Per RFC 8501 seciont 2.2
https://datatracker.ietf.org/doc/html/rfc8501
I have attempted to use a wildcard on a /64 boundary within a zonefile for NSD, but it doesn't not appear to work. PTR lookups fail...
tested with, ie:
$ORIGIN 1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
* PTR my.fqdn.net.
Did not work...
or would you have to use? (not tested)
*.*.*.*.*.*.*.*.*.*.*.* PTR ....
I have not tested NSD, but usually
*.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
works as you do not have any other labels below that wilrdcard. For example if you have defined
a.f.8.c.9.b.e.f.f.f.f.e.c.e.e.3.f.2.0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
that would under the hood generate "empty non-terminal" (ENT) labels for:
1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
2.0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
f.2.0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
...
f.8.c.9.b.e.f.f.f.f.e.c.e.e.3.f.2.0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
And all that ENT stop the wildcard from working as you might want to do it.
So you would have to add:
*.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
*.0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
*.2.0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
*.f.2.0.1.1.1.0.0.8.5.1.b.2.2.5.2.ip6.arpa.
...
Regards
Klau
Klaus Darilion, Head of Operations
nic.at GmbH, Jakob-Haringer-Straße 8/V
5020 Salzburg, Austria