[quote:116bc9b5e6][i:116bc9b5e6]Originally posted by Omar[/i:116bc9b5e6]
Could someone please explain to me what wildcard DNS does?
Also, is it possible to use wildcard dns with cpanel/whm ?
Thanks
- Omar[/quote:116bc9b5e6]
Wildcard A, CNAME and MX records are possible
You have to add like this record in your zone file.
[b:116bc9b5e6]*.domain.com. IN A 10.20.30.40[/b:116bc9b5e6]
But if you have i.e this record too
www IN A 10.20.30.41
Then any attempt to lookup hosts for that domain will resolve this way:
corporate.domain.com
staff.domain.com
support.domain.com
…
All of them will resolve to -& 10.20.30.40
Except for www which you have another A record for it:
www.domain.com -& 10.20.30.41
[b:116bc9b5e6]Wildcard A and CNAME records are confusing to users, and a potential nightmare if used without thinking first.[/b:116bc9b5e6] It could result (due again to domain searching) in any telnet/ftp attempts from within the domain to unknown hosts to be directed to one address. One such wildcard CNAME (in *.edu.com) caused Internet-wide loss of services and potential security nightmares due to unexpected interactions with domain searching. It resulted in swift fixes, and even an RFC ([RFC 1535]) documenting the problem.
Wildcard MXs are useful mostly for non IP-connected sites. A common mistake is thinking that a wildcard MX for a zone will apply to all hosts in the zone. A wildcard MX will apply only to names in the zone, which aren't listed in the DNS at all. e.g.
domain.com. IN NS ns1
domain.com. IN NS ns2
alpha IN A 10.20.30.41
*.domain.com. IN MX 5 sue
Mail for alpha.domain.com will be sent to itself for delivery. Only mail for delta.domain.com or any hosts you don't see above will be sent to the MX. [b:116bc9b5e6]For most Internet sites, wildcard MX records are not useful.[/b:116bc9b5e6] You need to put explicit MX records on every host.
Wildcard MXs can be bad, because they make some operations succeed when they should fail instead. Consider the case where someone in the domain &domain.com& tries to send mail to &mike@tetra&. If the host &tetra& doesn't actually exist, the mail should in fact bounce immediately. But because of domain searching the address gets resolved to &tetra.domain.com&, and because of the wildcard MX this is a valid address according to DNS. Or perhaps someone simply made a typo in the hostname portion of the address. The mail message then is routed to the mail host, which then rejects the mail with strange error messages like &I refuse to talk to myself& or &Local configuration error&.
Wildcard MX records are good for when you have a large number of hosts which are not directly Internet-connected (for example, behind a firewall) and for administrative or political reasons it is too difficult to have individual MX records for every host, or to force all e-mail addresses to be &hidden& behind one or more domain names. In that case, you must divide your DNS into two parts, an internal DNS, and an external DNS. The external DNS will have only a few hosts and explicit MX records, and one or more wildcard MXs for each internal domain. Internally the DNS will be complete, with all explicit MX records and no wildcards.
Could someone please explain to me what wildcard DNS does?
Also, is it possible to use wildcard dns with cpanel/whm ?
Thanks
- Omar[/quote:116bc9b5e6]
Wildcard A, CNAME and MX records are possible
You have to add like this record in your zone file.
[b:116bc9b5e6]*.domain.com. IN A 10.20.30.40[/b:116bc9b5e6]
But if you have i.e this record too
www IN A 10.20.30.41
Then any attempt to lookup hosts for that domain will resolve this way:
corporate.domain.com
staff.domain.com
support.domain.com
…
All of them will resolve to -& 10.20.30.40
Except for www which you have another A record for it:
www.domain.com -& 10.20.30.41
[b:116bc9b5e6]Wildcard A and CNAME records are confusing to users, and a potential nightmare if used without thinking first.[/b:116bc9b5e6] It could result (due again to domain searching) in any telnet/ftp attempts from within the domain to unknown hosts to be directed to one address. One such wildcard CNAME (in *.edu.com) caused Internet-wide loss of services and potential security nightmares due to unexpected interactions with domain searching. It resulted in swift fixes, and even an RFC ([RFC 1535]) documenting the problem.
Wildcard MXs are useful mostly for non IP-connected sites. A common mistake is thinking that a wildcard MX for a zone will apply to all hosts in the zone. A wildcard MX will apply only to names in the zone, which aren't listed in the DNS at all. e.g.
domain.com. IN NS ns1
domain.com. IN NS ns2
alpha IN A 10.20.30.41
*.domain.com. IN MX 5 sue
Mail for alpha.domain.com will be sent to itself for delivery. Only mail for delta.domain.com or any hosts you don't see above will be sent to the MX. [b:116bc9b5e6]For most Internet sites, wildcard MX records are not useful.[/b:116bc9b5e6] You need to put explicit MX records on every host.
Wildcard MXs can be bad, because they make some operations succeed when they should fail instead. Consider the case where someone in the domain &domain.com& tries to send mail to &mike@tetra&. If the host &tetra& doesn't actually exist, the mail should in fact bounce immediately. But because of domain searching the address gets resolved to &tetra.domain.com&, and because of the wildcard MX this is a valid address according to DNS. Or perhaps someone simply made a typo in the hostname portion of the address. The mail message then is routed to the mail host, which then rejects the mail with strange error messages like &I refuse to talk to myself& or &Local configuration error&.
Wildcard MX records are good for when you have a large number of hosts which are not directly Internet-connected (for example, behind a firewall) and for administrative or political reasons it is too difficult to have individual MX records for every host, or to force all e-mail addresses to be &hidden& behind one or more domain names. In that case, you must divide your DNS into two parts, an internal DNS, and an external DNS. The external DNS will have only a few hosts and explicit MX records, and one or more wildcard MXs for each internal domain. Internally the DNS will be complete, with all explicit MX records and no wildcards.
[quote:f29073249b][i:f29073249b]Originally posted by net4me[/i:f29073249b]
But is it possible to use wildards without own IP? How to setup the dns?[/quote:f29073249b]
Wildcard A, CNAME and MX records are possible
You have to add like this record in your zone file.
[b:f29073249b]*.domain.com. IN A 10.20.30.40[/b:f29073249b]
But if you have i.e this record too
www IN A 10.20.30.41
Then any attempt to lookup hosts for that domain will resolve this way:
corporate.domain.com
staff.domain.com
support.domain.com
…
All of them will resolve to -& 10.20.30.40
Except for www which you have another A record for it:
www.domain.com -& 10.20.30.41
However it is not recommended to set up wildcard DNS (please read my last post in this thread)
But is it possible to use wildards without own IP? How to setup the dns?[/quote:f29073249b]
Wildcard A, CNAME and MX records are possible
You have to add like this record in your zone file.
[b:f29073249b]*.domain.com. IN A 10.20.30.40[/b:f29073249b]
But if you have i.e this record too
www IN A 10.20.30.41
Then any attempt to lookup hosts for that domain will resolve this way:
corporate.domain.com
staff.domain.com
support.domain.com
…
All of them will resolve to -& 10.20.30.40
Except for www which you have another A record for it:
www.domain.com -& 10.20.30.41
However it is not recommended to set up wildcard DNS (please read my last post in this thread)
Wildcard TLD's?
Is it possible to take this one step further, and have a wildcard TLD? So, www.*.com, *.com, www.*.net and *.net domain names would resolve to a configured site on my box, instead of coming up lame?
That would solve a lot of problems I have with getting sites online quickly!
Not interested in wildcard MX records. I just want new, unconfigured/lame sites to resolve to a specific site. I have a spare IP to use for this also, if necessary.
Is it possible to take this one step further, and have a wildcard TLD? So, www.*.com, *.com, www.*.net and *.net domain names would resolve to a configured site on my box, instead of coming up lame?
That would solve a lot of problems I have with getting sites online quickly!
Not interested in wildcard MX records. I just want new, unconfigured/lame sites to resolve to a specific site. I have a spare IP to use for this also, if necessary.
Last edited:
| Thread starter | Similar threads | Forum | Replies | Date |
|---|---|---|---|---|
|
Change multiple DNS zones using templates/wildcards | Domain Management | 2 | |
| W | Pdns wildcard | Domain Management | 6 | |
| S | Edit DNS Zone and new DNS Zone Manager search is wildcarding | Domain Management | 3 | |
| M | WildCard DNS and htaccess | Domain Management | 1 | |
| C | DNS wildcard help | Domain Management | 2 |