BIND 10 #506: Analysis of Wildcard Processing

BIND 10 Development do-not-reply at isc.org
Wed Jan 26 08:35:48 UTC 2011 

#506: Analysis of Wildcard Processing
-------------------------------------+-------------------------------------
                 Reporter:  stephen  |                Owner:  jinmei
                     Type:           |               Status:  accepted
  enhancement                        |            Milestone:  A-Team-
                 Priority:  major    |  Sprint-20110126
                Component:           |           Resolution:
  b10-auth                           |            Sensitive:  0
                 Keywords:           |  Add Hours to Ticket:  0
Estimated Number of Hours:  3.0      |          Total Hours:  0
                Billable?:  1        |
                Internal?:  0        |
-------------------------------------+-------------------------------------

Comment (by jinmei):

 I've been looking at BIND 9's wildcard handling.

 I still need to read more for relatively minor cases, but
 the basic ideas are:

 '''When loading'''

 If the owner name is a wildcard (e.g. *.foo.example.com) and the RR type
 is
 !NS && !NSEC3, enable callback for the parent node (e.g. foo.example.com),
 and mark that node as "wild".

 '''When finding'''
  - The search context (FindState in our implementation) has a new
 (boolean) field, "wild"
  - in the zone cut callback, if no NS/DNAME is found and the node
     is marked as "wild", set the context's 'wild' field to 'true'.
     the callback shouldn't stop the search, because the wildcard
     may not be the best match.
  - when rbtree search completes with "PARTIALMATCH", and the search
    context indicates there has been a possible wildcard match
    (from the 'wild' field), find the wildcard node in the tree.
    it's has complicated logic due to various minor cases, but
    the common case is to follow the search chain (which we'd also
    use for empty node processing) and if a chain node is a
    wildcard, use it as a wildcard match.
  - once a wildcard match is found, use it as a normal match, except
    the owner name must be dynamically created.

 My proposal is to estimate this simple scenario as an initial task
 and add it to the task list.

 The analysis should continue to cover minor cases.

-- 
Ticket URL: <http://bind10.isc.org/ticket/506#comment:2>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development

More information about the bind10-tickets mailing list