(Archived) Which scenario does the root360-redirect service cover
You have tried to access an archived page. Please go to the new https://root360.atlassian.net/wiki/spaces/KB to find more documents.
If you want to point a second-level domain name, e.g. "example.com" to your root360 environment, you cannot simply point an A record to a public IP of your root360 environment. Root360 environments are accessed through elastic loadbalancers that do not have stable IPs. Instead, they have stable domain names which point to a set of changing IPs to enable cross-availability-zone redundancy.
You cannot point an A record to the load balancer's domain. However, you can point a CNAME record to the load balancer domain and this is how we ask you to connect your third-level domains (such as www.example.com) to the loadbalancer. Second-level domains cannot use a CNAME record in this scenario (see below for a technical explanation).
We solve this issue by providing a redirect server that performs http(s)-based redirects to one of your third-level domains which in turn points via CNAME to the load balancer.
To use this service, create an A record that points from your second-level domain to our redirect service. See below for a detailed explanation.
Example of an application
A website is hosted at www.example.com. The dispatch of newsletters and purchase confirmations is made via eg "buchung@example.com
". In addition, newsletters and the website contain elements that do not use the fully-qualified domain www.example.com, but it is linked eg example.com/schoenes-bild.jpg.
There are now two problems. If example.com is set as CNAME to the AWS load balancer, mail is no longer working. If example.com is set as an A-Record to one of the loadbalancer IPs, AWS may change the IP of their loadbalancer at any time an the DNS entry will be obsolete.
The solution is:
For www.example.com, set a CNAME with the domain name of the loadbalancer
Redirect example.com using our root360 redirect service by pointing it to an A record to our redirect service. The service will then redirect any http(s) requests to www.example.com
(Optional) always fully-qualified domains
Features
Redirect any domain example.com to www.example.com for HTTP. HTTPS works automatically because we provide a SSL certificate using letsencrypt (AWS SSL Certificates issued by Amazon are unfortunately not available).
Specific redirections from subdomains to the directory structure eg specialties.feinkost.de after www.feinkost.de/spezialitäten . This configuration requires configuration by root360.
Letsencrypt certificates will be refused by the default browsers in Android devices using Android <7.1.1 beginning in January 11, 2021. For more information see the announcement about the changes of letsencrypts root certificate.
Access and usage
To use the redirect service set an A record for the domain-to-be-redirected to "52.29.127.0
".
The root360-redirect-service does not support IPv6/AAAA-records. Take care to remove AAAA records from your domain-to-be-redirected.
Technical background for DNS 2nd level CNAME violation
The DNS standard (RFC1033) requires that the tree of the alias is not traversed when a CNAME is used, all information resolved at the target. If, for example, example.com is a CNAME, but besides the CNAME, there are other entries, such as MX or SPF, they can not be found and mailing through these MX/SPF records is not possible.
Some proprietary DNS implementations, such as AWS Route53 or CloudFlare violate the standard and allow traversing the records, even if a CNAME exists.
root360 Knowledge Base - This portal is hosted by Atlassian (atlassian.com | Privacy Policy)