Can I use nested DNS wildcard records











up vote
3
down vote

favorite
1












I would like to have multiple dns entries with wildcards such that one entry is nested as subdomain of another



CNAME *.example.com -> webserver.example.com

CNAME *.api.example.com -> apiserver.example.com


The intention being that I can use customer.example.com to access the webserver and customer.api.example.com to access the api server.



Since customer.api.example.com is a valid match for both of the wildcard entries i'm not sure how this will get resolved.



I have tested this on AWS route53 as the DNS provider and it seems to work as expected.customer.api.example.com resolved to the api server. But i'm not sure if this is guaranteed by the DNS spec or was just chance it picked the correct server.



Is this behaviour something I can rely on to be consistent?






domain-name-system wildcard-subdomain







share|improve this question


























    up vote
    3
    down vote

    favorite
    1












    I would like to have multiple dns entries with wildcards such that one entry is nested as subdomain of another



    CNAME *.example.com -> webserver.example.com
    
CNAME *.api.example.com -> apiserver.example.com


    The intention being that I can use customer.example.com to access the webserver and customer.api.example.com to access the api server.



    Since customer.api.example.com is a valid match for both of the wildcard entries i'm not sure how this will get resolved.



    I have tested this on AWS route53 as the DNS provider and it seems to work as expected.customer.api.example.com resolved to the api server. But i'm not sure if this is guaranteed by the DNS spec or was just chance it picked the correct server.



    Is this behaviour something I can rely on to be consistent?






    domain-name-system wildcard-subdomain







    share|improve this question
























      up vote
      3
      down vote

      favorite
      1









      up vote
      3
      down vote

      favorite
      1






      1





      I would like to have multiple dns entries with wildcards such that one entry is nested as subdomain of another



      CNAME *.example.com -> webserver.example.com
      
CNAME *.api.example.com -> apiserver.example.com


      The intention being that I can use customer.example.com to access the webserver and customer.api.example.com to access the api server.



      Since customer.api.example.com is a valid match for both of the wildcard entries i'm not sure how this will get resolved.



      I have tested this on AWS route53 as the DNS provider and it seems to work as expected.customer.api.example.com resolved to the api server. But i'm not sure if this is guaranteed by the DNS spec or was just chance it picked the correct server.



      Is this behaviour something I can rely on to be consistent?






      domain-name-system wildcard-subdomain







      share|improve this question













      I would like to have multiple dns entries with wildcards such that one entry is nested as subdomain of another



      CNAME *.example.com -> webserver.example.com
      
CNAME *.api.example.com -> apiserver.example.com


      The intention being that I can use customer.example.com to access the webserver and customer.api.example.com to access the api server.



      Since customer.api.example.com is a valid match for both of the wildcard entries i'm not sure how this will get resolved.



      I have tested this on AWS route53 as the DNS provider and it seems to work as expected.customer.api.example.com resolved to the api server. But i'm not sure if this is guaranteed by the DNS spec or was just chance it picked the correct server.



      Is this behaviour something I can rely on to be consistent?






      domain-name-system wildcard-subdomain




      domain-name-system wildcard-subdomain






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 29 at 11:36









      Dave Turvey

      1183




      1183






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          5
          down vote



          accepted










          This approach is ok, DNS server use the most specific match which is *.api.example.com for customer.api.example.com The behavior should be consistent because is defined in RFC 1034






          share|improve this answer





















            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "2"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f942124%2fcan-i-use-nested-dns-wildcard-records%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            5
            down vote



            accepted










            This approach is ok, DNS server use the most specific match which is *.api.example.com for customer.api.example.com The behavior should be consistent because is defined in RFC 1034






            share|improve this answer

























              up vote
              5
              down vote



              accepted










              This approach is ok, DNS server use the most specific match which is *.api.example.com for customer.api.example.com The behavior should be consistent because is defined in RFC 1034






              share|improve this answer























                up vote
                5
                down vote



                accepted







                up vote
                5
                down vote



                accepted






                This approach is ok, DNS server use the most specific match which is *.api.example.com for customer.api.example.com The behavior should be consistent because is defined in RFC 1034






                share|improve this answer












                This approach is ok, DNS server use the most specific match which is *.api.example.com for customer.api.example.com The behavior should be consistent because is defined in RFC 1034







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 29 at 11:47









                Quantim

                940513




                940513






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Server Fault!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.





                    Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                    Please pay close attention to the following guidance:


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f942124%2fcan-i-use-nested-dns-wildcard-records%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    Plaza Victoria

                    Image
                    Plaza Victoria Plaza Victoria en 2017 Otros nombres Plaza de La Victoria Localización El Almendral, Valparaíso, Chile Vías adyacentes Chacabuco, Molina, Plaza Victoria y Edwards Creación 1841 Metro Bellavista Ubicación 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 Coordenadas: 33°02′46″S 71°37′11″O  /  -33.04624167, -71.61980833 [editar datos en Wikidata] La Plaza Victoria , también llamada Plaza de la Victoria , [ 1 ] ​ es una plaza ubicada en el sector El Almendral del plan de la ciudad de Valparaíso, Chile, de importancia patrimonial, que incluye valiosas estatuas y especies vegetales. [ 2 ] ​ La plaza se creó como tal en la primera mitad del siglo XIX, tomando previamente los nombres de Plaza Nueva y Plaza de Orrego . Si bien desde sus inicios tuvo relevancia histórica, no fue sino a partir de fines de los años 1860 cuando comenzó a cobrar mayor importancia y se convirtió en uno de los principales centros sociales de l
                    Read more

                    Puebla de Zaragoza

                    Image
                    Para otros usos de este término, véase Puebla (desambiguación). Heroica Puebla de Zaragoza Localidad De arriba a abajo de izquierda a derecha: Estrella de Puebla, Volcán Popocatépetl, Catedral de Puebla, Monumento a Ignacio Zaragoza, Estadio Cuauhtémoc, Angelópolis y Vista panorámica de la ciudad. Escudo Otros nombres: El relicario de América/ La ciudad de los Ángeles/ La Angelópolis Lema: Muy noble y muy leal ciudad de Puebla de los Ángeles Heroica Puebla de Zaragoza Localización de Heroica Puebla de Zaragoza en México Heroica Puebla de Zaragoza Localización de Heroica Puebla de Zaragoza en Puebla Mapa interactivo Coordenadas 19°03′05″N 98°13′04″O  /  19.051388888889, -98.217777777778 Coordenadas: 19°03′05″N 98°13′04″O  /  19.051388888889, -98.217777777778 Idioma oficial Español Entidad Localidad  • País   México  • Estado Puebla  • Municipio Puebla Presidente municipal Claudia Rivera Vivanc
                    Read more

                    Musa

                    Image
                    Para el género de plantas, véase Musa (planta). Apolo y la Nueve Musas En la mitología griega, las musas (en griego antiguo μοῦσαι « mousai» ) son, según los escritores más antiguos, las divinidades inspiradoras de las Artes: cada una de ellas está relacionada con ramas artísticas y del conocimiento. Son hijas de Zeus y de Mnemósine, compañeras del séquito de Apolo, dios olímpico de la música y patrón de las bellas artes, quien tuvo romances con cada una de ellas, dejando descendientes. Bajaban a la tierra a susurrar ideas e inspirar a aquellos mortales que las invocaran. En la época más arcaica eran las ninfas inspiradoras de las fuentes, en las cuales eran adoradas. Finalmente, alrededor de los siglos VIII-VII a. C. [ 1 ] ​ prevaleció en todo el territorio de la Hélade la adoración de las nueve Musas, que son Calíope, Clío, Erato, Euterpe, Melpómene, Polimnia, Talía, Terpsícore y Urania. El culto a las musas era originalmente de Tracia y Beocia, y fueron de vital impo
                    Read more