RPZ zone load failure ran out of space
zy33 at cornell.edu
Wed Jun 28 22:28:58 UTC 2017
Thank you for the explanation. It makes sense to me now.
From: Bob Harold <rharolde at umich.edu>
Sent: Wednesday, June 28, 2017 4:38 PM
To: Jim Yang
Cc: bind-users at lists.isc.org
Subject: Re: RPZ zone load failure ran out of space
On Wed, Jun 28, 2017 at 3:44 PM, Jim Yang <zy33 at cornell.edu<mailto:zy33 at cornell.edu>> wrote:
In the example below, when the length of bad.domain.com<http://bad.domain.com> reaches 241 bytes, named-checkconf reports the following error:
“zone db.rpz.zone/IN: loading from master file db.rpz.zone failed: ran out of space
_default/db.rpz.zone/IN: ran out of space”
As per RFC1035, the DNS name maximum length is 255 bytes and each label length limit is 63 bytes.
I wonder what is the maximum length for bad.domain.com<http://bad.domain.com> in the RPZ zone?
@ SOA LOCALHOST. named-mgr.example.com<http://named-mgr.example.com> (1 1h 15m 30d 2h)
; QNAME policy records.
; Note: There are no periods (.) after the (relativised) owner names.
bad.domain.com<http://bad.domain.com> A 10.0.0.1 ; redirect to walled garden
I just hit the same problem (we probably use the same block list source).
The actual DNS name is the combination of the ORIGIN and the entry:
which exceeds 255 characters including the trailing dot, most likely.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users