BIND 9.2 and Wildcards (MYSTERIOUS!)

Mark Andrews Mark_Andrews at isc.org
Tue Aug 31 22:41:12 UTC 2004 

> At 15:33 -0500 8/31/04, Peter John Hartman wrote:
> >You've got it, but how do I resolve this problem.
> 
> By doing what you're doing. ;)  You have to repeat the wild card 
> record everywhere you create a "shadow."
> 
> >We have some legacy sites which need to go to an old server, so our 
> >zone file looks like this:
> >
> >yellowcreek.in.us       A       199.8.232.8
> >                         IN      MX      0       MX1.MENNONITE.NET.
> >                         IN      MX      10      MX2.MENNONITE.NET.
> >www.yellowcreek.in.us   A       199.8.232.8
> >                         IN      MX      0       MX1.MENNONITE.NET.
> >                         IN      MX      10      MX2.MENNONITE.NET.
> >*.mennonite.net.    14400   IN  A   199.8.232.35
> 
> So - you'd need *.in.us, *.us, and *.yellowcreek.in.us if you want to 
> cover all other names.   (The latter only if you worried about 
> smtp.yellowcreek.in.us)
> 
> It's a pain - but it's not BIND's problem, its the way DNS was 
> defined years ago.  Compounding this is that the original wording has 
> confused a generation of DNS server writers - there has been 
> off-and-on a draft that clear this up.
> 
> (The off-and-on part is my fault.  I'm supposed to work on that.)
> 
> >Was this just a loophole in older BIND that BIND 9 fixed?
> 
> Maybe.  Wild cards are really confusing, especially to DNS (not just 
> BIND) developers.  I know there's been a flip-flop on how empty 
> non-terminals from version to version.  Mark Andrews (on this list) 
> can give you a much better answer regarding this in BIND.  He's the 
> (human) authoritative server on this. ;)

	Or people should just look at CHANGES.

1411.   [bug]           empty nodes should stop wildcard matches. [RT #4802]

	This was actually a disagreement between the DNSSEC RFC's and
	the base DNS RFC's.  The disagreement has now been resolved in
	favour of the base documents.
 
> -- 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Edward Lewis                                            +1-703-227-9854
> ARIN Research Engineer
> 
> "I can't go to Miami.  I'm expecting calls from telemarketers." -
> Grandpa Simpson.
> 
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list