Unexpected wildcard matching
ip admin
ipmanx at googlemail.com
Fri Jan 25 13:30:23 UTC 2013
Hello,
I want to have a dummy (internal) root NS to resolve specific name
hello.test.com to 4.5.6.7, everything else to 1.2.3.4.
Using a wildcard does not work as expected (by me), though.
1st attempt:
# cat db.root
$TTL 86400
@ IN SOA ns1.root.internal.
dnsadmin.root.internal. 1 21600 3600 604800 600
IN NS ns1.root.internal.
* IN A 1.2.3.4
hello.test.com. IN A 4.5.6.7
# dig +short @localhost hello.test.com
4.5.6.7
# dig +short @localhost hello.test.net
1.2.3.4
# dig +short @localhost other.test.com
# dig +short @localhost other.test-it.com
# dig +short @localhost other.test.org
1.2.3.4
# dig +short @localhost other.test.net
1.2.3.4
Result: returns NXDOMAIN for anything ending in .com - probably because of
hello.test.com!
2nd attempt:
# cat db.root
$TTL 86400
@ IN SOA ns1.root.internal.
dnsadmin.root.internal. 1 21600 3600 604800 600
IN NS ns1.root.internal.
* IN A 1.2.3.4
*.com. IN A 1.2.3.4
hello.test.com. IN A 4.5.6.7
# dig +short @localhost hello.test.com
4.5.6.7
# dig +short @localhost hello.test.net
1.2.3.4
# dig +short @localhost other.test.com
# dig +short @localhost other.com
1.2.3.4
Result: returns NXDOMAIN for anything matching label1.label2.com, works for
label1.com however. Again existing entry for hello.test.com seems to
override wildcards in an unexcpected way.
3rd attempt:
# cat db.root
$TTL 86400
@ IN SOA ns1.root.internal.
dnsadmin.root.internal. 1 21600 3600 604800 600
IN NS ns1.root.internal.
* IN A 1.2.3.4
*.com. IN A 1.2.3.4
*.test.com. IN A 1.2.3.4
hello.test.com. IN A 4.5.6.7
# dig +short @localhost hello.test.com
4.5.6.7
# dig +short @localhost hello.test.net
1.2.3.4
# dig +short @localhost other.test.com
1.2.3.4
# dig +short @localhost other.test-it.com
1.2.3.4
# dig +short @localhost other.test.org
1.2.3.4
# dig +short @localhost other.test.net
1.2.3.4
Result: finally what I wanted
Any idea why the wildcard matching is affected by the individual
levels/labels of hello.test.com?
If multiple enties exist in addition to the wildcard the strange behaviour
applies to them as well, e.g. I need:
# cat db.root
$TTL 86400
@ IN SOA ns1.root.internal.
dnsadmin.root.internal. 1 21600 3600 604800 600
IN NS ns1.root.internal.
* IN A 1.2.3.4
*.com. IN A 1.2.3.4
*.test.com. IN A 1.2.3.4
hello.test.com. IN A 4.5.6.7
*.bar. IN A 1.2.3.4
*.foo.bar. IN A 1.2.3.4
hello.foo.bar. IN A 8.9.10.11
to resolve specific names hello.test.com and hello.foo.bar to their
respective IPs and everything else to 1.2.3.4.
(DNS-Server version happens to be BIND 9.7.4-P1)
Regards
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130125/fc896da9/attachment.html>
More information about the bind-users
mailing list