MoinQ:

DNS/用語/wildcards/RFC4592/responseについて、ここに記述してください。

1. 3. Impact of a Wildcard Domain Name on a Response

RFC 1034's description of how wildcards impact response generation is in its section 4.3.2. That passage contains the algorithm followed by a server in constructing a response. Within that algorithm, step 3, part 'c' defines the behavior of the wildcard.

1.1. 3.2. Step 3

Step 3 is dominated by three parts, labeled 'a', 'b', and 'c'.

   #   3. Start matching down, label by label, in the zone.  The
   #      matching process can terminate several ways:

The word 'matching' refers to label matching.

The concept is based in the view of the zone as the tree of existing names.

The query name is considered to be an ordered sequence of labels-- as if the name were a path from the root to the owner of the desired data (which it is--3rd paragraph of RFC 1034, section 3.1).

探索の終わり方は三種類(三番目がwildcard関連)

The process of label matching a query name ends in exactly one of three choices, the parts 'a', 'b', and 'c'.

Either the name is found, the name is below a cut point, or the name is not found.

Once one of the parts is chosen, the other parts are not considered (e.g., do not execute part 'c' and then change the execution path to finish in part 'b').

The process of label matching is also done independent of the query type (QTYPE).

Parts 'a' and 'b' are not an issue for this clarification as they do not relate to record synthesis.

Part 'a' is an exact match that results in an answer; part 'b' is a referral.

1.2. 3.3. Part 'c'

The context of part 'c' is that the process of label matching the labels of the query name has resulted in a situation in which there is no corresponding label in the tree.

該当するラベルがないことが判明したとき: * ラベルがあるかを見る。

It is as if the lookup has "fallen off the tree".

   #     c. If at some label, a match is impossible (i.e., the
   #        corresponding label does not exist), look to see if [...]
   #        the "*" label exists.

To help describe the process of looking 'to see if [...] the "*" label exists' a term has been coined to describe the last domain (node) matched.

1.2.1. 3.3.1. Closest Encloser and the Source of Synthesis

The closest encloser is the node in the zone's tree of existing domain names that has the most labels matching the query name (consecutively, counting from the root label downward).

Each match is a "label match" and the order of the labels is the same.

The closest encloser is, by definition, an existing name in the zone.

The closest encloser might be an empty non-terminal or even be a wildcard domain name itself.

In no circumstances is the closest encloser to be used to synthesize records for the current query.

(closest encloserは現queryの返答生成には使われない。)

The source of synthesis is defined in the context of a query process as that wildcard domain name immediately descending from the closest encloser, provided that this wildcard domain name exists.

"Immediately descending" means that the source of synthesis has a name of the form:
+      <asterisk label>.<closest encloser>.

A source of synthesis does not guarantee having a RRSet to use for synthesis.

If the source of synthesis does not exist (not on the domain tree), there will be no wildcard synthesis. There is no search for an alternate.

(source of synthesisが存在しなければ、ワイルドカードによる生成は起きない)

The important concept is that for any given lookup process, there is at most one place at which wildcard synthetic records can be obtained.

(多くとも一箇所だけが生成の候補となる)

If the source of synthesis does not exist, the lookup terminates, and the lookup does not look for other wildcard records.

1.2.2. 3.3.2. Closest Encloser and Source of Synthesis Examples

To illustrate, using the example zone in section 2.2.1 of this document, the following chart shows QNAMEs and the closest enclosers.

     QNAME                       Closest Encloser    Source of Synthesis
     host3.example.              example.            *.example.
     _telnet._tcp.host1.example. _tcp.host1.example. no source
     _dns._udp.host2.example.    host2.example.      no source
     _telnet._tcp.host3.example. example.            *.example.
     _chat._udp.host3.example.   example.            *.example.
     foobar.*.example.           *.example.          no source