shibari not synthesizing wildcard domains? from Mario Rugiero on 2026-05-25 (skaware)

From: Mario Rugiero <mrugiero_at_gmail.com>
Date: Mon, 25 May 2026 03:53:57 -0300

Hi.

I migrated from tinydns to shibari due to lack of support for listening at IPv6 (in the Alpine packaged version),
due to a change of ISP that put my IPv4 behind a CGNAT.
I tried it instead of the IPv6 patches in part because long-term I intended on migrating anyway.
It seems my wildcards no longer resolve correctly:

```
dig _at_2800:810:5a8:147e:523e:aaff:fea2:68b9 bag.mox.vice.ar aaaa

; <<>> DiG 9.10.6 <<>> _at_2800:810:5a8:147e:523e:aaff:fea2:68b9 bag.mox.vice.ar aaaa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61344
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;bag.mox.vice.ar. IN AAAA

;; ANSWER SECTION:
*.mox.vice.ar. 86400 IN AAAA 2800:810:5a8:147e:523e:aaff:fea2:68b9

;; Query time: 24 msec
;; SERVER: 2800:810:5a8:147e:523e:aaff:fea2:68b9#53(2800:810:5a8:147e:523e:aaff:fea2:68b9)
;; WHEN: Mon May 25 03:26:29 -03 2026
;; MSG SIZE rcvd: 63
```

I expected the answer to start with bag.mox.vice.ar <http://bag.mox.vice.ar/>, rather than *.mox.vice.ar <http://mox.vice.ar/>.
I am not 100% sure, but I believe this may be breaking resolution of my domains (they are definitely broken,
my only doubt is whether this is the cause, but they do not resolve further than the NS).
mox.vice.ar <http://mox.vice.ar/> resolves correctly:

```
dig _at_2800:810:5a8:147e:523e:aaff:fea2:68b9 mox.vice.ar aaaa

; <<>> DiG 9.10.6 <<>> _at_2800:810:5a8:147e:523e:aaff:fea2:68b9 mox.vice.ar aaaa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18440
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;mox.vice.ar. IN AAAA

;; ANSWER SECTION:
mox.vice.ar. 86400 IN AAAA 2800:810:5a8:147e:523e:aaff:fea2:68b9

;; Query time: 1296 msec
;; SERVER: 2800:810:5a8:147e:523e:aaff:fea2:68b9#53(2800:810:5a8:147e:523e:aaff:fea2:68b9)
;; WHEN: Mon May 25 03:50:28 -03 2026
```

My data.cdb is built from:
```
.mox.ar::a:259200
.mox.vice.ar::a:259200
.pelito.strangled.net::a:259200
:mox.ar:28:\050\000\010\020\005\250\024\176\122\076\252\377\376\242\150\271:86400
:mox.vice.ar:28:\050\000\010\020\005\250\024\176\122\076\252\377\376\242\150\271:86400
:*.mox.ar:28:\050\000\010\020\005\250\024\176\122\076\252\377\376\242\150\271:86400
:*.mox.vice.ar:28:\050\000\010\020\005\250\024\176\122\076\252\377\376\242\150\271:86400
:pelito.strangled.net:28:\050\000\010\020\005\250\024\176\122\076\252\377\376\242\150\271:86400
:*.pelito.strangled.net:28:\050\000\010\020\005\250\024\176\122\076\252\377\376\242\150\271:86400
:nsmox.vice.ar:28:\050\000\010\020\005\250\024\176\122\076\252\377\376\242\150\271:86400
```

shibari was built from a git checkout at revision 2c61a23.

Is this a bug or does something in my config look obviously wrong? I'm a bit lost here, any help would be appreciated.

Thanks,
Mario.
Received on Mon May 25 2026 - 08:53:57 CEST

This archive was generated by hypermail 2.4.0 : Mon May 25 2026 - 08:54:51 CEST