How do I configure a wildcard DNS record correctly in Windows Server 2012?

domain-name-system windows-server-2012 wildcard-subdomain
17,159

Here's what I suspect is happening but can't prove it on my own systems since I don't want to stick a wildcard record on my DNS servers.

This somewhat works, except that when I run nslookup www.domain.com I get this response:

Server: winsrv.domain.com
Address: 172.16.1.2

Name: www.domain.com.domain.com
Address: 172.16.1.3

This is because your nslookup query is technically an unqualified name.

You can test this by doing an nslookup www.domain.com. (note the trailing period/dot at the end that "qualifies" it) and see if the return is valid now.

EDIT: yeah this seams to be the case...because your wildcard entry is invalidating the normal NXDOMAIN response nslookup normally returns in this case. Since nslookup always appends the suffix if the lookup doesn't have the trailing period.

For instance, here's one on my computer:

> set debug=true
> www.yahoo.com
Server:  dc1.mdmarra.local
Address:  10.10.10.10

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        www.yahoo.com.mdmarra.local, type = A, class = IN
    AUTHORITY RECORDS:

Notice how it returned NXDOMAIN for www.yahoo.com.mdmarra.local. It will then go on to query just www.yahoo.com using forwarders. Since you have the wildcard entry it thinks your query is valid based on the wildcard.

Share:
17,159

Related videos on Youtube

Brack
Author by

Brack

Updated on September 18, 2022

Comments

  • Brack
    Brack almost 2 years

    I'm trying to configure a DNS server for domain.com. I want to configure a wildcard DNS record to resolve any-subdomain.domain.com to a single IP address (172.16.1.3). In my DNS server I have the following records in my forward zone:

    DNS Records

    This somewhat works, except that when I run nslookup www.domain.com I get this response:

    Server: winsrv.domain.com
Address: 172.16.1.2

Name: www.domain.com.domain.com
Address: 172.16.1.3

    I believe the DNS server is thinking that the entire www.domain.com string is a subdomain of domain.com.

    How do I get the DNS server to return the correct line: Name: www.domain.com

    • MDMarra
      MDMarra almost 11 years
      Is domain.com in this example an Active Directory domain as well? And if so, is this DNS server an AD DNS server?
    • Brack
      Brack almost 11 years
      Nope, no AD in use. Just a fresh Windows Server 2012 with updates and DNS installed.
  • Brack
    Brack almost 11 years
    Yep. Looks like you're right. Thanks for the information.
  • joeqwerty
    joeqwerty almost 11 years
    Why is your DNS server named dc1.MDMARRA.local?
  • joeqwerty
    joeqwerty almost 11 years
    Is MDMarra your alter ego? That would explain why I never see the two of you answer a question at the same time.
  • joeqwerty
    joeqwerty almost 11 years
    He may forgive you for using .local in this instance ;)

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Windows Server 2012 AD DC/DNS/DHCP in single server
How do you connect to a local domain (i.e. mydomain.local) when you are outside of the network?
Best practices for secondary DNS in case of a single Active Directory
How to handle external and internal DNS on windows 2012
DHCP giving wrong DNS servers
How to have your DNS servers forward queries for internet names
Possible reasons for occasionally inaccessible domains
No domain controller can be contacted when domain joining a server
How to use CNAME to external hosts on local DNS Server?
How to set up a DNS to use a catch-all address?