Clarification on wildcard falls into glue records

Tony Finch dot at dotat.at
Tue May 15 14:53:41 UTC 2012


Sam Wilson <Sam.Wilson at ed.ac.uk> wrote:
>
> Is a name on the RHS of an RR regarded as existing enough to prevent
> wildcard lookup?

No, only RR owner names.

> In this I would have expected the NS lookup to be followed by an A
> lookup for abc.a.example.com which would match the wildcard, assuming no
> other records match that name on the LHS.

Yes that should work. The latter answer might appear to be missing because
additional section processing is a bit special. In your original question
you mentioned glue, which is only necessary for delegations above the zone
cut, and probably should not rely on wildcards. If this is a zone apex NS
RRset then the server doesn't have to fill in the additional section. See
the example below, from a nameserver that has minimal-responses turned on.

; <<>> DiG 9.8.1-P1 <<>> ns dotat.at
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41609
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;dotat.at.                      IN      NS

;; ANSWER SECTION:
dotat.at.               3600    IN      NS      ns1.gratisdns.dk.
dotat.at.               3600    IN      NS      black.dotat.at.
dotat.at.               3600    IN      NS      puck.nether.net.
dotat.at.               3600    IN      NS      ns3.gratisdns.dk.

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue May 15 15:52:19 2012
;; MSG SIZE  rcvd: 123

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
Forties, Cromarty, Forth, Tyne, Dogger: Northwest 5 to 7, occasionally 4 in
Forth and Tyne. Moderate or rough, occasionally very rough in Forties and
Dogger. Showers. Good, occasionally moderate.



More information about the bind-users mailing list