Why does my linux server resolve all domains (even non-existant ones)

linux domain-name-system centos

Currently every domain name resolves to my primary server, primary.example.com. So for example, if I ping randomdomain123.blah I get:

PING primary.example.com` (1.2.3.4) 56(84) bytes of data.

but am expecting a 'host not found' error.

Initially I thought it was because I had search example.com in my /etc/resolv.conf. However, after removing that pinging randomdomain123.blah still resolves to my primary domain. Restarting the server had no effect either.

I have nothing specified in /etc/hosts.

Running hostname from another server in the cluster gives secondary.example.com.

I use Route 53 as the DNS provider, and relevant DNS seems to be:

example.com.            A       1.2.3.4
primary.example.com.    A       1.2.3.4
*.primary.example.com.  CNAME   primary.example.com
*.example.com.          CNAME   www.example.com
www.example.com.        CNAME   primary.example.com

So is this a local networking misconfiguration or some DNS problem? (or both?)

Update: The reason I want/need a wildcard is that I run a webapp of this domain so customer1.example.com etc. need to resolve to this machine and it needs to be automatic - so I wanted to avoid having to change the DNS after each new customer signs up.

Update 2: My /etc/resolv.conf is currently as follows (since I commented out the search line):

### Hetzner Online AG installimage
# nameserver config
nameserver 213.133.99.99
nameserver 213.133.100.100
nameserver 213.133.98.98
nameserver 2a01:4f8:0:a102::add:9999
nameserver 2a01:4f8:0:a0a1::add:1010
nameserver 2a01:4f8:0:a111::add:9898
# search example.com

Update 3: Running dig randomdomain123.blah +trace gives:

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> randomdomain123.blah +trace
;; global options: +cmd
;; Received 12 bytes from 213.133.99.99#53(213.133.99.99) in 0 ms

Update 4: I can confirm that ping randomdomain123.blah. with the final dot gives:

ping: unknown host randomdomain123.blah.

So does that mean that from a Java app on this machine, I need to append dots and use a URL like http://randomdomain123.blah./somepage.html to ever generate a HostNotFoundException?


Your problem is the search field in /etc/resolv.conf combined with your * record. You mentioned that you already tried to remove that setting. But it turns out that omitting it from /etc/resolv.conf, does not mean that the search feature will be turned off.

If absent from /etc/resolv.conf the search setting will default to the domain from your hostname.

I don't know if there is an official way to completely disable the search feature, but this appeared to work:

search .

Alternatively, you can point your search to a domain without a * record, which could contain a few other records for your convenience. For example:

search search.example.com

Then you can create records such as server1.search.example.com but not *.search.example.com.


It looks like you have configured a wildcard DNS record, a so called catch it all configuration: *.example.com is CNAMEs to www.example.com which in turn is a CNAME for primary.example.com which then resoves to 1.2.3.4

That is not a very sane setup, please also see: http://en.wikipedia.org/wiki/Wildcard_DNS_record.

Related

ntpd keeps adding local servers while being told not to
How to identify failed drive/port on 3ware card
HP ProLiant MicroServer Gen 8 - Hard Drive Configuration?
Packer unable to pack aws image into VPC
Why is the Computers object a CN not an OU in Microsoft Active Directory?
grep ouput filepath with file modified date?
Environment variables using AWS CodeDeploy
Backup Monitoring Solution [closed]
Default policy for OUTPUT
How do I automatically approve important updates from WSUS?
Multiple DHCP uplinks - How to ignore DNS and default route on all but one?
yum list available - not showing all packages