curl / Mailing Lists / curl-users / Single Mail

curl-users

Re: Handling of wildcards in CNAME records

From: Daniel Lublin <daniel_at_lublin.se>
Date: Fri, 4 Aug 2017 17:55:48 +0200

> DNS record is a bit odd:
>
> master-stage.developers.arcgis.com. CNAME *.developers.ago.esri.com.
>
> [ The wildcard record resolves to an RFC1918 IP address via internal DNS
> servers so won't work on the Internet -- yes, I'm doing this from
> somewhere where it will work :-) ]
>
> dig handles fine but curl and other CLI tools don't seem to work. I
> suspect maybe this is something my version of glibc's stub resolver
> doesn't handle well, because curl on my OSX machine (curl 7.43.0 linked
> against whatever Mac uses for its stub resolver) handles the above
> without complaint.
>
> On my RHEL7 machine other glibc linked tools like ping and wget also
> don't like this DNS name.
>
> Any ideas?

It seems to me that you have turned the label and resource record of your
CNAME around. What I guess you want to accomplish is the resolution of
justanything.developers.ago.esri.com. to master-stage.developers.arcgis.com.
(through a CNAME alias), which in turn would resolve to an IP address of
where some server is answering, and which protocol uses some sort of host
header to distinguish which FQDN the client is expecting.

In the zone file for esri.com this would look like follows. The label (or
owner name), is in the first column in the zone file, then commonly follows
label type and resource record. It is the label that should be the wildcard
asterisk:

$ORIGIN developers.ago.esri.com.
* CNAME master-stage.developers.arcgis.com.

and in the zone file for arcgis.com:

$ORIGIN developers.arcgis.com.
master-stage A 192.168.0.1
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2017-08-04