us to meet our target service level availability eg up-time as defined in .
This approach to DNS management helps us to provide you with the best possible service and the most service up-time, as defined with our . This approach removes the need for us to liaise with you if your IP address needs to change, which could be at unsociable hours.
Most commonly your IP address will change because we're undertaking standard maintenance or upgrading your site. Occasionally we may also move your site to provide better resilience if we detect a hardware failure, DC outages or network outages for example.
If you create an A record instead of a CNAME record, we will not be able to support your site's because we will not be able to change the site's IP address without your involvement. From past experience we have found that the fewer the number of teams involved in this type of activity, the faster it can be done with fewer errors. For this reason, we do not support custom domains with A records.
A CNAME is like a forwarding address for DNS. You use a CNAME record so that your site's name can point to the server for your site without you needing to alter a DNS record if the server's IP address has to be changed. There is no additional difficulty to creating or serving a CNAME record instead of an A record.
You must not have any other DNS record(s) with the same name as your CNAME record. If you do you may see extremely complicated failure modes where end-users in different physical locations see different DNS results depending on:
Timing
Their physical location
The specific chain of caching DNS servers between them and the authoritative name servers
The order in which different DNS queries are made by different parties.
If you have an online control panel for your domain then it will normally be a web application that lets you administer DNS records for your domain. The appearance and behaviour of this application will depend on your DNS provider.
If you run your own DNS servers, you will be using software like BIND or Windows Server.
If you use BIND, add a record to your domain's zone file and then reload the zone. On Ubuntu for instance, the zone file will usually be in /etc/bind/db.example.com . The new line in the zone file should look like:
If your organisation's local network or intranet has a DNS server that serves records for client.gov.uk, you will need to add an identical record to your local DNS server so that your site will be viewable from within your network.
If this is not set up correctly, you may find that your site will be accessible via the public internet but not from your office network. The easiest way to test whether your site is accessible via the public internet is to browse to your site on a 3G connection on a smartphone like an iPhone or Android phone. If your site is viewable via the public internet but not from computers on your office network then you most likely have a local DNS server that needs to have this record set up.
Open a Command Prompt by clicking the Start menu, typing "cmd.exe" and pressing Enter. A black window should appear with a prompt.
You should now run the following command, replacing 'haveyoursay.example.com' with your actual domain name:
and you should see a reply like:
The first two lines, 'Server:' and 'Address:"'may vary, they just depend on your local router or DNS caching server. The line under 'Non-authoritative answer:' giving the canonical name is the one that matters and has to match the value (like 'cs-example.delib.net') that we gave you.
If you accidentally forgot to put a dot on the end of your CNAME record's value when you needed to, you should expect to instead get a reply like:
This indicates that the trailing dot was missed and the name is not set up correctly.
Open a Terminal. On Mac OS X, click on the magnifying glass icon at the top-right of your screen (or press Apple + Space together) to bring up the search tool, then type 'Terminal' and press Enter. On Linux with Gnome, click the 'Activities"'in the corner of your screen, type 'Terminal' and press Enter.
You should now run the following command, replacing 'haveyoursay.example.com' with your actual domain name:
and you should see a reply like:
or
If you accidentally forgot to put a dot on the end of your CNAME record's value when you needed to, you should expect to instead get a reply like:
This indicates that the trailing dot was missed and the name is not set up correctly.
specifically recommends against having any other record with the same name as a CNAME record. For this reason, we do not support custom domains with any record other than the CNAME record at the same name.
If you use Windows Server, see Microsoft's documentation and instructions for .
