ns_initparse: Message too long
groar
spam at groar.dyndns.org
Fri May 26 20:07:10 UTC 2000
Hello,
I have a domain in .org, let's say it's called test.org . Zones
transferts between secondary and primary are OK.
In my primary server I defined :
www IN CNAME shell1.sourceforge.net.
When I type :
. dig @secondary www.test.org
the good reply is made.
. dig @primary www.test.org
the following reply is printed :
;; res options: init recurs defnam dnsrch
;; got answer:
;; ns_initparse: Message too long
;; Total query time: 207 msec
and the primary logs :
security: notice: unapproved query from [ex.te.rn.al].1171 for
"shell1.sourceforge.net"
The primary is configured rather stricly. /etc/named.conf extracts :
acl mynetworks {
// Host that can query anything
...
};
acl blockblackhole {
...
};
acl mysecondaries {
...
};
options {
...
directory "/bind";
blackhole { blockblackhole; };
allow-query {
mynetworks;
};
allow-transfer {
mynetworks;
};
};
...
zone "test.org" {
type master;
file "p/test.org";
// We must respond to any query on this zone
allow-query {
any;
};
// Limit transfer from inside and secondaries;
allow-transfer {
mynetworks;
mysecondaries;
};
};
...
Is it a bug or a misconfiguration ?
How can I make it work without allowing the primary to resolve external
domains for external clients ?
Thanks in advance,
Denis.
--
Groar Project :
http://sourceforge.net/project/filelist.php?group_id=1239
dducamp at users.sourceforge.net -- http://groar.sourceforge.net
groar at groar.dyndns.org -- http://groar.is.dreaming.org
More information about the bind-users
mailing list