Response Policy Regular Expression Question
Havard Eidnes
he at uninett.no
Mon Jan 24 14:12:59 UTC 2022
> I am trying to create an NXDOMAIN response-policy for the
> following example domain:
>
> x.yy.*.*.dns.*
>
> I have reviewed RFC1034 & RFC4592 and many online articles and
> blog postings, but thus far have not found anything suggesting
> that this type of match is possible. Am I expecting too much?
> :)
In a word: yes.
If I'm not terribly mistaken, the DNS response policy code uses
normal DNS lookup mechanisms. What you see sometimes in the DNS
is '*' which is a "wildard". It is not used to form Regular
Expressions(!) Furthermore, it has the limitation that it can
only occur once in a query, and match a single label at the
leftmost edge of the looked-up name, and if registered in a zone,
its data will be returned if the looked-up name doesn't otherwise
exist in the zone (or if it's explicitly queried for).
Regards,
- Håvard
More information about the bind-users
mailing list