Wildcards
Something else we haven’t covered yet is DNS wildcards. At times you want a single resource record to cover any possible name, rather than creating zillions of resource records that are all the same except for the domain name to which they apply. DNS reserves a special character, the asterisk (*), to be used in a DNS datafile as a wildcard name. It will match any number of labels in a name, as long as that name isn’t an exact match with a name already in the DNS database.
Most often, you’d use wildcards to forward mail to non-Internet-connected networks. Suppose our site weren’t connected to the Internet, but we had a host that would relay mail between the Internet and our network. We could add a wildcard MX record to the movie.edu zone for Internet consumption that points all our mail to the relay. Here is an example:
*.movie.edu. IN MX 10 movie-relay.nea.gov.
Since the wildcard matches one or more labels, this resource record would apply to names like terminator.movie.edu, empire.fx.movie.edu, or casablanca.bogart.classics.movie.edu. The danger with wildcards is that they clash with search lists. This wildcard also matches cujo.movie.edu.movie.edu, making wildcards dangerous to use in your internal zone data. Remember that some mailers apply the search list when looking up MX records:
C:\>nslookupDefault Server: wormhole.movie.edu Address: 192.249.249.1 >set type=mxLook up MX records >cujo.movie.edufor cujo.movie.edu. Server: wormhole.movie.edu Address: 192.249.249.1 ...
Get DNS on Windows Server 2003, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
