Re: RPZ zone load failure ran out of space

2017-06-28 Thread Jim Yang
Hi Bob, Thank you for the explanation. It makes sense to me now. Best, Jim From: Bob Harold Sent: Wednesday, June 28, 2017 4:38 PM To: Jim Yang Cc: bind-users@lists.isc.org Subject: Re: RPZ zone load failure ran out of space On Wed, Jun

Re: RPZ zone load failure ran out of space

2017-06-28 Thread Bob Harold
On Wed, Jun 28, 2017 at 3:44 PM, Jim Yang wrote: > Hi, > > > > In the example below, when the length of bad.domain.com reaches 241 > bytes, named-checkconf reports the following error: > > > > “zone db.rpz.zone/IN: loading from master file db.rpz.zone failed: ran out > of space

RPZ zone load failure ran out of space

2017-06-28 Thread Jim Yang
Hi, In the example below, when the length of bad.domain.com reaches 241 bytes, named-checkconf reports the following error: “zone db.rpz.zone/IN: loading from master file db.rpz.zone failed: ran out of space _default/db.rpz.zone/IN: ran out of space” As per RFC1035, the DNS name maximum

Re: [E] Re: strange problem with query being dropped/ignored by the BIND process

2017-06-28 Thread Marc Richter
Hi Ben, thanks for the answer. Yeah, I think you are right. I see a lot of udpInOverflows on the system, which suggest that the receive buffer is too small indeed. Is there any kind of recommendation or best-practice advice what the buffers should ideally be set to on Solaris ? I did search the

Re: strange problem with query being dropped/ignored by the BIND process

2017-06-28 Thread Ben Croswell
Have you checked deeper at the OS level? I have seen on Linux DNS servers silent drops of queries on very busy servers that were exhausting UDP receive buffers. On Jun 28, 2017 10:26 AM, "Marc Richter" wrote: Hi, we have a setup here consisting of a recursive DNS

strange problem with query being dropped/ignored by the BIND process

2017-06-28 Thread Marc Richter
Hi, we have a setup here consisting of a recursive DNS server and two monitoring servers. The monitoring servers sent a test query to the DNS server once every two minutes to check if it is answering properly. We now have the problems that these test queries are timing out from time to time,

Re: Problem w/ Forwarding Zone in Caching-Only Config

2017-06-28 Thread Mark Andrews
In message , Tony Finch writes: > Mark Andrews wrote: > > > > See https://tools.ietf.org/html/rfc6763 for details of how it is > > designed to work. Section 11 shows how to go from IP address and > > netmask to the forward

Re: Problem w/ Forwarding Zone in Caching-Only Config

2017-06-28 Thread Tony Finch
Mark Andrews wrote: > > See https://tools.ietf.org/html/rfc6763 for details of how it is > designed to work. Section 11 shows how to go from IP address and > netmask to the forward domain where the _dns-sd._udp subdomains > reside. > > lb._dns-sd._udp.0.43.168.136.in-addr.arpa PTR