1; config options 2; The island of trust is at example.com 3server: 4 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" 5 val-override-date: "20070916134226" 6 target-fetch-policy: "3 2 1 0 0" # make sure it fetches for test 7 qname-minimisation: "no" 8 fake-sha1: yes 9 trust-anchor-signaling: no 10 minimal-responses: no 11 12stub-zone: 13 name: "." 14 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 15CONFIG_END 16 17SCENARIO_BEGIN Test iterator with root prime answer without glue. 18 19; K.ROOT-SERVERS.NET. 20RANGE_BEGIN 0 100 21 ADDRESS 193.0.14.129 22ENTRY_BEGIN 23MATCH opcode qtype qname 24ADJUST copy_id 25REPLY QR NOERROR 26SECTION QUESTION 27. IN NS 28SECTION ANSWER 29. IN NS K.ROOT-SERVERS.NET. 30SECTION ADDITIONAL 31; glue omitted! 32;K.ROOT-SERVERS.NET. IN A 193.0.14.129 33ENTRY_END 34 35ENTRY_BEGIN 36MATCH opcode subdomain 37ADJUST copy_id copy_query 38REPLY QR NOERROR 39SECTION QUESTION 40net. IN A 41SECTION AUTHORITY 42net. IN NS a.gtld-servers.net. 43SECTION ADDITIONAL 44a.gtld-servers.net. IN A 192.5.6.30 45ENTRY_END 46 47ENTRY_BEGIN 48MATCH opcode qtype qname 49ADJUST copy_id 50REPLY QR NOERROR 51SECTION QUESTION 52www.example.com. IN A 53SECTION AUTHORITY 54com. IN NS a.gtld-servers.net. 55 56; sneak in some data into the cache to simulate partial data after timeouts 57; scrubbed away... 58example.net. NS ns.example.net. 59 60SECTION ADDITIONAL 61a.gtld-servers.net. IN A 192.5.6.30 62ENTRY_END 63 64ENTRY_BEGIN 65MATCH opcode qname 66ADJUST copy_id copy_query 67REPLY QR NOERROR 68SECTION QUESTION 69ns.example.net. IN A 70SECTION AUTHORITY 71net. IN NS a.gtld-servers.net. 72SECTION ADDITIONAL 73a.gtld-servers.net. IN A 192.5.6.30 74ENTRY_END 75RANGE_END 76 77; a.gtld-servers.net. 78RANGE_BEGIN 0 100 79 ADDRESS 192.5.6.30 80; com zone 81ENTRY_BEGIN 82MATCH opcode qname 83ADJUST copy_id copy_query 84REPLY QR NOERROR 85SECTION QUESTION 86com. IN NS 87SECTION ANSWER 88com. IN NS a.gtld-servers.net. 89SECTION ADDITIONAL 90a.gtld-servers.net. IN A 192.5.6.30 91ENTRY_END 92 93ENTRY_BEGIN 94MATCH opcode subdomain 95ADJUST copy_id copy_query 96REPLY QR NOERROR 97SECTION QUESTION 98example.com. IN A 99SECTION AUTHORITY 100example.com. IN NS ns.example.net. 101SECTION ADDITIONAL 102ENTRY_END 103 104; net zone 105ENTRY_BEGIN 106MATCH opcode qname 107ADJUST copy_id copy_query 108REPLY QR NOERROR 109SECTION QUESTION 110net. IN NS 111SECTION ANSWER 112net. IN NS a.gtld-servers.net. 113SECTION ADDITIONAL 114a.gtld-servers.net. IN A 192.5.6.30 115ENTRY_END 116 117ENTRY_BEGIN 118MATCH opcode qname 119ADJUST copy_id copy_query 120REPLY QR NOERROR 121SECTION QUESTION 122a.gtld-servers.net. IN AAAA 123SECTION ANSWER 124SECTION AUTHORITY 125net. IN SOA ns.example.com. root.example.com. 4 14400 3600 604800 3600 126ENTRY_END 127 128ENTRY_BEGIN 129MATCH opcode subdomain 130ADJUST copy_id copy_query 131REPLY QR NOERROR 132SECTION QUESTION 133ROOT-SERVERS.NET. IN A 134SECTION AUTHORITY 135ROOT-SERVERS.NET. IN NS A.ROOT-SERVERS.NET. 136SECTION ADDITIONAL 137A.ROOT-SERVERS.NET. IN A 198.41.0.4 138ENTRY_END 139 140ENTRY_BEGIN 141MATCH opcode qname 142ADJUST copy_id copy_query 143REPLY QR NOERROR 144SECTION QUESTION 145ns.example.net. IN A 146SECTION AUTHORITY 147example.net. NS ns.example.net. 148SECTION ADDITIONAL 149ns.example.net. IN A 1.2.3.4 150ENTRY_END 151RANGE_END 152 153; A.ROOT-SERVERS.NET. 154RANGE_BEGIN 0 100 155 ADDRESS 198.41.0.4 156ENTRY_BEGIN 157MATCH opcode qname qtype 158ADJUST copy_id copy_query 159REPLY QR NOERROR 160SECTION QUESTION 161ROOT-SERVERS.NET. IN NS 162SECTION ANSWER 163ROOT-SERVERS.NET. IN NS A.ROOT-SERVERS.NET. 164SECTION ADDITIONAL 165A.ROOT-SERVERS.NET. IN A 198.41.0.4 166ENTRY_END 167 168ENTRY_BEGIN 169MATCH opcode qname qtype 170ADJUST copy_id copy_query 171REPLY QR NOERROR 172SECTION QUESTION 173A.ROOT-SERVERS.NET. IN A 174SECTION ANSWER 175A.ROOT-SERVERS.NET. IN A 198.41.0.4 176SECTION AUTHORITY 177ROOT-SERVERS.NET. IN NS A.ROOT-SERVERS.NET. 178ENTRY_END 179 180ENTRY_BEGIN 181MATCH opcode qname qtype 182ADJUST copy_id copy_query 183REPLY QR NOERROR 184SECTION QUESTION 185A.ROOT-SERVERS.NET. IN AAAA 186SECTION ANSWER 187SECTION AUTHORITY 188ROOT-SERVERS.NET. IN NS A.ROOT-SERVERS.NET. 189ENTRY_END 190 191ENTRY_BEGIN 192MATCH opcode qtype qname 193ADJUST copy_id 194REPLY QR NOERROR 195SECTION QUESTION 196K.ROOT-SERVERS.NET. IN A 197SECTION ANSWER 198K.ROOT-SERVERS.NET. IN A 193.0.14.129 199ENTRY_END 200 201ENTRY_BEGIN 202MATCH opcode qtype qname 203ADJUST copy_id 204REPLY QR NOERROR 205SECTION QUESTION 206K.ROOT-SERVERS.NET. IN AAAA 207SECTION ANSWER 208; no ip6 address: we want to use only one address for K. to avoid having 209; to duplicate the entries in this file for both addresses. 210SECTION AUTHORITY 211root-servers.net. IN SOA ns.example.com. root.example.com. 4 14400 3600 604800 3600 212ENTRY_END 213RANGE_END 214 215; ns.example.net. 216RANGE_BEGIN 0 100 217 ADDRESS 1.2.3.4 218; example.net. zone 219ENTRY_BEGIN 220MATCH opcode qname 221ADJUST copy_id copy_query 222REPLY QR NOERROR 223SECTION QUESTION 224example.net. IN NS 225SECTION ANSWER 226example.net. NS ns.example.net. 227SECTION ADDITIONAL 228ns.example.net. IN A 1.2.3.4 229ENTRY_END 230 231ENTRY_BEGIN 232MATCH opcode qtype qname 233ADJUST copy_id 234REPLY QR AA NOERROR 235SECTION QUESTION 236ns.example.net. IN A 237SECTION ANSWER 238ns.example.net. IN A 1.2.3.4 239ENTRY_END 240 241ENTRY_BEGIN 242MATCH opcode qtype qname 243ADJUST copy_id 244REPLY QR AA NOERROR 245SECTION QUESTION 246ns.example.net. IN AAAA 247SECTION ANSWER 248SECTION AUTHORITY 249example.net. IN SOA ns.example.com. root.example.com. 4 14400 3600 604800 3600 250ENTRY_END 251 252; example.com. zone 253ENTRY_BEGIN 254MATCH opcode qtype qname 255ADJUST copy_id 256REPLY QR NOERROR 257SECTION QUESTION 258example.com. IN NS 259SECTION ANSWER 260example.com. IN NS ns.example.com. 261example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 262SECTION ADDITIONAL 263ns.example.com. IN A 1.2.3.4 264ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 265ENTRY_END 266 267ENTRY_BEGIN 268MATCH opcode qname qtype 269ADJUST copy_id copy_query 270REPLY QR NOERROR 271SECTION QUESTION 272ns.example.com. IN AAAA 273SECTION ANSWER 274SECTION AUTHORITY 275example.com. IN SOA ns.example.com. root.example.com. 4 14400 3600 604800 3600 276ENTRY_END 277 278 279; response to DNSKEY priming query 280ENTRY_BEGIN 281MATCH opcode qtype qname 282ADJUST copy_id 283REPLY QR NOERROR 284SECTION QUESTION 285example.com. IN DNSKEY 286SECTION ANSWER 287example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 288example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} 289SECTION AUTHORITY 290example.com. IN NS ns.example.com. 291example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 292SECTION ADDITIONAL 293ns.example.com. IN A 1.2.3.4 294ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 295ENTRY_END 296 297; response to query of interest 298ENTRY_BEGIN 299MATCH opcode qtype qname 300ADJUST copy_id 301REPLY QR NOERROR 302SECTION QUESTION 303www.example.com. IN A 304SECTION ANSWER 305www.example.com. IN A 10.20.30.40 306ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} 307SECTION AUTHORITY 308example.com. IN NS ns.example.com. 309example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 310SECTION ADDITIONAL 311ns.example.com. IN A 1.2.3.4 312www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} 313ENTRY_END 314RANGE_END 315 316STEP 1 QUERY 317ENTRY_BEGIN 318REPLY RD DO 319SECTION QUESTION 320www.example.com. IN A 321ENTRY_END 322 323; recursion happens here. 324STEP 10 CHECK_ANSWER 325ENTRY_BEGIN 326MATCH all 327REPLY QR RD RA AD DO NOERROR 328SECTION QUESTION 329www.example.com. IN A 330SECTION ANSWER 331www.example.com. IN A 10.20.30.40 332www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} 333SECTION AUTHORITY 334example.com. IN NS ns.example.com. 335example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 336SECTION ADDITIONAL 337ns.example.com. IN A 1.2.3.4 338ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} 339ENTRY_END 340 341; make sure glue fetch is done. 342STEP 11 QUERY 343ENTRY_BEGIN 344REPLY RD 345SECTION QUESTION 346ns.example.net. IN AAAA 347ENTRY_END 348 349STEP 12 CHECK_ANSWER 350ENTRY_BEGIN 351MATCH all 352REPLY QR RD RA NOERROR 353SECTION QUESTION 354ns.example.net. IN AAAA 355SECTION ANSWER 356SECTION AUTHORITY 357example.net. IN SOA ns.example.com. root.example.com. 4 14400 3600 604800 3600 358SECTION ADDITIONAL 359ENTRY_END 360 361STEP 13 QUERY 362ENTRY_BEGIN 363REPLY RD 364SECTION QUESTION 365K.ROOT-SERVERS.NET. IN AAAA 366ENTRY_END 367 368STEP 14 CHECK_ANSWER 369ENTRY_BEGIN 370MATCH all 371REPLY QR RD RA NOERROR 372SECTION QUESTION 373K.ROOT-SERVERS.NET. IN AAAA 374SECTION ANSWER 375SECTION AUTHORITY 376root-servers.net. IN SOA ns.example.com. root.example.com. 4 14400 3600 604800 3600 377SECTION ADDITIONAL 378ENTRY_END 379 380SCENARIO_END 381