Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 5984 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNS Wildcard for DNS Host

darryljones
I am using Transparent HTTP Proxy - therefor using packet filter rules to control HTTPS sites allowed.  We go to a lot of bank sites that use Load Distribution Servers.  I want to use wild cards for DNS resolution - example - thebank.tdbank.com - resolves to whatever they want to - thebank32z.tdbank.com - so I am hoping to be able to allow to any of their sites using a wild card - thebank*.tdbank.com.   But does not resolve - I read somewhere Astaro does ttl pre-resolution.

Any ideas how to handle this issue of load distribution server DNS resolution so I can allow only HTTPS to those sites?

Thx.


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BarryG
    Barry - thanx for quick reply.   I was using "thebank.tdbank.com" as a generic example - the exact url is - https://easyweb.tdcanadatrust.com - is this the CNAME for multiple IPs ? - as it resolves to multiple other names - ie; easyweb46y.tdcanadatrust.com - then the next time it will be easyweb46x.tdcanadatrust.com - etc. etc. there are quite a few.  I assume this is their method of load balancing requests.  I need to be able to have a single DNS host entry that accomodates all of their multiple records - thanx again.
  • 0 in reply to darryljones
    It looks like that hostname resolves to only 2 IPs.
    They must also be doing HTTP redirection.
    If so, I think you'd need to create definitions for all of the hostnames they're using.

    Barry

    C:\Documents and Settings\barry>nslookup
    > server 4.2.2.1
    Default Server:  vnsc-pri.sys.gtei.net
    Address:  4.2.2.1

    > set q=any
    > easyweb.tdcanadatrust.com
    Server:  vnsc-pri.sys.gtei.net
    Address:  4.2.2.1

    DNS request timed out.
        timeout was 2 seconds.
    Non-authoritative answer:
    easyweb.tdcanadatrust.com       internet address = 142.205.209.80
    easyweb.tdcanadatrust.com       internet address = 142.205.233.80
    easyweb.tdcanadatrust.com       nameserver = ddtorsoc.tdcanadatrust.com
    easyweb.tdcanadatrust.com       nameserver = ddtorcpo.tdcanadatrust.com