ns_initparse: Message too long
Denis Ducamp
Denis.Ducamp at hsc.fr
Sun May 28 17:39:25 UTC 2000
Hello,
I have a domain in .org, let's say it's called test.org . Zones
transferts between secondary and primary are OK.
In my primary server I defined :
www IN CNAME shell1.sourceforge.net.
When I type :
. dig @secondary www.test.org
the good reply is made.
. dig @primary www.test.org
the following reply is printed :
;; res options: init recurs defnam dnsrch
;; got answer:
;; ns_initparse: Message too long
;; Total query time: 207 msec
and the primary logs :
security: notice: unapproved query from [ex.te.rn.al].1171 for
"shell1.sourceforge.net"
The primary is configured rather stricly. /etc/named.conf extracts :
acl mynetworks {
// Host that can query anything
...
};
acl blockblackhole {
...
};
acl mysecondaries {
...
};
options {
...
directory "/bind";
blackhole { blockblackhole; };
allow-query {
mynetworks;
};
allow-transfer {
mynetworks;
};
};
...
zone "test.org" {
type master;
file "p/test.org";
// We must respond to any query on this zone
allow-query {
any;
};
// Limit transfer from inside and secondaries;
allow-transfer {
mynetworks;
mysecondaries;
};
};
...
Is it a bug or a misconfiguration ?
How can I make it work without allowing the primary to resolve external
domains for external clients ?
Thanks in advance,
Denis Ducamp.
--
Denis.Ducamp at hsc.fr -- Hervé Schauer Consultants -- http://www.hsc.fr/
More information about the bind-users
mailing list