Discussions

Hey ControlD team and community,

As someone who loves ControlD’s geo-redirect rules and malware blocking, I’m hoping we can rally support for a long-requested feature: CNAME flattening. This would solve a 5-year-old pain point while amplifying ControlD’s strengths.

Why This Matters

• RFC 1034 Workaround: Root domains (e.g., example.com) can’t natively use CNAMEs, breaking setups for Heroku, AWS, and Microsoft 365 email validation. Flattening resolves this elegantly.
• Speed Boost: Cloudflare observed ~30% faster CNAME resolution by resolving chains at the edge—ControlD’s anycast network could achieve similar gains.
• Years of Requests: Users have asked for this since 2020. Many resorted to alternatives like NextDNS as temporary fixes.

ControlD’s Opportunity to Shine

While others offer basic flattening, ControlD’s unique toolkit could make this best-in-class:

• Traffic Redirection Synergy: Flattened CNAMEs could route through 100+ exit nodes. Imagine resolving app.example.com to Vercel and optimizing traffic through São Paulo or Singapore.
• Granular Toggles: Let users enable flattening per-domain (e.g., example.com flattened, blog.example.com untouched). Competitors lack this precision.
• Security Edge: Your malware blocker could inspect CNAME chains pre-resolution, stopping threats earlier than reactive blocklists.

Proposal

1. Selective Flattening: Apply only to root domains to avoid breaking subdomain validations (Let’s Encrypt, etc.).
2. Edge Caching: Reduce upstream queries by resolving chains once per PoP.
3. Dashboard Toggle: A simple switch in the DNS settings for power users.

This isn’t just a checkbox—it’s about solving a longstanding community need while staying true to ControlD’s ethos of speed, privacy, and customization.