If I have a wildcard domain, is it possible to list specific subdomains that override the wildcard one?
For example:
*.domain.com. 3600 IN A 1.2.3.4
foo.domain.com. 3600 IN A 9.9.9.9
Asked
Active
Viewed 2,272 times
2 Answers
12
Yes, like Zoredache says, "this works".
There are some caveats though with wildcards that it's worth knowing:
The wildcard matches one or more labels, so in your case
foo.bar.domain.comwill be matched by the wildcard, butbar.foo.domain.comwill returnNXDOMAINbecause the presence offooprevents any sub-domains offoofrom matchingThe wildcard match is RRtype specific. However If the wildcard and override records don't have the same RRtype then the over-riding records will still "hide" the wildcard, but you get
NODATA(i.e. no answer,rcode == NOERROR).
e.g.
$ORIGIN example.com.
* IN A 192.168.1.1
foo IN TXT "foo"
% dig @localhost foo.example.com. A
(abbreviated)
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36960
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
Alnitak
- 21,191
- 3
- 52
- 82
-
1Sorry but this is a bit cryptic for me to understand. – Unknown Jun 03 '09 at 08:02
-
Does a definition of *.foo.domain.com. work to avoid NXDOMAIN for bar.foo.domain.com ? – Steve Schnepp Jun 03 '09 at 09:25
-
@Steve - I believe so, yes. (I haven't tested it though) – Alnitak Jun 03 '09 at 15:06
10
Yes, this works.
Zoredache
- 130,897
- 41
- 276
- 420
-
2Absolutely. The * record is only consulted if there are no more specific records that match the query. – David Mackintosh Jun 02 '09 at 19:27