Wildcard Q/A

Chris Buxton cbuxton at menandmice.com
Wed Mar 21 17:54:00 UTC 2007

A wildcard is a special node in the namespace tree that is used as a  
template to answer queries about its nonexistent siblings. (It also  
covers descendants of non-existent siblings.) Any query for such a  
nonexistent node is answered based on the template provided by the  
wildcard node.

You should not have a wildcard on the right side of a CNAME record.  
Instead, point the CNAME record to a normal name; that name might be  
a nonexistent name that is covered by the other wildcard. What you  
have may work with some resolving name servers, but I don't think it  
is correct according to the RFCs.


*.foo.example.    CNAME www.bar.example.
*.bar.example.    A

Otherwise, there's nothing wrong with using wildcards they way you  
currently do. Just be aware that, for example, if you create an MX  
record with a particular name, the wildcard won't be used to  
synthesize an A record for that same name in response to a query,  
because that node will then exist - even though it doesn't own an A  


*.bar.example.    A
sub.bar.example.  MX    10  mail.bar.example.

Query: sub.bar.example. IN A
Answer: "no data" negative response (the node exists but does not own  
that record type)

Hope this helps.

Chris Buxton
Men & Mice

On Mar 21, 2007, at 6:33 AM, AF wrote:

> I have a wildcard A record setup and pointed to my web server.. for
> example:
> *.bar.com. IN A
> The web site on this server responds to any request and builds the
> pages based on their URL (foo.bar.com, me.bar.com, etc.)
> I can also setup CNAMEs to do the same.. for example:
> *.foo.com. IN CNAME *.bar.com.
> This gives different pages & URLs too (abc.foo.com, def.foo.com, etc.)
> Is there a preferred way to manage that first wildcard? Why should I
> *not* do this? I have read mixed reviews about its use. Really, could
> I just have a regular A record (www.bar.com. IN A and then
> have the wildcard CNAME pointed to it? Same end result?
> Thanks All.

More information about the bind-users mailing list