point CNAME Record to multiple wildcard A Records

Question

I am trying to point my cname to my wildcard FQDN which has multiple A-Records.

Dig Output:

;; QUESTION SECTION:
;access.domain.intra.   IN      A

;; ANSWER SECTION:
access.domain.intra. 3600 IN    CNAME   *.sub.domain.intra.
*.sub.domain.intra. 3600 IN    A       192.168.1.1
*.sub.domain.intra. 3600 IN    A       192.168.1.2
*.sub.domain.intra. 3600 IN    A       192.168.1.3
*.sub.domain.intra. 3600 IN    A       192.168.1.4
*.sub.domain.intra. 3600 IN    A       192.168.1.5

on Chrome it works, but with curl, firefox, wget and ping it doesn't.

$ ping access.domain.intra
ping: access.domain.intra: System error
$ wget -v access.domain.intra  
--2023-06-28 12:39:41--  http://access.domain.intra/
Resolving access.domain.intra (access.domain.intra)... failed: Success.
wget: unable to resolve host address ‘access.domain.intra’

I need to use *.sub.domain.intra to reach my cluster, but from a specific fqdn. Am I doing something wrong, or is there a better method?

I don't want to create, everytime I have a new site like access.domain.intra, 5 A Records. And I only want to update the A Records once with *.sub.domain.intra, when new nodes are added to the cluster.

Thanks!

score 0 · Answer 1 · answered Jun 28 '23 at 11:25

0

It should be set up in an opposite way:

access.domain.intra. A 192.168.1.1
                     A 192.168.1.2

; ...

*.sub.domain.intra. CNAME access.domain.intra.

answered Jun 28 '23 at 11:25

Nikita Kipriyanov

10,947
2
24
45

score 0 · Accepted Answer · answered Jun 28 '23 at 11:43

While Nikita is partially correct, the reason is that you can't use a wildcard on the RHS of a DNS record. Chrome is being lax.

You need an explicit name for the CNAME values then point your wildcards and aliases to that. One way to achieve that would be Nikita's suggestion, but if you are adding the access.domain.intra to a domain which already contains these round robin records, then the record presumably has a different lifespan, hence I would use a new intermediate name:

access.domain.intra. 3600 IN    CNAME   multi.domain.intra.
*.sub.domain.intra. 3600 IN    CNAME   multi.domain.intra.
multi.domain.intra. 3600 IN    A       192.168.1.1
multi.domain.intra. 3600 IN    A       192.168.1.2
multi.domain.intra. 3600 IN    A       192.168.1.3
multi.domain.intra. 3600 IN    A       192.168.1.4
multi.domain.intra. 3600 IN    A       192.168.1.5

I was too lazy to write a full blown explanation as to why is that :) — Nikita Kipriyanov, Jun 29 '23 at 05:05

point CNAME Record to multiple wildcard A Records

2 Answers2