Will reverting DNS wildcard have any adverse affects?

I keep trying to think of how this discussion could be operationally
relevant. The only thing I could come up with is:

Will reverting back to the proper NXDOMAIN break anything?

I have only seen inconveniences on my network since they changed, though I
know some had it worse than I did. For the benefit of other NANOG readers,
make sure reverting back won't cause more headaches on your network.

Gerald Coon

- How are ya? Never been better, ... Just once I'd like to be better.

Well, considering that large numbers of community members here
installed the BIND patch (and patches for other vendors software) the
day it was released, I think we're just fine with this. :slight_smile:

I am personally thrilled they are reverting. I also hope ICANN succeeds in
politely (without the need for legal actions) convince them that this is a
bad idea.

I have confidence in the bind patch not breaking bind when Verisign
reverts back, but there were some pretty rash suggestions when the
sitefinder service first came online. (Paul, bind won't break when this
goes back to normal will it?)

I just wanted to point out if anyone did something other than just
patching bind and moving on, consider the repercussions of Verisign
reverting or you might have your weekend plans averted to undo your

Gerald Coon

I only changed the service that was most drastically affected, my anti-spam relays. I put in a HACK() that restored the "sender domain must exist" behavior to sendmail, when a sender domain resolved to the SiteFinder address. I figured my measures ought to affect as little as possible, and address only real operational problems that the wildcards caused.

I am optimistic that this is the last time we'll see any wildcards in any gTLDs.