#3148 wildcard CNAME does NOT work
Closed: Fixed None Opened 9 years ago by cherno.

First neither CLI or GUI allow the following to be added as a CNAME

*.test.example.com IN CNAME      lab.example.com

I've tried to add LDAP object directly into IPA/LDAP

---
dn: idnsname=*.test,idnsname=example.com,cn=dns,dc=example,dc=com
objectClass: top
objectClass: idnsrecord
cNAMERecord: lab.example.com.
idnsName: *.test
---

However, running the following command returned no results

$ dig a.test.example.com

--LDAP object ---

dn: idnsname=*.test,idnsname=example.com,cn=dns,dc=example,dc=com

objectClass: top

objectClass: idnsrecord

cNAMERecord: lab.example.com.

idnsName: *.test

Petr, how should it be handled wrt bind-dyndb-ldap?

Fix verbatim blocks in description.

Thank you for report. I will investigate it.

Moving my tickets back to free-to-take pool.

3.4 development was shifted by one month, moving tickets to reflect reality better.

Support for wildcard records requires:

Adjusting time plan - 3.4 development was postponed as we focused on 3.3.x testing and stabilization.

Moving unfinished November tickets to January.

I tested with bind-dyndb-ldap-4.1-1.fc20.x86_64 in Fedora 20 and wildcard records worked for me. I just had to workaround DNS plugin validators to create this record:

dn: idnsname=*.test,idnsname=example.com,cn=dns,dc=example,dc=com
objectClass: idnsrecord
objectClass: top
idnsName: *.test
aRecord: 10.0.0.5

bind-dyndb-ldap worked as expected:

# host a.test.example.com
a.test.example.com has address 10.0.0.5
# host b.test.example.com
b.test.example.com has address 10.0.0.5
...

We can thus start the work on removing validators.

This ticket is not complete yet, moving to next month milestone.

Will be fixed together with #3169.

Fixed by #3169. Additionally, a test was added:

  • 67565d3 Test DNS: wildcard in RR owner

Metadata Update from @cherno:
- Issue assigned to mbasti
- Issue set to the milestone: FreeIPA 4.0 - 2014/05

5 years ago

Login to comment on this ticket.

Metadata