More than 4k TXT entries

Darvin Denmian darvin.denmian at gmail.com
Wed Feb 29 20:22:09 UTC 2012 

Hi,

below the information you requested:

; <<>> DiG 9.7.3-P3 <<>> @ns1.domain.com.br spf_16416.domain.com.br +tcp TXT
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59810
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;spf_16416.domain.com.br.	IN	TXT

;; AUTHORITY SECTION:
domain.com.br.	900	IN	SOA	ns1.domain.com.br. noc.domain.com.br.
2011110899 86400 7200 3600000 3600

;; Query time: 358 msec
;; SERVER: XXX.XXX.XX.XXX#53(XXX.XXX.XX.XXX)
;; WHEN: Wed Feb 29 17:17:49 2012
;; MSG SIZE  rcvd: 92

Regards.

On Wed, Feb 29, 2012 at 4:56 PM, Michael Graff <mgraff at isc.org> wrote:
> Actually, no, there isn't enough information in your reply to help you debug.
>
> Please issue, from a machine not your DNS server:
>
> $ dig @your-server-address +tcp domain.name TXT
>
> A TXT record has a maximum length of around 64k per TXT record, and each part of the text record can be 255 bytes, if memory serves.  However, this is well beyond practical limits.
>
> The size of the zone is not really important compared to the size of the individual TXT record at a specific name.  There is no maximum that spreads across names, but there are practical limits.
>
> If you just have a long string of TXT records, each at its own name like in your example, you should not be running into problems.
>
> --Michael
>
>
> On Feb 29, 2012, at 1:48 PM, Darvin Denmian wrote:
>
>> Hi,
>>
>> Graff, thanks for you reply...
>>
>> As you can see below my server is accepting DNS connections:
>>
>> ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
>> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
>>
>> and the service is up and running:
>>
>> # netstat -ntplu | grep -i named
>> tcp        0      0 XXX.XXX.XX.XXX:53           0.0.0.0:*
>>     LISTEN      7547/named
>> tcp        0      0 XXX.XXX.XX.XXX:53           0.0.0.0:*
>>     LISTEN      7547/named
>> tcp        0      0 127.0.0.1:953                        0.0.0.0:*
>>              LISTEN      7547/named
>> udp        0      0 XXX.XXX.XX.XXX:53           0.0.0.0:*
>>                 7547/named
>> udp        0      0 XXX.XXX.XX.XXX:53           0.0.0.0:*
>>                 7547/named
>>
>> The zone file is composed of a lot of TXT records...below a small
>> piece of the file:
>>
>> spf_10000 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> spf_10001 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> spf_10003 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> spf_10004 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> spf_10008 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> ...
>> spf_16416 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> spf_16417 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> spf_16418 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> spf_16419 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>> spf_16420 900 IN TXT "v=spf1 ip4:XX.XX.XXX.XX/28 ip4:XX.XX.XXX.XX ?all"
>>
>> I hope those informations can help you to help me :)
>>
>> Regards!
>>
>>
>> On Wed, Feb 29, 2012 at 4:25 PM, Michael Graff <mgraff at isc.org> wrote:
>>> more than 4k will exceed the default settings for EDNS0 UDP responses.
>>>
>>> If you dig @ your server, with +tcp, do you get a reply?  If not, perhaps you are not allowing TCP connections to port 53?
>>>
>>> What error you are getting may be of help.
>>>
>>> --Michael
>>>
>>> On Feb 29, 2012, at 1:20 PM, Darvin Denmian wrote:
>>>
>>>> Hi....
>>>>
>>>> I would like to know if there is some limitation in Bind regard:
>>>>
>>>>    - Max number of TXT entries for a specific domain
>>>> or
>>>>    - Max size of a zone file
>>>>
>>>> I'm asking this because one of the domains configured in my Bind
>>>> server have more than 4k TXT entries and its zone file have more than
>>>> 400KB.
>>>>
>>>> So ....my problem is....
>>>>
>>>> When I perform a DNS query , requesting the last TXT entries that I've
>>>> added, I receive no answer from my Bind server.
>>>>
>>>> Do you have some ideia of what is happening?
>>>>
>>>> I hope you can help me and .....understand my Brazilian English :p .
>>>> _______________________________________________
>>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>>>
>>>> bind-users mailing list
>>>> bind-users at lists.isc.org
>>>> https://lists.isc.org/mailman/listinfo/bind-users
>>>
>

More information about the bind-users mailing list