ns_initparse: Message too long

Mon May 29 03:14:39 UTC 2000

> Hello,
> 
> I have a domain in .org, let's say it's called test.org . Zones
> transferts between secondary and primary are OK.
> In my primary server I defined :
> www             IN      CNAME   shell1.sourceforge.net.
> When I type :
> 
> . dig @secondary www.test.org
>   the good reply is made.
> 
> . dig @primary www.test.org
>   the following reply is printed :
>         ;; res options: init recurs defnam dnsrch
>         ;; got answer:
>         ;; ns_initparse: Message too long
>         ;; Total query time: 207 msec
>   and the primary logs :
>   security: notice: unapproved query from [ex.te.rn.al].1171 for
> "shell1.sourceforge.net"
> 
> The primary is configured rather stricly. /etc/named.conf extracts :
> acl mynetworks {
>           // Host that can query anything
> ...
> };
> acl blockblackhole {
> ...
> };
> acl mysecondaries {
> ...
> };
> options {
> ...
>         directory "/bind";
>         blackhole { blockblackhole; };
>         allow-query {
>           mynetworks;
>         };
>         allow-transfer {
>           mynetworks;
>         };
> };
> ...
> zone "test.org" {
>         type master;
>         file "p/test.org";
>         // We must respond to any query on this zone
>         allow-query {
>           any;
>         };
>         // Limit transfer from inside and secondaries;
>         allow-transfer {
>           mynetworks;
>           mysecondaries;
>         };
> };
> ...
> 
> Is it a bug or a misconfiguration ?
> How can I make it work without allowing the primary to resolve external
> domains for external clients ?
> 
> Thanks in advance,
> 
> Denis Ducamp.
> 

	Upgrade to BIND 8.2.2-P5 or later.

	Mark
--
Mark Andrews, Nominum Inc.
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at nominum.com