<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">

<style type="text/css" style="display:none;"><!-- P {margin-top:0;margin-bottom:0;} --></style>

</head>

<body dir="ltr">

<div id="divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Verdana,Geneva,sans-serif;" dir="ltr">

<p>Hi Bob,</p>

<p><br>

</p>

<p>Thank you for the explanation. It makes sense to me now.</p>

<p><br>

</p>

<p>Best,</p>

<p>Jim</p>

<br>

<div style="color: rgb(0, 0, 0);">

<hr tabindex="-1" style="display:inline-block; width:98%">

<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Bob Harold <rharolde@umich.edu><br>

<b>Sent:</b> Wednesday, June 28, 2017 4:38 PM<br>

<b>To:</b> Jim Yang<br>

<b>Cc:</b> bind-users@lists.isc.org<br>

<b>Subject:</b> Re: RPZ zone load failure ran out of space</font>

<div> </div>

</div>

<div>

<div dir="ltr"><br>

<div class="gmail_extra">

<div class="gmail_quote">On Wed, Jun 28, 2017 at 3:44 PM, Jim Yang <span dir="ltr">

<<a href="mailto:zy33@cornell.edu" target="_blank">zy33@cornell.edu</a>></span> wrote:<br>

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex; border-left:1px #ccc solid; padding-left:1ex">

<div bgcolor="white" lang="EN-US">

<div class="m_-5593470400172404571WordSection1">

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">Hi,<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">In the example below, when the length of

<a href="http://bad.domain.com" target="_blank">bad.domain.com</a> reaches 241 bytes, named-checkconf reports the following error:<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">“zone db.rpz.zone/IN: loading from master file db.rpz.zone failed: ran out of space<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">_default/db.rpz.zone/IN: ran out of space”<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">As per RFC1035, the DNS name maximum length is 255 bytes and each label length limit is 63 bytes.<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">I wonder what is the maximum length for

<a href="http://bad.domain.com" target="_blank">bad.domain.com</a> in the RPZ zone?<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">$ORIGIN

<a href="http://rpz.example.com" target="_blank">rpz.example.com</a>.<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">      $TTL 1H<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">      @               SOA LOCALHOST.

<a href="http://named-mgr.example.com" target="_blank">named-mgr.example.com</a> (1 1h 15m 30d 2h)<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">                      NS  LOCALHOST.<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">      ; QNAME policy records.<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">      ; Note: There are no periods (.) after the (relativised) owner names.<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><a href="http://bad.domain.com" target="_blank">bad.domain.com</a>      A       10.0.0.1      ; redirect to walled garden<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">                          AAAA    2001:2::1<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif"><u></u> <u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">Thanks,<u></u><u></u></span></p>

<p class="MsoNormal"><span style="font-size:11.0pt; font-family:"Verdana",sans-serif">Jim<u></u><u></u></span></p>

</div>

</div>

</blockquote>

<div><br>

</div>

<div>I just hit the same problem (we probably use the same block list source).<br>

</div>

<div>The actual DNS name is the combination of the ORIGIN and the entry:<br>

<a href="http://bad.domain.com.rpz.example.com">bad.domain.com.rpz.example.com</a>.<br>

which exceeds 255 characters including the trailing dot, most likely.<br>

<br>

-- <br>

</div>

<div>Bob Harold<br>

<br>

</div>

</div>

<br>

</div>

</div>

</div>

</div>

</div>

</body>

</html>