Fwd: Facing weird issue with DNS-RPZ

Blason R blason16 at gmail.com
Wed Apr 25 04:58:15 UTC 2018 

Whoo..what is this all about guys? Is there any limit for zones?

   Active: active (running) since Wed 2018-04-25 10:25:27 IST; 2s ago
     Docs: man:named(8)
  Process: 4085 ExecStop=/usr/sbin/rndc stop (code=exited, status=0/SUCCESS)
 Main PID: 4091 (named)
    Tasks: 7
   Memory: 146.1M
      CPU: 1.527s
   CGroup: /system.slice/bind9.service
           └─4091 /usr/sbin/named -f -u bind

Apr 25 10:25:27 dnsfw named[4091]: managed-keys-zone: loaded serial 13
Apr 25 10:25:27 dnsfw named[4091]: zone 0.in-addr.arpa/IN: loaded serial 1
Apr 25 10:25:27 dnsfw named[4091]: zone localhost/IN: loaded serial 2
Apr 25 10:25:27 dnsfw named[4091]: zone 255.in-addr.arpa/IN: loaded serial 1
Apr 25 10:25:27 dnsfw named[4091]: zone 127.in-addr.arpa/IN: loaded serial 1
*Apr 25 10:25:28 dnsfw named[4091]: dns_master_load:
/etc/bind/isnlab.in.db:345703: ran out of space*
*Apr 25 10:25:28 dnsfw named[4091]: zone isnlab.in/IN
<http://isnlab.in/IN>: loading from master file /etc/bind/isnlab.in.db
failed: ran out of space*
*Apr 25 10:25:28 dnsfw named[4091]: zone isnlab.in/IN
<http://isnlab.in/IN>: not loaded due to errors.*

*I have around 300+ zones*

*root at dnsfw:/etc/bind# named -v*
*BIND 9.10.3-P4-Ubuntu <id:ebd72b3>*


On Wed, Apr 25, 2018 at 8:52 AM, Blason R <blason16 at gmail.com> wrote:

> Unfortunately neither RHEL nor CentOS gives RPM for 9.10+ and really
> compiling and building is really pain and time consuming.
> Hence I decided to give a try with Ubuntu 16.04 and any ways within few
> days 18.04 is coming out with 9.11.
>
> BTW is 9.11 branch stable?
>
> On Wed, Apr 25, 2018 at 8:03 AM, Mukund Sivaraman <muks at isc.org> wrote:
>
>> On Tue, Apr 24, 2018 at 07:25:45PM -0700, Ray Van Dolson wrote:
>> > On Tue, Apr 24, 2018 at 07:21:34PM -0700, Mukund Sivaraman wrote:
>> > > On Tue, Apr 24, 2018 at 06:03:43PM +0530, Blason R wrote:
>> > > > I am building DNS RPZ on named BIND 9.9.4-RedHat-9.9.4-51.el7_4.2
>> > > > (Extended Support Version).
>> > >
>> > > RPZ in BIND 9.9 is experimental and unsupported (except for the
>> > > subscription branch). Please use at least BIND 9.10 for RPZ.
>> > >
>> >
>> > We've been using RPZ in RHEL6-provided BIND (based on BIND 9.8.2)
>> > (based on BIND 9.8.2).
>> >
>> > No issues.  Unsure if Red Hat backports the "more stable" code?
>>
>> I doubt it. But speaking for ISC BIND, 9.10+ is the only RPZ code we
>> bugfix and there have been a lot of bugs fixed.
>>
>>                 Mukund
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180425/b0146bf9/attachment.html>

More information about the bind-users mailing list