A CNAME with a wildcard embedded

user2145475

10/9/22, 9:57 PM

I'm trying to set up a CNAME DNS entry:

start.*.example.com

That matches the following domain names:

start.a.b.c.example.com
start.a.example.com

Is this possible? My current tests are failing with networksolutions.com.

It was previously working as an A record wildcard (*.exmaple.com) - but I would like it to work as a CNAME.

1 + 0

domain-name-system

cname-record

wildcard

domain-name

Score:2

Server

Patrick Mevzek

10/10/22, 12:41 AM

start.*.example.com

DNS wildcards do not work like this, so you can not do that (as a wildcard) and hence "embedded wildcard" is not a thing in DNS world.

It is not a problem of the record type (CNAME vs A vs anything else) or the DNS provider used, it is the fact that a wildcard HAS TO be a first label of * and then other labels.

So *.example.com is a wildcard (and hence will trigger specific behavior during DNS exchanges, matching multiple names) but start.*.example.com is not a wildcard: you can certainly create a CNAME record with this name, however it will match only itself, literally, including with the asterisk, and absolutely nothing else (no matching of any other name)

See RFC 1034:

4.3.3. Wildcards

In the previous algorithm, special treatment was given to RRs with owner names starting with the label "*". Such RRs are called wildcards.

and later:

The contents of the wildcard RRs follows the usual rules and formats for RRs. The wildcards in the zone have an owner name that controls the query names they will match. The owner name of the wildcard RRs is of the form "*.", where is any domain name.

If you need to match a single thing, you can create the wildcard of *.example.com and both start.a.example.com and start.a.b.c.example.com will match the wildcard record, but as would any other name where start and/or a and/or b and/or c are replaced by something else.

The Wikipedia entry at https://en.wikipedia.org/wiki/Wildcard_DNS_record has exactly the same content as above:

Say there is a DNS zone with the following resource records:

[...]
*.example.               3600     TXT   "this is a wildcard"
*.example.               3600     MX    10 host1.example.
sub.*.example.           3600     TXT   "this is not a wildcard"
[...]

The following responses would be synthesized from one of the wildcards in the zone:

[...]

foo.bar.example. TXT The answer will be "foo.bar.example. IN TXT ..." because bar.example. does not exist, but the wildcard does.

[...]

The following responses would not be synthesized from any of the wildcards in the zone:

[...]

sub.*.example. MX No wild card will match because sub.*.example. exists. The domain sub.*.example. will never act as a wild card, even though it has an asterisk in it.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: A CNAME with a wildcard embedded

TH: CNAME ที่มีไวด์การ์ดฝังอยู่

RO: Un CNAME cu un wildcard încorporat

RU: CNAME со встроенным подстановочным знаком

VI: CNAME có ký tự đại diện được nhúng

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.