On Mon, Sep 29, 2014 at 08:52:41PM -0700, Ronald F. Guilmette wrote: > *.colors IN A 127.0.0.2 > *.jason.purple.colors IN A 127.0.0.3 > ; *.purple.colors IN A 127.0.0.4 > =========================================================================== > > Note that that last line is commented out. > > Curiously, when I do this query: > > dig simon.purple.colors.test0.tristatelogic.com > > I get back NXDOMAIN. Why? > > Intutively I would have thought that this query would have been matched > by "*.colors", but the presence of jason seems to be throwing a monkey > wrench into the works for simon!
See RFC 1034 section 4.3.3:
Wildcard RRs do not apply:
- When the query name or a name between the wildcard domain and
the query name is know to exist. For example, if a wildcard
RR has an owner name of "*.X", and the zone also contains RRs
attached to B.X, the wildcards would apply to queries for name
Z.X (presuming there is no explicit information for Z.X), but
not to B.X, A.B.X, or X.
Also see RFC 4592 section 2.2.2 (empty non-terminals) which would apply
above and make purple.colors.test0.tristatelogic.com "exist".
Mukund
pgpLT8asSUKv0.pgp
Description: PGP signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
