Using Fastly with apex domains

  Last updated May 21, 2019

Some customers use only their second-level or apex domain (e.g., example.com rather than www.example.com) as their canonical domain. Due to limitations in the DNS specification, we don't recommend placing a CNAME record at the apex domain or using the CNAME Flattening features offered by some DNS providers (e.g., ALIAS or ANAME).

Instead, we offer anycast IP addresses for content that must be hosted on a second-level or apex domain. Our anycast options allow you to add A (IPv4) or AAAA (IPv6) records that point your apex domain at Fastly, prioritizing either performance or cost, depending on the option you choose.

Anycast options and how to request them

Fastly offers the following anycast options to all paid customers.

Global anycast option

Fastly offers anycast IP addresses that allow you to use our entire global network to route requests to the nearest Fastly POP (from a network perspective), without regard to the billing region in which that POP resides.

Choose this option to prioritize traffic routing performance and to avoid restricting traffic to specific POPs. We'll provide you with four anycast IP addresses, which you then enter into your DNS records.

Billing Zone anycast options

Fastly offers anycast IP addresses that allow you to restrict where requests get routed based on the cost of its travel through groups of specific billing regions called "zones."

Choose one of these options to prioritize cost savings over performance:

We'll provide you with two anycast IP addresses, which you then enter into your DNS records. Fastly will use these addresses to serve traffic only from the POPs included in the zones listed above, even if those POPs are unlikely to give the best performance for any given request.

Requesting anycast IP addresses

To request one of Fastly's anycast options, contact support@fastly.com. We don’t charge extra for these options, however, you must be using one of Fastly's paid plans (with or without a contract) to take advantage of them.

We'll provide you with the anycast IP addresses appropriate for the option you choose so you can enter those addresses into your DNS records. Be sure to enter all of them to ensure maximum availability and reliability.

Apex domain problems and their workarounds

The DNS instructions in RFC1034 (section 3.6.2) state that, if a CNAME record is present at a node, no other data should be present. This ensures the data for a canonical name and its aliases cannot be different. Because an apex domain requires NS records and usually other records like MX to make it work, setting a CNAME at the apex would break the "no other data should be present" rule.

In general, the problem with apex domains happens when they fail to redirect to their www equivalents (example.com points nowhere instead of pointing to www.example.com). Two workaround options exist:

Neither workaround, however, is ideal.

Back to Top