I gotta say, this reads like a web developer commenting on a networking issue. The big red flag is "some DNS servers let you do this." In the web world, that's what a standard looks like - some browsers implement a feature, and it has a pretty fair chance of becoming a standard.
The rest of the network, everyone has to agree, and we manage that consensus by following standards, which tend to look ambiguous when they say something you wish they didn't.
Yes it will work, for your current view of working. It's not the CNAME that breaks when you do this, it's all the other records.
You can't return a CNAME and something else. So your MX, NS, TXT, etc. records will be in an unknown state based on the client resolver/software. You'll see 40%-60% of your inbound email fail.
Not this again. Why does this get dug up repeatedly? I've seen this show up off and on every year for the past 10 years.
It doesn't work everywhere, it's not expected to work robustly anywhere, even if your server supports it not all clients will and there's just no need to do it. No matter how many out of date RFCs you quote. This hasn't changed in the past 10 years!
So, yeah, using CNAMEs on your domains works great, except for all those times it doesn't work at all, like with the largest residential ISP in the United States.
That isn't exactly what I would expect for an soa record (cname reference to another soa). Could cause problems with secondary servers and serial numbers...
Note: Edited post, as I was (for a while) unable to view the site in chrome, but it worked in safari. Could have just been a timing/propagation issue though as it is working now.
There's another work-around I've been using for 6+ months now. A cronjob which resolves the CNAME target (i.e., the ELB hostname) to an IP, then dynamically updates the A record(s) for the zone. It's a hack, but it does the job.
The uncoolness in most hacks like this is they can accidentally create a single point of catastrophic failure. If your cron job fails to run for a while, your entire website will go down.
Yeah this is the kind of imprecise descriptions of technical things I hate. If it were an article written for the average person I might let it slide, but if you're setting up DNS records you should have a clearer understanding of what DNS is, rather than something that "allows you to route all traffic from one domain to another".
The only reason it 'doesnt' work is that you then have to handle mail on the same hosts as web and https; Many consider that to be bad practice.
I can put all many gigs of email in a flat file called 'mbox' -- that doesn't mean it's a good idea.
The 'traditional' way to handle this without doing all kinds of nasty, is to simply use the standard A/MX combo and either proxy/redirect back to the 'www' version.
slashdot.org has been doing it for years as 'proof' though, so, congrats?
The rest of the network, everyone has to agree, and we manage that consensus by following standards, which tend to look ambiguous when they say something you wish they didn't.