bind-users April 2010 archive
Main Archive Page > Month Archives  > bind-users archives
bind-users: Re: Cannot resolve outside my TLD - all others give

Re: Cannot resolve outside my TLD - all others give SERVFAIL

From: Barry Margolin <barmar_at_nospam>
Date: Fri Apr 30 2010 - 00:25:16 GMT
To: comp-protocols-dns-bind@isc.org

In article <mailman.1309.1272524106.21153.bind-users@lists.isc.org>,
 Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote:

> On 28.04.10 16:55, Chris C wrote:
> > This instance is used as a caching resolver with blacklists. The
> > blacklists are fed what is basically a null.zone file.
>
> how do you implement blacklists? show me example of one blacklisted zone
> configuration - not the zone file but the part of named.conf.
>
> > IE.
> ^^^
> What's this? does it appear in each blacklisted zone file?

"i.e." is the abbreviation of the Latin phrase that means "in other
words". I think he actually meant "e.g.", which means "for example";
this is a common mistake (I also frequently see people use "AKA" for
this purpose).

So I doubt it appears in any file, it was just introducing his example.

>
> > $TTL 86400 ; one day
> >
> > @ IN SOA dnsbl0.xxx.xxx. hostmaster.xxx.xxx. (
> [...]
> > * IN A 127.0.0.3
> >
> >
> > There are approx. 172K zones for the blacklist.
> >
> > Recently the system would give out SERVFAIL for all queries outside my
> > TLD. Anything inside my TLD works fine.
>
> aren't you running out of memory?
>
> > If I drop the blacklists (say to 50K), it works fine. I am trying to
> > find that magic number in which the failures start to occur, but the
> > daemon takes about 15-20 minutes for a restart. I will post that once
> > obtained.
>
> might be a memory problem.

-- Barry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users