Re: Interesting behavior with wildcard domains

2016-02-24 Thread Warren Kumari 
On Wed, Feb 24, 2016 at 12:30 PM Mark Andrews  wrote:

>
> In message , Mathew Ian Eis
> write
> s:
> Illegal character '-' in input file.
> > Hi BIND,
> >
> > Ive encountered (quite by accident) an interesting behavior in BIND with
> > wildcard domains:
> >
> > The relevant configuration is a zone; e.g. bar.com, with what Ill call a
> > second level wildcard host, e.g. *.foo.bar.com A 10.10.10.5 in that
> zone.
> > (as opposed to what might be considered the more usual wildcard host
> > record of *.bar.com).
> >
> > buz.foo.bar.com returns A 10.10.10.5 as expected.
> >
> > However, a query for foo.bar.com returns NOERR with zero results, when I
> > would expect a NXDOMAIN.
>
> Why?  If *.foo.bar.com exists then foo.bar.com, bar.com and com all exist.
>
> > Anyone know if the NOERR with zero results is the expected / correct
> > behavior?
>
> It is the expected behaviour
>

Nah, it is the *correct* behavior, fairly clearly it is not the *expected*
behavior :-P

W
(sorry, I'm feeling ornery today...)




> > Thanks in advance,
> >
> > Mathew Eis
> > Northern Arizona University
> > Information Technology Services
> >
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Interesting behavior with wildcard domains

2016-02-23 Thread Mathew Ian Eis 
This is what I was looking for - thanks!

From: 
<bind-users-boun...@lists.isc.org<mailto:bind-users-boun...@lists.isc.org>> on 
behalf of "Darcy Kevin (FCA)" 
<kevin.da...@fcagroup.com<mailto:kevin.da...@fcagroup.com>>
Date: Tuesday, February 23, 2016 at 4:29 PM
To: "bind-users@lists.isc.org<mailto:bind-users@lists.isc.org>" 
<bind-users@lists.isc.org<mailto:bind-users@lists.isc.org>>
Subject: RE: Interesting behavior with wildcard domains

See “empty non-terminal” in https://www.rfc-editor.org/rfc/rfc4592.txt.


- Kevin


From: bind-users-boun...@lists.isc.org<mailto:bind-users-boun...@lists.isc.org> 
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Noel Butler
Sent: Tuesday, February 23, 2016 6:19 PM
To: bind-users@lists.isc.org<mailto:bind-users@lists.isc.org>
Subject: Re: Interesting behavior with wildcard domains


On 24/02/2016 09:13, Mathew Ian Eis wrote:
Hi BIND,

I've encountered (quite by accident) an interesting behavior in BIND with 
wildcard domains:

The relevant configuration is a zone; e.g. bar.com, with what I'll call a 
"second level" wildcard host, e.g. *.foo.bar.com A 10.10.10.5 in that zone. (as 
opposed to what might be considered the more usual wildcard host record of 
*.bar.com).

buz.foo.bar.com returns A 10.10.10.5 as expected.

However, a query for foo.bar.com returns NOERR with zero results, when I would 
expect a NXDOMAIN.

Anyone know if the NOERR with zero results is the expected / correct behavior?

Thanks in advance,

Mathew Eis
Northern Arizona University
Information Technology Services


It's expected, since its a *  "." foo...
you are asking for anything thast dot foo, your not asking for foo


--
If you have the urge to reply to all rather than reply to list, you best first 
read  http://members.ausics.net/qwerty/


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Interesting behavior with wildcard domains

2016-02-23 Thread Mark Andrews 

In message , Mathew Ian Eis write
s:
Illegal character '-' in input file.
> Hi BIND,
>
> Ive encountered (quite by accident) an interesting behavior in BIND with
> wildcard domains:
>
> The relevant configuration is a zone; e.g. bar.com, with what Ill call a
> second level wildcard host, e.g. *.foo.bar.com A 10.10.10.5 in that zone.
> (as opposed to what might be considered the more usual wildcard host
> record of *.bar.com).
>
> buz.foo.bar.com returns A 10.10.10.5 as expected.
>
> However, a query for foo.bar.com returns NOERR with zero results, when I
> would expect a NXDOMAIN.

Why?  If *.foo.bar.com exists then foo.bar.com, bar.com and com all exist.

> Anyone know if the NOERR with zero results is the expected / correct
> behavior?

It is the expected behaviour.

> Thanks in advance,
>
> Mathew Eis
> Northern Arizona University
> Information Technology Services
>
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: Interesting behavior with wildcard domains

2016-02-23 Thread Darcy Kevin (FCA) 
See “empty non-terminal” in https://www.rfc-editor.org/rfc/rfc4592.txt.


- Kevin

[FCA_Pantone_email]
--
Kevin Darcy
NAFTA Information Security Projects

FCA US LLC
1075 W Entrance Dr,
Auburn Hills, MI 48326
USA

Telephone: +1 (248) 838-6601
Mobile: +1 (810) 397-0103
Email: kevin.da...@fcagroup.com

From: bind-users-boun...@lists.isc.org 
[mailto:bind-users-boun...@lists.isc.org] On Behalf Of Noel Butler
Sent: Tuesday, February 23, 2016 6:19 PM
To: bind-users@lists.isc.org
Subject: Re: Interesting behavior with wildcard domains


On 24/02/2016 09:13, Mathew Ian Eis wrote:
Hi BIND,

I've encountered (quite by accident) an interesting behavior in BIND with 
wildcard domains:

The relevant configuration is a zone; e.g. bar.com, with what I'll call a 
"second level" wildcard host, e.g. *.foo.bar.com A 10.10.10.5 in that zone. (as 
opposed to what might be considered the more usual wildcard host record of 
*.bar.com).

buz.foo.bar.com returns A 10.10.10.5 as expected.

However, a query for foo.bar.com returns NOERR with zero results, when I would 
expect a NXDOMAIN.

Anyone know if the NOERR with zero results is the expected / correct behavior?

Thanks in advance,

Mathew Eis
Northern Arizona University
Information Technology Services


It's expected, since its a *  "." foo...
you are asking for anything thast dot foo, your not asking for foo


--
If you have the urge to reply to all rather than reply to list, you best first 
read  http://members.ausics.net/qwerty/


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Interesting behavior with wildcard domains

2016-02-23 Thread Noel Butler 
On 24/02/2016 09:13, Mathew Ian Eis wrote:

> Hi BIND, 
> 
> I've encountered (quite by accident) an interesting behavior in BIND with 
> wildcard domains: 
> 
> The relevant configuration is a zone; e.g. bar.com, with what I'll call a 
> "second level" wildcard host, e.g. *.foo.bar.com A 10.10.10.5 in that zone. 
> (as opposed to what might be considered the more usual wildcard host record 
> of *.bar.com). 
> 
> buz.foo.bar.com returns A 10.10.10.5 as expected. 
> 
> However, a query for foo.bar.com returns NOERR with zero results, when I 
> would expect a NXDOMAIN. 
> 
> Anyone know if the NOERR with zero results is the expected / correct 
> behavior? 
> 
> Thanks in advance, 
> 
> Mathew Eis 
> Northern Arizona University 
> Information Technology Services

It's expected, since its a *  "." foo... 
you are asking for anything thast dot foo, your not asking for foo 

-- 

If you have the urge to reply to all rather than reply to list, 
you
best first read  http://members.ausics.net/qwerty/

 ___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users