ns_initparse: Message too long
Mark.Andrews at nominum.com
Mark.Andrews at nominum.com
Mon May 29 03:14:39 UTC 2000
> Hello,
>
> I have a domain in .org, let's say it's called test.org . Zones
> transferts between secondary and primary are OK.
> In my primary server I defined :
> www IN CNAME shell1.sourceforge.net.
> When I type :
>
> . dig @secondary www.test.org
> the good reply is made.
>
> . dig @primary www.test.org
> the following reply is printed :
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ns_initparse: Message too long
> ;; Total query time: 207 msec
> and the primary logs :
> security: notice: unapproved query from [ex.te.rn.al].1171 for
> "shell1.sourceforge.net"
>
> The primary is configured rather stricly. /etc/named.conf extracts :
> acl mynetworks {
> // Host that can query anything
> ...
> };
> acl blockblackhole {
> ...
> };
> acl mysecondaries {
> ...
> };
> options {
> ...
> directory "/bind";
> blackhole { blockblackhole; };
> allow-query {
> mynetworks;
> };
> allow-transfer {
> mynetworks;
> };
> };
> ...
> zone "test.org" {
> type master;
> file "p/test.org";
> // We must respond to any query on this zone
> allow-query {
> any;
> };
> // Limit transfer from inside and secondaries;
> allow-transfer {
> mynetworks;
> mysecondaries;
> };
> };
> ...
>
> Is it a bug or a misconfiguration ?
> How can I make it work without allowing the primary to resolve external
> domains for external clients ?
>
> Thanks in advance,
>
> Denis Ducamp.
>
Upgrade to BIND 8.2.2-P5 or later.
Mark
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at nominum.com
More information about the bind-users
mailing list