DNS Wildcard not working (multi level wildcard)
-
Hi Guys,
I have setup DNS wildcard on DNS resolver according to this guide:
https://docs.netgate.com/pfsense/en/latest/dns/wildcard-records-in-dns-forwarder-resolver.htmlIt is not working, at least not completely.
All subdomains under *.example.com will not work, for example:If I have an entry for (in my case OpenShift sdn router) svc.cluster.local, it's all working well:
server:
local-zone: “svc.cluster.local“ redirect
local-data: "svc.cluster.local. 3600 IN A 192.168.1.XX"But I I try to resolve any sub domain for "console.router.default.svc.cluster.local" everything until "console.router.default", will not resolve.
or another example would be, if the following option exists:
server:
private-domain: "cluster.local"
local-zone: “router.default.svc.cluster.local“ redirect
local-data: "router.default.svc.cluster.local. 3600 IN A 192.168.1.XX"
but the nginx-infra-storage.router.default.svc.cluster.local is not resolving:
nslookup nginx-infra-storage.router.default.svc.cluster.local
Server: 192.168.1.XX
Address: 192.168.1.XX#53** server can't find nginx-infra-storage.router.default.svc.cluster.local: NXDOMAIN
Thanks on advance,
:) -
Someone?
Bump. -
Use of .local is just horrible idea in the first place... Use something else for your tld...
Why are you hiding last octet of your rfc1918 address??
When you use .local dig even tells you its reserved for multicast
;; Got answer: ;; WARNING: .local is reserved for Multicast DNSBut it works
Your " are not right on your "svc.cluster.local" they are “ and not "
-
Lol, you’re right two times:
- I thought same while hiding the last octet, that it’s Overkill, thats was ridiculous
- Also know i know that .local is reserved to multicast, that’s how the OpenShift sdn router Is set by default.
Im looking into the possibility to use my own domain name instead (still looking into OpenShift Dokumentation)
Got it thanks use "svc.cluster.local" instead of “cluster.local“ , will try that.
Thanks
- I thought same while hiding the last octet, that it’s Overkill, thats was ridiculous
-
quotes are wrong value... Not sure what your putting in, but they are not " they are “
You have
U+201C : LEFT DOUBLE QUOTATION MARK {double turned comma quotation mark}Vs
U+0022 : QUOTATION MARKSo yeah its not going to work.
I copied pasted what you posted, and yeah its not working because the quotemarks are not right. On you redirect line. Once corrected the quotes works fine.
-
Thanks, I’ll change it and test.
-
I‘m a bit confused.
In do a search on this page for "svc.cluster.local", and I find all the text both from me and you.
That would tell me that the text is 100% identical or else it wouldn’t find it.Also the records I use are working for me if I use svc.cluster.local.
What doesn’t work for me is the wildcard part for the non existing part something. svc.cluster.local.
The “something” will not resolve, while svc.cluster.local works well.Thanks
-
Again dude your quote symbol is wrong, so your redirect is not going in.... I showed you its working..
You have wrong quote letter, I even showed you what you have..
U+201C : LEFT DOUBLE QUOTATION MARK
Go here http://asciivalue.com/
See they are different..
-
Yes see it and yes the characters are different, you right.
I agree and in my comment I didn’t disagree in regarding of using the wrong characters.I just meant that it’s working but not as a wildcard as I explained.
Many Thanks again I’ll change the characters and try again.
-
-
Did you copy paste that from somewhere, maybe that is how it got put in wrong? Very strange..
-
No, I didn’t copy it.
Few days ago I did it with my iPhone using a multi language keyboard.This time did it with my laptop and chosen the right characters (tipped longer and choose the first option).
Nothing changed, just the brackets, all working also all non existing multi subdomain resolve to the desired IP.
-
@Phonix66 said in DNS Wildcard not working (multi level wildcard):
Few days ago I did it with my iPhone using a multi language keyboard.
Wouldn't be the first time an Apple device decided it knew better how to do quotation marks.
-
@jimp
, true.
That’s when an (Apple’s) feature becomes a bug
