Wildcard DNS domains are used to handle requests for a nonexistent domains and subdomains. In a zone, if you want to redirect queries for all nonexistent domains or subdomains to a particular server, you can use wildcard domains rather than creating a separate Resource Record (RR) for each such domain. The most common use of a wildcard DNS domain is to create a zone that can be used to forward mail from the internet to some other mail system.
In DNS resolution, the wildcard domain is supported by wildcard RRs. The wildcard RRs are used to synthesize the responses to queries for a nonexistent domain name. For example, if you queried http://image.example.com, and the subdomain "image" did not exist, you could be redirected to example.com.
A wildcard record has an asterisk (*) character as the leftmost label of a domain name. For example, *.example.com. An asterisk at any other place in the domain name does signify a wildcard DNS record. For example, new.*.example.com is not a valid wildcard DNS record.
- Wildcard domain is supported only when the NetScaler appliance is authoritative for the zone.
- Wildcard domain is not supported for NS and SOA records.
- Wildcard domain cannot be applied when the query is in another zone.
- Wildcard domain cannot be applied when the QNAME or a name between the wildcard domain and the QNAME is known to exist.
In the example, wildcard domain name is added for A and AAAA record.
When a query is received for a domain name that exists in the zone, say www.example.com, the NetScaler appliance responds with the corresponding response; that is 22.214.171.124 in the example.
For a nonexistent domain name that matches with a wildcard type, a synthesized response is delivered.
In the example, the NetScaler appliance responds with 10.10.10.10 and 10.10.10.11 for domain name nonexist.example.com or xyz.example.com.
Wildcard synthesize is not applicable for a domain name that exists in the zone.
For example, for the query www.example.com and type AAAA, the NetScaler appliance does not synthesize with wildcard, because www.example.com exists with type A. In the example, the NetScaler appliance responds with a NODATA response.
For a query say abc.example.com and type AAAA, the NetScaler appliance responds with a synthesized response; that is 2001::1 in the example.