When pointing a root domain (@ record) to an Azure cloud service (*.cloudapp.net), we encounter RFC compliance issues with CNAME records at the zone apex. Here's the technical breakdown:
# Typical CNAME configuration that WON'T work for root domain
mydomain.com. IN CNAME mymachine.cloudapp.net.
www.mydomain.com. IN CNAME mymachine.cloudapp.net.
DNS RFC 1912 and RFC 2181 prohibit CNAME records at the zone apex (@) because:
- CNAME can't coexist with other records (MX, NS, TXT)
- Root domain must resolve to A/AAAA records for email delivery
- DNS resolution would require multiple lookups
Option 1: Use Azure DNS ALIAS Records
If you can transfer DNS to Azure:
# Azure CLI example to create alias record
az network dns record-set cname set-record \
--resource-group myResourceGroup \
--zone-name mydomain.com \
--record-set-name "@" \
--cname mymachine.cloudapp.net \
--alias true
Option 2: GoDaddy A Record Workaround
- Resolve your Azure endpoint IP dynamically:
#!/bin/bash
# Script to update GoDaddy A record
NEW_IP=$(dig +short mymachine.cloudapp.net | grep -E '^[0-9.]+$' | head -1)
curl -X PUT "https://api.godaddy.com/v1/domains/mydomain.com/records/A/@" \
-H "Authorization: sso-key ${GODADDY_KEY}:${GODADDY_SECRET}" \
-H "Content-Type: application/json" \
-d "[{\"data\": \"${NEW_IP}\", \"ttl\": 600}]"
Option 3: DNS Provider with CNAME Flattening
Services like Cloudflare support this natively:
# Cloudflare API example
curl -X PATCH "https://api.cloudflare.com/client/v4/zones/:zone_id/dns_records/:record_id" \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type:application/json" \
-d '{"type":"CNAME","name":"@","content":"mymachine.cloudapp.net","proxied":false}'
- For Azure, consider using Azure Front Door with custom domains
- Implement DNS TTL values under 300 seconds for faster failover
- Set up monitoring for IP changes with Azure Event Grid
When hosting a website on Azure VMs (*.cloudapp.net) with GoDaddy DNS, many developers encounter this specific roadblock:
Error: "A record of a different type exists for the hostname @, could not create CNAME"
This occurs because:
- RFC standards prohibit CNAME records at the root domain level (@) when other record types exist
- GoDaddy's DNS interface enforces this restriction more strictly than some other providers
- Azure's dynamic VIP assignments make A records problematic for long-term stability
Option 1: Use GoDaddy Forwarding
GoDaddy provides domain forwarding that can mask the CNAME limitation:
- Navigate to Domain Settings > Forwarding
- Set "mydomain.com" to forward to "www.mydomain.com" (301 redirect)
- Create CNAME for www pointing to your Azure VM hostname
Option 2: DNS Provider Workaround
Some DNS providers support ALIAS/ANAME records that function like CNAMEs at root:
; Cloudflare example
@ IN ANAME mymachine.cloudapp.net.
www IN CNAME mymachine.cloudapp.net.
Option 3: Azure DNS Zone Delegation
For production environments, consider delegating DNS to Azure:
# Azure CLI command to create DNS zone
az network dns zone create \
--name mydomain.com \
--resource-group MyResourceGroup
If you must use A records, implement automatic updates:
# PowerShell script to update GoDaddy DNS
$headers = @{
"Authorization" = "sso-key $($apiKey):$($apiSecret)"
}
$body = @{
data = (Resolve-DnsName mymachine.cloudapp.net).IPAddress
} | ConvertTo-Json
Invoke-RestMethod -Method Put -Uri "https://api.godaddy.com/v1/domains/mydomain.com/records/A/@" -Body $body -Headers $headers
For production sites, we recommend:
- Using Azure App Service with custom domains instead of raw VMs
- Implementing Azure Front Door for global traffic routing
- Migrating DNS to Azure DNS or Cloudflare for modern record support