[Pdns-dev] Packet size,
Michael Luich
mluich at globalcerts.net
Thu May 17 15:20:25 CEST 2007
Thanks for the help BTW.
It is a bit unusual, But I'm trying to put a full ssl certificate into
DNS, I don't really have control of the size of the cert but here's a
nsupdate script example that puts it in place:
server 127.0.0.1 53
zone gctest01.lab.
update add smg.gctest01.lab. 604800 IN CERT 1 1 1
MIIEZjCCA8+gAwIBAgICBv4wDQYJKoZIhvcNAQEEBQAwgbgxCzAJBgNVBAYTAlVT
MREwDwYDVQQIEwhWaXJnaW5pYTEYMBYGA1UEBxMPQ2hhcmxvdHRlc3ZpbGxlMRgw
FgYDVQQKEw9DaGFpbk1haWwsIEluYy4xHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1
dGhvcml0eTEeMBwGA1UEAxMVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MSIwIAYJKoZI
hvcNAQkBFhNjYUBjaGFpbm1haWxpbmMuY29tMB4XDTA2MDgxNjIwMzM1MFoXDTA3
MDgxNjIwMzM1MFowgZIxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1OZXcgSGFtcHNo
aXJlMRAwDgYDVQQHEwdCZWRmb3JkMREwDwYDVQQKEwhnY3Rlc3QwMTEMMAoGA1UE
CxMDbGFiMRcwFQYDVQQDEw5NaXRocmlsIFNlcnZlcjEfMB0GCSqGSIb3DQEJARYQ
c21nQGdjdGVzdDAxLmxhYjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2NCv
JyAocvIjTQgDJsR/sCCjA4ZJFsUcRY8darJhcemO6Jmod8Ua3h410ITks3KRC4Pb
LHNy4WLhSI/D8hePvtaMGY/eiLkER0RiEjRFhk23IpTZRopUP8O/FB9xPAP0+h5P
Te2X3m2xWwYoaAeQP6ewXX/15sNtZDKe/XXWe10CAwEAAaOCAaEwggGdMBIGA1Ud
EwEB/wQIMAYBAf8CAQEwCwYDVR0PBAQDAgG+MDkGCWCGSAGG+EIBDQQsFipUb3Zh
cmlzLWlzc3VlZCBNaXRocmlsIFNpZ25pbmcgQ2VydGlmaWNhdGUwHQYDVR0OBBYE
FHmoDP/leYdzRwOwUdCRHczRZ8d6MIHlBgNVHSMEgd0wgdqAFOsEfIkX7PGWCBGL
0EyhsNwiJt3ioYG+pIG7MIG4MQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2lu
aWExGDAWBgNVBAcTD0NoYXJsb3R0ZXN2aWxsZTEYMBYGA1UEChMPQ2hhaW5NYWls
LCBJbmMuMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHjAcBgNVBAMT
FUNlcnRpZmljYXRlIEF1dGhvcml0eTEiMCAGCSqGSIb3DQEJARYTY2FAY2hhaW5t
YWlsaW5jLmNvbYIBADA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLnRvdmFy
aXMuY29tL2NoYWlubWFpbGluYy5jcmwwDQYJKoZIhvcNAQEEBQADgYEAdhCTzQZo
cjyhU0iF9jdX8w0enNPbYqpQJtqXEWVIQWXkw+yWT1H68m5i1SejmnokJW5yhZQK
vAF72hEhstP8aAtKnPKWJaa3y9bNs6U601uX5M8Rvu+F+zyvgOrhZyiNLWfXFj3w
1hd0QV5b/W08O14qMO5W39zfoCVJ5CUab2E=
send
tiny huh!
Mike luich
bert hubert wrote:
> On Wed, May 16, 2007 at 12:26:38PM -0400, Michael Luich wrote:
>
>> Hello everyone,
>> I'm trying to use PowerDNS to hold a x509 ssl cert. unfortunatley I
>> keep getting:
>>
>> Received an overly large question from 10.0.0.23, dropping
>>
>
> This is a bit strange - it says 'overly large *question*'. What kind of
> question are you asking?
>
>
>> I there an easy way to increase the allowed packet size? I don't think
>> just increasing the check will do any good, I'm hoping someone has an
>> idea on where to start. thanks.
>>
>
> We can easily raise this to 1500 bytes, we just didn't see the need to deal
> with *questions* this large. Are you sure your question is correct?
>
> Bert
>
>
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the originator of the message.
Any views expressed in this message are those of the individual sender.
This message has been scanned for Content, viruses and spam by GlobalCerts RiskFilter - E-mail.
www.GlobalCerts.net
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error please notify the originator of the message.
Any views expressed in this message are those of the individual sender.
This message has been scanned for Content, viruses and spam by GlobalCerts RiskFilter - E-mail.
www.GlobalCerts.net
More information about the Pdns-dev
mailing list