[Dnsmasq-discuss] Wildcard CNAMEs - unexpected behaviour.
Stephen Howell
stephen at allthatwemight.be
Tue May 29 23:11:12 BST 2018
Hi,
I'm an occasional sysadmin and I was looking to setup a round-robin
wildcard CNAME for a test project at home. I checked the dnsmasq docs and
saw:
*--cname* as long as the record name is in the authoritative domain. If the
target of the CNAME is unqualified, then it is qualified with the
authoritative zone name. CNAME used in this way (only) may be wildcards, as
in
*cname=*.example.com <http://example.com>,default.example.com
<http://default.example.com>*
I figured out that the A records would need to be added as /etc/hosts
entries so I did so then added a couple of lines in my config to be
authoritative for this one zone and create the CNAME:
auth-zone=local,127.0.0.0/24,192.168.0.0/16,br-lan
cname=*.k8s.local,app.k8s.local
This *should* have created a DNS record that responds to queries for
"app2.k8s.local", "app3.k8s.local" etc. That does not happen, any
request for sub-domains below k8s.local returns empty data.
Instead what I have is a record that responds to the *literal form* of
"*.k8s.local"!!
$ dig *.k8s.local @192.168.0.2
; <<>> DiG 9.11.3-1ubuntu1-Ubuntu <<>> *.k8s.local @192.168.1.1
;; global options: +cmd
;; Got answer:
;; WARNING: .local is reserved for Multicast DNS
;; You are currently testing what happens when an mDNS query is leaked to DNS
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41245
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;*.k8s.local. IN A
;; ANSWER SECTION:
*.k8s.local. 0 IN CNAME app.k8s.local.
app.k8s.local. 0 IN A 192.168.1.11
app.k8s.local. 0 IN A 192.168.1.12
app.k8s.local. 0 IN A 192.168.1.13
;; Query time: 2 msec
;; SERVER: 192.168.0.2#53(192.168.0.2)
;; WHEN: Tue May 29 22:49:01 BST 2018
;; MSG SIZE rcvd: 115
That is not a wildcard entry! Any idea what happened? DNSmasq is 2.80test2
(current version from the OpenWRT repo).
I realise that the address=/domain.com/1.1.1.1 form could be used, but that
doesn't help create a round-robin entry. How should a wildcard entry for
multiple backing hosts be created?
Thanks
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20180529/313b792c/attachment.html>
More information about the Dnsmasq-discuss
mailing list