RPZ zone load failure ran out of space
Bob Harold
rharolde at umich.edu
Wed Jun 28 20:38:03 UTC 2017
On Wed, Jun 28, 2017 at 3:44 PM, Jim Yang <zy33 at cornell.edu> wrote:
> Hi,
>
>
>
> In the example below, when the length of bad.domain.com reaches 241
> bytes, named-checkconf reports the following error:
>
>
>
> “zone db.rpz.zone/IN: loading from master file db.rpz.zone failed: ran out
> of space
>
> _default/db.rpz.zone/IN: ran out of space”
>
>
>
> As per RFC1035, the DNS name maximum length is 255 bytes and each label
> length limit is 63 bytes.
>
>
>
> I wonder what is the maximum length for bad.domain.com in the RPZ zone?
>
>
>
> $ORIGIN rpz.example.com.
>
> $TTL 1H
>
> @ SOA LOCALHOST. named-mgr.example.com (1 1h 15m 30d
> 2h)
>
> NS LOCALHOST.
>
>
>
> ; QNAME policy records.
>
> ; Note: There are no periods (.) after the (relativised) owner names.
>
>
>
> bad.domain.com A 10.0.0.1 ; redirect to walled garden
>
> AAAA 2001:2::1
>
>
>
> Thanks,
>
> Jim
>
I just hit the same problem (we probably use the same block list source).
The actual DNS name is the combination of the ORIGIN and the entry:
bad.domain.com.rpz.example.com.
which exceeds 255 characters including the trailing dot, most likely.
--
Bob Harold
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170628/aef90047/attachment.html>
More information about the bind-users
mailing list