wildcard resolves queries for all non-existing domains

Gregory Hicks ghicks at cadence.com
Tue Feb 14 13:53:12 UTC 2006 

> Date: Tue, 14 Feb 2006 14:48:10 +0100
> From: Sim <simvirus at gmail.com>
> To: bind-users at isc.org
> Subject: wildcard resolves queries for all non-existing domains
> 
> Hi!
> 
> I have a problem with wildcard. It resolves queries for all
> non-existing domains.

Working just the way it is supposed to work.  If your server does not
have the info required, but has a wildcard, that wildcard info is
passed back.  This may not be what you really want though.

(Wildcards in DNS are *dangerous*!)

> 
> # uname -n
> ns1.test.com
> 
> # cat /etc/resolv.conf
> nameserver 127.0.0.1
> 
> .. named/master/test.com
> -------------------------
> $TTL 43200
> *		       IN      SOA     ns1.test.com. 
postmaster.test.com. (
>                                 2006020406
>                                 28800
>                                 2880
>                                 1814400
>                                 86400 )
> ;
>                         NS      ns1
>                         NS      ns2
>                         MX      10 mx
> ;
> ns1                    A       192.168.1.1
> ns2                    A       192.168.1.2
> mx                     A       192.168.1.10
> www                   A       192.168.1.20
> *                         A       192.168.1.100
> ------------------------
> 
> # dig qwertyu12345.com
> 
> ;; QUESTION SECTION:
> ;qwertyu12345.com.              IN      A
> 
> ;; AUTHORITY SECTION:
> com.                    10800   IN      SOA     a.gtld-servers.net.
> nstld.verisign-grs.com. 1139924349 1800 900 604800 900
> 
> ;; Query time: 142 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> 
> 
> --------------------------
> 
> # ping qwertyu12345.com
> PING 192.168.1.100 ....
> 
> # ping qwertyu1234.com
> PING 192.168.1.100 ....
> 
> # ping qwertyu123.com
> PING 192.168.1.100 ....
> 
> etc...
> 
> I have tryied with ...
> 
> " test.com.   IN      SOA     ns1.test.com. postmaster.test.com. ( "
> 
> ...but the resoult is the same.
> 
> Thanks!
> 
> 

---------------------------------------------------------------------
Gregory Hicks                           | Principal Systems Engineer
Cadence Design Systems                  | Direct:   408.576.3609
555 River Oaks Pkwy M/S 6B1             | Fax:      408.894.3479
San Jose, CA 95134                      | Internet: ghicks at cadence.com

I am perfectly capable of learning from my mistakes.  I will surely
learn a great deal today.

"A democracy is a sheep and two wolves deciding on what to have for
lunch.  Freedom is a well armed sheep contesting the results of the
decision." - Benjamin Franklin

"The best we can hope for concerning the people at large is that they
be properly armed." --Alexander Hamilton

More information about the bind-users mailing list