> Date: Wed, 7 Jun 2006 18:18:58 -0700 > From: Bill Jonas > Subject: Wildcarded CNAMEs (slightly OT) > To: plug-discuss@lists.plug.phoenix.az.us > Message-ID: <20060608011858.GW14161@agent-smith.billjonas.com> > Content-Type: text/plain; charset=3D"us-ascii" > > I ran into a situation at work today when configuring DNS for a > customer. > > Is it permissible to have a wildcarded CNAME? I'm talking about, > conceptually, a zone file that looks like this after the SOA record: > > example.com. IN NS ns1.foo.bar. > example.com. IN NS ns2.foo.bar. > example.com. IN CNAME example.net. > *.example.com. IN CNAME example.net. > > BIND (We're using some version of BIND 9, but I don't have access to > our name servers) didn't answer lookup requests for example.com or > www.example.com. The logs (viewed by the admin in charge of those > servers) didn't show anything amiss, I don't think. > > Google wasn't too helpful with 'wildcard cname' (no quotes). The > closest I came was RFC 1912 (http://rfc1912.x42.com/), section 2.4, but > it still didn't quite fit. Other results were on mailing lists for BIND > and other DNS software discussing implementation errors and bugs. > > I got around the problem by changing those CNAME records to A > records, but I'm really curious if wildcarded CNAMEs are prohibited, and > in what RFC. If not, is this a bug in BIND? (I'd ask about the > resolver while I'm at it, but it would have the least to do with the > problem, and lookups timed out on Windows, FreeBSD, and Linux.) > > Thanks for any light anyone can shed on this. What you want to do is supported in Bind. Ie: Zone file for ipgods.com: ======================================================================== $TTL 86400 ; 1 day ; name class type origin @ IN SOA deru.net. postmaster.deru.net. ( 2006060701; serial 10800 ; refresh 3 hours 3600 ; retry 1 hour 3600000 ; expire ~41 days 86400 ) ; minimum 1 day IN NS ns1.deru.net. IN NS ns2.deru.net. IN MX 10 mail IN A 140.99.36.235 www IN A 140.99.36.235 smtp IN A 140.99.36.235 pop IN A 140.99.36.235 mail IN A 140.99.36.235 ftp IN A 140.99.36.235 *.google IN CNAME www.google.com. ======================================================================== [root@ns1.deru.net] $ nslookup bubba.google.ipgods.com Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 140.99.0.2 Address: 140.99.0.2#53 bubba.google.ipgods.com canonical name = www.google.com. www.google.com canonical name = www.l.google.com. Name: www.l.google.com Address: 66.102.7.104 Name: www.l.google.com Address: 66.102.7.147 Name: www.l.google.com Address: 66.102.7.99 [root@ns1.deru.net] $ nslookup myexample.google.ipgods.com Note: nslookup is deprecated and may be removed from future releases. Consider using the `dig' or `host' programs instead. Run nslookup with the `-sil[ent]' option to prevent this message from appearing. Server: 140.99.0.2 Address: 140.99.0.2#53 myexample.google.ipgods.com canonical name = www.google.com. www.google.com canonical name = www.l.google.com. Name: www.l.google.com Address: 66.102.7.99 Name: www.l.google.com Address: 66.102.7.104 Name: www.l.google.com Address: 66.102.7.147 ;-) Darin --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss