Re: how to split TXT record for IpSEC?
On Wed, 9 Nov 2011, Matus UHLAR - fantomas wrote: sofia.dashofer.sk. 3600IN TXT "X-IPsec-Server(10)=@sofia.dashofer.sk" " AQNqdEjqL33Pf4MFgJYs5v4xRhEPTWouM3Ny1HfcecM+TdX+gpZ2gzIpsmB8UWsUobuJnTSJ wt2rEw3PcFpuBN3l8F8dAuSWl5lhiojjdenmHf2A6EaqyNTzGJgro9qAMS91DjW4i3HrOAgk" " Z1sfvkN8SrnSpbXqpN6JL19tjNTffnd0vhkWWAH7enHcQf0A4hNvIwhQHKFJ0Xd4weHLrD54 DMr6X5n0/6dt7xnPiPqShTr8zlNvrvXP6ZcL+k" "uNade/3+uxwKMtA6UwUdhrW86i5vYC1xL+tj0svQwi6gD5gISFVHVUOU3Q91FLpc8vUDum/ O1ckgsMI/K0CmvGVVxbf5zqSqX6FCv9AV30XdliPxQDx9iUtNY2wM7tug5ci/Dmy066XopR/" " vlrslCABREFiIOAzFMkOvQ0ZUkOGyWN5ERJ161k9msDnFUlldWuK17g2mzp24/nVx+hOXfzg qhhpeSQV8RK0zZkOe3pVd+a0uuDeYaMtSIRTOT5D" "xTvWInVjR8LXtpPiGqj5qO+hQhysgk=" Can you recomment can I split it to multiple records so they all fit? what I mean, can I simply split them into multiple TXT records? Should they be split at string boundary (between quotes)? If I split between quotes, do I need to spaces a the begin/end or can I simply change them to newlines? sofia.dashofer.sk. IN TXT "X-IPsec-Server(10)=@sofia.dashofer.sk" " AQNqdEjqL33Pf4MFgJYs5v4xRhEPTWouM3Ny1HfcecM+TdX+gpZ2gzIpsmB8UWsUobuJnTSJ wt2rEw3PcFpuBN3l8F8dAuSWl5lhiojjdenmHf2A6EaqyNTzGJgro9qAMS91DjW4i3HrOAgk" ... or even sofia.dashofer.sk. IN TXT "X-IPsec-Server(10)=@sofia.dashofer.sk" sofia.dashofer.sk. IN TXT " AQNqdEjqL33Pf4MFgJYs5v4xRhEPTWouM3Ny1HfcecM+TdX+gpZ2gzIpsmB8UWsUobuJnTSJ wt2rEw3PcFpuBN3l8F8dAuSWl5lhiojjdenmHf2A6EaqyNTzGJgro9qAMS91DjW4i3HrOAgk" ... No you cannot split them in separate TXT records, as you have no idea about the order. Imagine if you have three parts, two of those would be just random characters. You should really use IPSECKEY instead of TXT records: See http://tools.ietf.org/html/rfc4025 The IPSECKEY RR imposes no length limit on RSA public keys, other than the 65535 octet limit imposed by the two-octet length encoding. That said, openswan has not yet been brought up to spec for IPSECKEY, so for that you will have to use TXT. Paul ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: how to split TXT record for IpSEC?
On 09/11/11 13:59, Matus UHLAR - fantomas wrote: On 09.11.11 14:35, Matus UHLAR - fantomas wrote: I have a domain with TXT record that does not fit into 255 characters, some king of ipsec record: sofia.dashofer.sk. 3600 IN TXT "X-IPsec-Server(10)=@sofia.dashofer.sk" " AQNqdEjqL33Pf4MFgJYs5v4xRhEPTWouM3Ny1HfcecM+TdX+gpZ2gzIpsmB8UWsUobuJnTSJ wt2rEw3PcFpuBN3l8F8dAuSWl5lhiojjdenmHf2A6EaqyNTzGJgro9qAMS91DjW4i3HrOAgk" " Z1sfvkN8SrnSpbXqpN6JL19tjNTffnd0vhkWWAH7enHcQf0A4hNvIwhQHKFJ0Xd4weHLrD54 DMr6X5n0/6dt7xnPiPqShTr8zlNvrvXP6ZcL+k" "uNade/3+uxwKMtA6UwUdhrW86i5vYC1xL+tj0svQwi6gD5gISFVHVUOU3Q91FLpc8vUDum/ O1ckgsMI/K0CmvGVVxbf5zqSqX6FCv9AV30XdliPxQDx9iUtNY2wM7tug5ci/Dmy066XopR/" " vlrslCABREFiIOAzFMkOvQ0ZUkOGyWN5ERJ161k9msDnFUlldWuK17g2mzp24/nVx+hOXfzg qhhpeSQV8RK0zZkOe3pVd+a0uuDeYaMtSIRTOT5D" "xTvWInVjR8LXtpPiGqj5qO+hQhysgk=" Can you recomment can I split it to multiple records so they all fit? what I mean, can I simply split them into multiple TXT records? No. You split the RDATA into multiple 255-char chunks: aa.bb.cc. IN TXT "<255 chars>" "<255 chars>" "" Splitting them into separate TXT records just gives you separate, malformed, TXT records. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: how to split TXT record for IpSEC?
On 09.11.11 14:35, Matus UHLAR - fantomas wrote: I have a domain with TXT record that does not fit into 255 characters, some king of ipsec record: sofia.dashofer.sk. 3600IN TXT "X-IPsec-Server(10)=@sofia.dashofer.sk" " AQNqdEjqL33Pf4MFgJYs5v4xRhEPTWouM3Ny1HfcecM+TdX+gpZ2gzIpsmB8UWsUobuJnTSJ wt2rEw3PcFpuBN3l8F8dAuSWl5lhiojjdenmHf2A6EaqyNTzGJgro9qAMS91DjW4i3HrOAgk" " Z1sfvkN8SrnSpbXqpN6JL19tjNTffnd0vhkWWAH7enHcQf0A4hNvIwhQHKFJ0Xd4weHLrD54 DMr6X5n0/6dt7xnPiPqShTr8zlNvrvXP6ZcL+k" "uNade/3+uxwKMtA6UwUdhrW86i5vYC1xL+tj0svQwi6gD5gISFVHVUOU3Q91FLpc8vUDum/ O1ckgsMI/K0CmvGVVxbf5zqSqX6FCv9AV30XdliPxQDx9iUtNY2wM7tug5ci/Dmy066XopR/" " vlrslCABREFiIOAzFMkOvQ0ZUkOGyWN5ERJ161k9msDnFUlldWuK17g2mzp24/nVx+hOXfzg qhhpeSQV8RK0zZkOe3pVd+a0uuDeYaMtSIRTOT5D" "xTvWInVjR8LXtpPiGqj5qO+hQhysgk=" Can you recomment can I split it to multiple records so they all fit? what I mean, can I simply split them into multiple TXT records? Should they be split at string boundary (between quotes)? If I split between quotes, do I need to spaces a the begin/end or can I simply change them to newlines? sofia.dashofer.sk. IN TXT "X-IPsec-Server(10)=@sofia.dashofer.sk" " AQNqdEjqL33Pf4MFgJYs5v4xRhEPTWouM3Ny1HfcecM+TdX+gpZ2gzIpsmB8UWsUobuJnTSJ wt2rEw3PcFpuBN3l8F8dAuSWl5lhiojjdenmHf2A6EaqyNTzGJgro9qAMS91DjW4i3HrOAgk" ... or even sofia.dashofer.sk. IN TXT "X-IPsec-Server(10)=@sofia.dashofer.sk" sofia.dashofer.sk. IN TXT " AQNqdEjqL33Pf4MFgJYs5v4xRhEPTWouM3Ny1HfcecM+TdX+gpZ2gzIpsmB8UWsUobuJnTSJ wt2rEw3PcFpuBN3l8F8dAuSWl5lhiojjdenmHf2A6EaqyNTzGJgro9qAMS91DjW4i3HrOAgk" ... Thank you. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. He who laughs last thinks slowest. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
