samba dns - blob length too large

[Bob Miller]

Hello,

I have recently deployed a samba AD DC with qmail-ldap hooked into it.
I have set the DNS up so that the AD DC is forwarding recursive lookups
to a bind server elsewhere on the network.  I have discovered that there
is one domain that all users are having a problem sending mail too.
qmail is not able to make the DNS lookup for the domain name, and as
such wont' deliver the mail.  

Chasing this down, I am able to use dig to get a successful lookup of
the remote domain name, but when qmail does the lookup, it generates the
following lines in the samba log for each lookup it does:
 
Not authoritative for 'remotedomain.yk.ca', forwarding
2013-01-31 09:37:11.168990500 ndr_push_error(6): Invalid...Unexpected
blob length is too large
2013-01-31 09:37:11.169000500 Failed to push packet: Length Error!

Dumping traffic on the bind bind server, I can see that qmail's DNS
request is made and filled, and the result is sent back to the DC.  When
I do a dump of a dig command, the max packets size sent from the bind
server to the DC is 148, but when qmail does the lookup the max packet
size is 349.  I am under the impression that a DNS packet should be ok
up to 512 or maybe a bit below depending on packet headers.  Indeed I
see packets as large 424 being sent back to the DC that do not seem to
be generating this error.

This is the only domain that has presented any problem so far, I have
had no other complaints from users that are attributable to DNS issues.
I also see nothing unusual about the lookup when I use dig, everything
looks in order.  And I don't find any other reports of this particular
error....

Have I somehow screwed something up to make this happen?



-- 
Computerisms
Bob Miller      
867-334-7117 / 867-633-3760
http://computerisms.ca