Can I use nested DNS wildcard records

Question

I would like to have multiple dns entries with wildcards such that one entry is nested as subdomain of another

CNAME *.example.com -> webserver.example.com
CNAME *.api.example.com -> apiserver.example.com

The intention being that I can use customer.example.com to access the webserver and customer.api.example.com to access the api server.

Since customer.api.example.com is a valid match for both of the wildcard entries i'm not sure how this will get resolved.

I have tested this on AWS route53 as the DNS provider and it seems to work as expected.customer.api.example.com resolved to the api server. But i'm not sure if this is guaranteed by the DNS spec or was just chance it picked the correct server.

Is this behaviour something I can rely on to be consistent?

score 7 · Accepted Answer · edited Oct 07 '21 at 07:34

7

This approach is ok, DNS server use the most specific match which is *.api.example.com for customer.api.example.com The behavior should be consistent because is defined in RFC 1034

edited Oct 07 '21 at 07:34

Community

1

answered Nov 29 '18 at 11:47

Quantim

1,358
10
15

Can I use nested DNS wildcard records

1 Answers1