Long TXT record is split by whitespace

What is the name of the domain?

ajax.systems

What is the issue you’re encountering

Records is split with whitespace

What steps have you taken to resolve the issue?

  1. I found a similar issue reported earlier - Adding a long DKIM record from Clickfunnels
    Is it something that will be fixed soon or not? How to deal with this “feature”?

What feature, service or problem is this related to?

DNS records

What are the steps to reproduce the issue?

  1. I’ve created TXT record with such value:
"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8LYXmbv5cCDCvtu3gsI4KR1M5xySg/3HrMVU31cTwMxZBUylVylQtr1169IFOz2Q6HNobZGAD+ini9tyMW1OxsUUPrLFAA0d54W2iRrrGMQz6B8ypZaPQJgMfWtJiUidUGxY95eDNLG4suC1SnxVZiR4iRQ72gOQ6ta4+UDHwYNIsaL1Meduo5OWYwF201gb" "a831MBkvLKKFDN0v+03eI5ZLzCGIpdFthNjDV7mbv/ZLFXuNJUoz1P7jSJWN91TAoLzAkwkKUCGs+CKj/yTdstDqFxPK3eoWxKOjQjmtlOy6/l6WEiNjkFAODqmvGT6Z/Yh/pPUUvMWJdelySiqFQIDAQAB"

Screenshot of the error

Can you explain what you expected to be different? The whitespace is part of your input:
image

You should remove the " " from the middle of your record.

@Laudian this screenshot how it looks like after update. I create it without this whitespace but when I press edit button it shows with this whitespace. Also, right after update when I dig it I got answer with whitespace.

Sorry, I pasted wrong value for TXT in my initial message. TXT record that I’m creating doesn’t have this whitespace:

"v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8LYXmbv5cCDCvtu3gsI4KR1M5xySg/3HrMVU31cTwMxZBUylVylQtr1169IFOz2Q6HNobZGAD+ini9tyMW1OxsUUPrLFAA0d54W2iRrrGMQz6B8ypZaPQJgMfWtJiUidUGxY95eDNLG4suC1SnxVZiR4iRQ72gOQ6ta4+UDHwYNIsaL1Meduo5OWYwF201gba831MBkvLKKFDN0v+03eI5ZLzCGIpdFthNjDV7mbv/ZLFXuNJUoz1P7jSJWN91TAoLzAkwkKUCGs+CKj/yTdstDqFxPK3eoWxKOjQjmtlOy6/l6WEiNjkFAODqmvGT6Z/Yh/pPUUvMWJdelySiqFQIDAQAB"

That’s completely normal, TXT records are automatically split every 255 characters. You can dig any DKIM record you want, they all have this whitespace if they are longer than 255 characters.

1 Like

I’ve just tested this. If you put your record in quotation marks, you will also see the automatic split in the middle of the record.

If you save it without quotation marks, you also don’t see the split. But it’s still there in the record that gets served.

Hmmm, but it’s recommended to have in double quotes :upside_down_face: - Warning for TXT records without double quotes

Thanks @Laudian

It makes no difference at all. Cloudflare automatically adds the quotes anyway, same as the automatic split.

I think the recommendation is terrible advice.

@janik1 could you advise me on what to do in this case? Should I rollback double quotes for my TXT records and rely on Cloudflare under the hood?

This is correct. DNS strings are limited to a maximum of 255 bytes; the quotes just make that more explicit. There is no difference either way in how these records are served at the edge. The only difference is that with quotes, the splitting is done directly in the API, so you can see it happening and have control over it.

The quoted representation is the more correct and unambiguous one (because its behavior is clearly defined by RFC 1035) while the unquoted representation is always interpreted as a single string. Something like hello world (not quoted) would be two strings per RFC 1035 (and the space character would be discarded), but in our case would be interpreted as one string (with the space character). It’s also not clearly specified how exactly escape sequences and special characters would behave in an unquoted content. Quoting solves all of that ambiguity: the record content will exactly match what you see in, e.g., DiG’s output, and what you’d see in a zone file export.

In the future we may improve the UI to make it easier to edit quoted records with multiple strings (or at least to avoid confusion around the intermediate extra quotes). Suggestions around that are always welcome—I’ll pass them along!

In the meantime, I’d recommend keeping the quotes. They make the split more explicit and reduce ambiguity without actually changing anything about your record at the edge.

2 Likes

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.