Asterisk in RRs?

Kevin Darcy kcd at chrysler.com
Fri Jul 11 03:37:18 UTC 2008


Chris Buxton wrote:
> On Jul 10, 2008, at 1:01 PM, Peter Laws wrote:
>   
>> OK, so not *strictly speaking* a BIND question, but y'all are smart  
>> people.
>> Is a * legal in a resource record?  I'm thinking not, but I can't  
>> find a
>> canonical source.  I assume it would be in an RFC, but which one?   
>> One of
>> the oldies from the 1980s?
>>     
>
> The asterisk character is special in domain names and is used to  
> create wildcard nodes in the namespace. Go back to RFC 1034, sections  
> 4.3.2 and 4.3.3.
>
> Briefly, the * must be a label unto itself, and it must be the  
> leftmost label in the name. It can only appear in the owner name of a  
> record, not in the RData. Any other use (in a domain name) is invalid.
>
>   
Actually, it's legal for asterisks to appear in non-wildcard contexts 
(see Proposed Standard, RFC 4592, Section 2.1 et seq).

It continues to be illegal for non-wildcarding asterisks to appear in 
*host* names (RFC 952), however, so they are prohibited from being used 
in certain contexts (e.g. in the owner name of an A record). Similar 
restrictions apply to underscores.

-Kevin



More information about the bind-users mailing list