[dns-operations] Caching of wildcards

bert hubert bert.hubert at netherlabs.nl
Wed May 11 09:21:02 UTC 2011

On Wed, May 11, 2011 at 02:09:10AM -0700, Jeff Chan wrote:
> If a zone has wildcards:
> *.foo.com
> does the nameserver cache grow with each different query:
> a.foo.com
> b.foo.com
> c.foo.com
> or not?  The desired answer would be "not", else wildcards would
> seem to be impractical.

The cache grows, resolvers never 'see' the *.foo.com, they just get
a.foo.com answers.

The practical upshot of this is that Dutch resolvers are stuffed with
'hyves.nl' records since each user of this social network gets its own
domain name, as expanded from *.hyves.nl.

These occupy double digit percentages of memory use here.

> Interested in the answers for BIND and rbldnsd.

The answer is general since resolvers never see the wildcard, and even if
they did they could not generalize it since non-wildcard names overrule the
wildcard and might be present.


More information about the dns-operations mailing list