1; config options 2server: 3 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" 4 val-override-date: "20070916134226" 5 target-fetch-policy: "0 0 0 0 0" 6 7stub-zone: 8 name: "." 9 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 10 11CONFIG_END 12 13SCENARIO_BEGIN Test dnssec-lame detection with anchor point that is ok. 14 15; K.ROOT-SERVERS.NET. 16RANGE_BEGIN 0 100 17 ADDRESS 193.0.14.129 18ENTRY_BEGIN 19MATCH opcode qtype qname 20ADJUST copy_id 21REPLY QR NOERROR 22SECTION QUESTION 23. IN NS 24SECTION ANSWER 25. IN NS K.ROOT-SERVERS.NET. 26SECTION ADDITIONAL 27K.ROOT-SERVERS.NET. IN A 193.0.14.129 28ENTRY_END 29 30ENTRY_BEGIN 31MATCH opcode qtype qname 32ADJUST copy_id 33REPLY QR NOERROR 34SECTION QUESTION 35www.example.com. IN A 36SECTION AUTHORITY 37com. IN NS a.gtld-servers.net. 38SECTION ADDITIONAL 39a.gtld-servers.net. IN A 192.5.6.30 40ENTRY_END 41 42ENTRY_BEGIN 43MATCH opcode qtype qname 44ADJUST copy_id 45REPLY QR NOERROR 46SECTION QUESTION 47ns.example.net. IN A 48SECTION AUTHORITY 49net. IN NS e.gtld-servers.net. 50SECTION ADDITIONAL 51e.gtld-servers.net. IN A 192.12.94.30 52ENTRY_END 53 54ENTRY_BEGIN 55MATCH opcode qtype qname 56ADJUST copy_id 57REPLY QR NOERROR 58SECTION QUESTION 59ns.example.net. IN AAAA 60SECTION AUTHORITY 61net. IN NS e.gtld-servers.net. 62SECTION ADDITIONAL 63e.gtld-servers.net. IN A 192.12.94.30 64ENTRY_END 65RANGE_END 66 67; a.gtld-servers.net. 68RANGE_BEGIN 0 100 69 ADDRESS 192.5.6.30 70ENTRY_BEGIN 71MATCH opcode qtype qname 72ADJUST copy_id 73REPLY QR NOERROR 74SECTION QUESTION 75com. IN NS 76SECTION ANSWER 77com. IN NS a.gtld-servers.net. 78SECTION ADDITIONAL 79a.gtld-servers.net. IN A 192.5.6.30 80ENTRY_END 81 82ENTRY_BEGIN 83MATCH opcode qtype qname 84ADJUST copy_id 85REPLY QR NOERROR 86SECTION QUESTION 87www.example.com. IN A 88SECTION AUTHORITY 89example.com. IN NS ns.example.com. 90example.com. IN NS ns.example.net. 91SECTION ADDITIONAL 92ns.example.com. IN A 1.2.3.55 93ENTRY_END 94RANGE_END 95 96; e.gtld-servers.net. 97RANGE_BEGIN 0 100 98 ADDRESS 192.12.94.30 99ENTRY_BEGIN 100MATCH opcode qtype qname 101ADJUST copy_id 102REPLY QR NOERROR 103SECTION QUESTION 104net. IN NS 105SECTION ANSWER 106net. IN NS e.gtld-servers.net. 107SECTION ADDITIONAL 108e.gtld-servers.net. IN A 192.12.94.30 109ENTRY_END 110 111ENTRY_BEGIN 112MATCH opcode qtype qname 113ADJUST copy_id 114REPLY QR NOERROR 115SECTION QUESTION 116ns.example.net. IN A 117SECTION AUTHORITY 118example.net. IN NS ns.example.net. 119SECTION ADDITIONAL 120ns.example.net. IN A 1.2.3.44 121ENTRY_END 122 123ENTRY_BEGIN 124MATCH opcode qtype qname 125ADJUST copy_id 126REPLY QR NOERROR 127SECTION QUESTION 128ns.example.net. IN AAAA 129SECTION AUTHORITY 130example.net. IN NS ns.example.net. 131SECTION ADDITIONAL 132ns.example.net. IN A 1.2.3.44 133ENTRY_END 134RANGE_END 135 136; ns.example.net. 137RANGE_BEGIN 0 100 138 ADDRESS 1.2.3.44 139ENTRY_BEGIN 140MATCH opcode qtype qname 141ADJUST copy_id 142REPLY QR NOERROR 143SECTION QUESTION 144example.net. IN NS 145SECTION ANSWER 146example.net. IN NS ns.example.net. 147SECTION ADDITIONAL 148ns.example.net. IN A 1.2.3.44 149ENTRY_END 150 151ENTRY_BEGIN 152MATCH opcode qtype qname 153ADJUST copy_id 154REPLY QR AA NOERROR 155SECTION QUESTION 156ns.example.net. IN A 157SECTION ANSWER 158ns.example.net. IN A 1.2.3.44 159SECTION AUTHORITY 160example.net. IN NS ns.example.net. 161ENTRY_END 162 163ENTRY_BEGIN 164MATCH opcode qtype qname 165ADJUST copy_id 166REPLY QR AA NOERROR 167SECTION QUESTION 168ns.example.net. IN AAAA 169SECTION AUTHORITY 170example.net. IN NS ns.example.net. 171SECTION ADDITIONAL 172ns.example.net. IN A 1.2.3.44 173ENTRY_END 174 175ENTRY_BEGIN 176MATCH opcode qtype qname 177ADJUST copy_id 178REPLY QR NOERROR 179SECTION QUESTION 180example.com. IN NS 181SECTION ANSWER 182example.com. IN NS ns.example.com. 183example.com. IN NS ns.example.net. 184example.com. 3600 IN RRSIG NS 3 2 3600 20070926134802 20070829134802 2854 example.com. AJwwYIUGH7HgjehzPVkrVUFmFkSGGksGjUX+/zqpCOG9a/cgGC+n40I= ;{id = 2854} 185SECTION ADDITIONAL 186ns.example.com. IN A 1.2.3.55 187ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134802 20070829134802 2854 example.com. ABUu7ITHLl6vfuWzedIp03igXknUR1gYPBl8X6uIDrvraN1bjQJPXME= ;{id = 2854} 188ENTRY_END 189 190; response to DNSKEY priming query 191ENTRY_BEGIN 192MATCH opcode qtype qname 193ADJUST copy_id 194REPLY QR AA NOERROR 195SECTION QUESTION 196example.com. IN DNSKEY 197SECTION ANSWER 198example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 199example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} 200ENTRY_END 201 202ENTRY_BEGIN 203MATCH opcode qtype qname 204ADJUST copy_id 205REPLY QR AA NOERROR 206SECTION QUESTION 207www.example.com. IN A 208SECTION ANSWER 209www.example.com. IN A 10.20.30.40 210www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} 211ENTRY_END 212 213ENTRY_BEGIN 214MATCH opcode qtype qname 215ADJUST copy_id 216REPLY QR AA NOERROR 217SECTION QUESTION 218ns.example.com. IN AAAA 219SECTION ANSWER 220ENTRY_END 221RANGE_END 222 223; ns.example.com. 224RANGE_BEGIN 0 100 225 ADDRESS 1.2.3.55 226ENTRY_BEGIN 227MATCH opcode qtype qname 228ADJUST copy_id 229REPLY QR AA NOERROR 230SECTION QUESTION 231ns.example.com. IN A 232SECTION ANSWER 233ns.example.com. IN A 1.2.3.55 234ENTRY_END 235 236ENTRY_BEGIN 237MATCH opcode qtype qname 238ADJUST copy_id 239REPLY QR AA NOERROR 240SECTION QUESTION 241ns.example.com. IN AAAA 242ENTRY_END 243 244; the response is not lame at all. 245ENTRY_BEGIN 246MATCH opcode qtype qname 247ADJUST copy_id 248REPLY QR AA NOERROR 249SECTION QUESTION 250example.com. IN DNSKEY 251SECTION ANSWER 252example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 253example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} 254ENTRY_END 255 256ENTRY_BEGIN 257MATCH opcode qtype qname 258ADJUST copy_id 259REPLY QR NOERROR 260SECTION QUESTION 261example.com. IN NS 262SECTION ANSWER 263example.com. IN NS ns.example.com. 264example.com. IN NS ns.example.net. 265example.com. 3600 IN RRSIG NS 3 2 3600 20070926134802 20070829134802 2854 example.com. AJwwYIUGH7HgjehzPVkrVUFmFkSGGksGjUX+/zqpCOG9a/cgGC+n40I= ;{id = 2854} 266SECTION ADDITIONAL 267ns.example.com. IN A 1.2.3.55 268ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134802 20070829134802 2854 example.com. ABUu7ITHLl6vfuWzedIp03igXknUR1gYPBl8X6uIDrvraN1bjQJPXME= ;{id = 2854} 269ENTRY_END 270 271; response is not lame. 272ENTRY_BEGIN 273MATCH opcode qtype qname 274ADJUST copy_id 275REPLY QR AA NOERROR 276SECTION QUESTION 277www.example.com. IN A 278SECTION ANSWER 279www.example.com. IN A 10.20.30.40 280www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} 281ENTRY_END 282RANGE_END 283 284STEP 1 QUERY 285ENTRY_BEGIN 286REPLY RD DO 287SECTION QUESTION 288www.example.com. IN A 289ENTRY_END 290 291; recursion happens here. 292STEP 20 CHECK_ANSWER 293ENTRY_BEGIN 294MATCH all 295REPLY QR RD RA AD DO NOERROR 296SECTION QUESTION 297www.example.com. IN A 298SECTION ANSWER 299www.example.com. IN A 10.20.30.40 300www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} 301ENTRY_END 302 303SCENARIO_END 304