amazon-web-servicesdnsvpnopenvpnwildcard-subdomain

Custom hostname for AWS ClientVPN?


Say I have the following record:

*.foo.bar CNAME *.baz.qux

If I do a DNS query on test.foo.bar, will it return the record for test.baz.qux? Or will it do something else?

EDIT: There's a reason for wanting to do this. AWS's Client VPN provides an endpoint with random prefix, e.g. *.cvpn-endpoint-foo.bar.clientvpn.us-west-2.amazonaws.com, meaning it will accept a connection with any value used for the prefix (used so there's no DNS caching of the endpoint's A records, corresponding to OpenVPN's remote-random-hostname option). I would like to provide a connection endpoint like *.vpn.mydomain.com. So, I was wondering if there was a way to do this, where a random prefix can be used with the custom domain and have it pass that through to the domain it CNAMEs to.

To summarize: is there a way I can use AWS's Client VPN random prefix via a custom DNS record?


Solution

  • Such CNAME record is illegal. You cannot have wildcard * as CNAME value, only single domain name at the RHS of CNAME. You can have something like

    *.foo.bar. CNAME zuka.baz.qux.
    

    Also, note the dots at the end of domain names. Without them zone name will be appended.

    Update To clarify this. '*' in the RHS is not wild card, it is treated as regular domain name. So, unless you have host or subdomain named *.baz.qux any query for whatewer.foo.bar will return not found: 3(NXDOMAIN)