But it's perfectly ok for PTR records, though perhaps your example is less than ideal. The objection to the use of "*" was specific to NS records. An NS record should exist for a domain only if that domain exists. Since "*" matches any subdomain whether the domain exists or not, an NS record will be returned for non-existent subdomains and that violates the rule. Some records of other types are incompatible with "*" for similar reasons. The major point here is that any DNS record should reference either a valid response or another record that will lead to a response, and an NS record pointing to a zone file that doesn't exist is neither. Some folks will contend that the use of "*" in PTR records is bad form even though it is legal. That's a religious war, not a technical one. (I happen to like the use of "*", though I also believe that one should first apply specific host names whenever a static mapping allows). On Monday, 28 Sep 1998 at 21:02 EDT, Eric Germann wrote:
you have to admit, it does save one hell of a lot of typing for the 1918 IN-ADDR.ARPA delegations.
rfc1918.db ----------
@ IN SOA ns1.xxx.net. hostmaster.xxx.net. ( 1997101001 ; serial 300 ; refresh 300 ; retry 604800 ; expire 600) ; minimum
IN NS ns1.xxx.net. IN NS ns2.xxx.net.
* IN PTR rfc1918.xxx.net. -----------
then in named.bt
primary 16.172.in-addr.arpa RFC1918.DB primary 17.172.in-addr.arpa RFC1918.DB primary 18.172.in-addr.arpa RFC1918.DB primary 19.172.in-addr.arpa RFC1918.DB primary 20.172.in-addr.arpa RFC1918.DB primary 21.172.in-addr.arpa RFC1918.DB primary 22.172.in-addr.arpa RFC1918.DB primary 23.172.in-addr.arpa RFC1918.DB primary 24.172.in-addr.arpa RFC1918.DB primary 25.172.in-addr.arpa RFC1918.DB primary 26.172.in-addr.arpa RFC1918.DB primary 27.172.in-addr.arpa RFC1918.DB primary 28.172.in-addr.arpa RFC1918.DB primary 29.172.in-addr.arpa RFC1918.DB primary 30.172.in-addr.arpa RFC1918.DB primary 31.172.in-addr.arpa RFC1918.DB
repeat for 10.x.x.x and 192.168 space
To reiterate the question posed by the original poster, (donning asbestos), why is this bad?
Eric
At 08:31 AM 9/28/98 -0500, you wrote:
Tatsuya Kawasaki wrote:
xyz.com. IN NS that.host *.xyz.com In NS that.host
Gah!!
Illegal!
Never use "*" in DNS! Just makes /bad things/ happen.
@ IN SOA xyz.com. hostmaster.xyz.com. ( 1998092801 3600 1800 3600000 7200)
ns ns1.xyz.com. ns ns2.xyz.com.
mx 0 mail.xyz.com.
mail a 1.2.3.4 mx 0 mail
. etc ..
-- jamie rishaw (efnet:gavroche) American Information Systems, Inc. Tel:312.425.7140, FAX:312.425.7240 Help stop spam! router(config)#no ip routing thirty thousand feet above the earth..youre a beautiful thing..
========================================================================== Eric Germann CCTec ekgermann@cctec.com Van Wert, OH 45891 http://www.cctec.com Ph: 419 968 2640 Fax: 419 968 2641 Network Design, Connectivity & System Integration Services A Microsoft Solution Provider