Hello Chris, On 29 May 2014, at 14:22 , Chris <[email protected]> wrote:
> Now I see that 'test.wildcard.testdomain.asia' no longer resolves. Looking in > the database there is a new entry for 'test.wildcard.testdomain.asia' with > null 'type' and 'content', so I assume that pdns sees that record with no > content and figures there is nothing to do. > > My question is, should this happen? Resolving other names on the wildcard > look fine, eg. 'test1.wildcard.testdomain.asia': Yes, this is intentional behaviour. You will find that other name servers (BIND, NSD) show the same behaviour, even before you enable DNSSEC. Your subdomain.test entry in effect creates a ‘test’ subtree, which means the wildcard no longer applies to queries for anything in .test. For more information, please see http://doc.powerdns.com/html/dnssec-modes.html#dnssec-direct-database https://tools.ietf.org/html/rfc1034#section-4.3.2 https://tools.ietf.org/html/rfc4592#section-2.2 Kind regards, -- Peter van Dijk Netherlabs Computer Consulting BV - http://www.netherlabs.nl/
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
