What came first: the CNAME or the A record?

Posted by linolevan 1/19/2026

What came first: the CNAME or the A record?(blog.cloudflare.com)

466 points | 162 commentspage 5

1vuio0pswjnm7 1/19/2026|

"One such implementation that broke is the getaddrinfo function in glibc, which is commonly used on Linux for DNS resolution. When looking at its getanswer_r implementation, we can indeed see it expects to find the CNAME records before any answers:"

Wherever possible I compile with gethostbyname instead of getaddrinfo. I use musl instead of glibc

Nothing against IPv6 but I do not use it on the computers and networks I control

1vuio0pswjnm7 1/20/2026||

It appears that some people prefer IPv4 and do not need IPv6

For example, from another story (about IP addresses) on today's HN front page:

https://news.ycombinator.com/item?id=46693867

https://news.ycombinator.com/item?id=46695198

1vuio0pswjnm7 1/21/2026||

And not long ago:

https://news.ycombinator.com/item?id=46472163

1vuio0pswjnm7 1/20/2026|||

Sometimes software written by others provides compile-time options to disable getaddrinfo or IPv6. Sometimes the software onllly uses gethostbyname

For example,

tinydns (only uses gethostbyname)

nsd (--disable-ipv6)

I compile static binaries with musl. I do not use glibc

1vuio0pswjnm7 1/20/2026|||

NB. This is not code that belongs to me

When compiling software written by others, sometimes there are compile-time options that allow not using getaddrinfo or IPv6

For example,

links (--without-getaddrinfo)

haproxy (USE_GETADDRINFO="")

tnftp (--disable-ipv6)

elinks (--disable-ipv6)

wolfssl (ipv6 disabled by default)

stunnel (--disable-ipv6)

socat (--disable-ipv6)

and many more

Together with localhost TLS forward proxy I also use lots of older software that only used gethostbyname, e.g., original netcat, ucspi-tcp, libwww, original links, etc.

Generally I avoid mobile OS (corporate OS for data collection, surveillance and ad services)

Mobile data is disabled. I almost never use cellular networks for internet

Mobile sucks for internet IMHO; I have zero expectation re: speed and I cannot control what ISPs choose to do

For me, non-corporate UNIX-like OS are smaller, faster, easier to control, more interesting

1vuio0pswjnm7 1/20/2026|||

O5QXGIBLGIXC4LQK

immibis 1/19/2026||

Your code runs slower on mobile devices, since (as a rule of thumb) mobile networks are ipv6-only and ipv4 traffic has to pass through a few layers of tunneling.

charcircuit 1/19/2026|

Random DNS servers and clients being broken in weird ways is such a common problem and will probably never go away unless DNS is abandoned altogether.

It's surprising how something so simple can be so broken.