1; config options 2; The island of trust is at example.com 3server: 4 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" 5 val-override-date: "20070916134226" 6 target-fetch-policy: "3 2 1 0 0" # make sure it fetches for test 7 qname-minimisation: "no" 8 fake-sha1: yes 9 trust-anchor-signaling: no 10 minimal-responses: no 11 12stub-zone: 13 name: "." 14 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 15CONFIG_END 16 17SCENARIO_BEGIN Test iterator with root prime answer without glue. 18 19; K.ROOT-SERVERS.NET. 20RANGE_BEGIN 0 100 21 ADDRESS 193.0.14.129 22ENTRY_BEGIN 23MATCH opcode qtype qname 24ADJUST copy_id 25REPLY QR NOERROR 26SECTION QUESTION 27. IN NS 28SECTION ANSWER 29. IN NS K.ROOT-SERVERS.NET. 30SECTION ADDITIONAL 31; glue ommitted! 32;K.ROOT-SERVERS.NET. IN A 193.0.14.129 33ENTRY_END 34 35ENTRY_BEGIN 36MATCH opcode subdomain 37ADJUST copy_id copy_query 38REPLY QR NOERROR 39SECTION QUESTION 40net. IN A 41SECTION AUTHORITY 42net. IN NS a.gtld-servers.net. 43SECTION ADDITIONAL 44a.gtld-servers.net. IN A 192.5.6.30 45ENTRY_END 46 47ENTRY_BEGIN 48MATCH opcode qtype qname 49ADJUST copy_id 50REPLY QR NOERROR 51SECTION QUESTION 52www.example.com. IN A 53SECTION AUTHORITY 54com. IN NS a.gtld-servers.net. 55 56; sneak in some data into the cache to simulate partial data after timeouts 57; scrubbed away... 58example.net. NS ns.example.net. 59 60SECTION ADDITIONAL 61a.gtld-servers.net. IN A 192.5.6.30 62ENTRY_END 63 64ENTRY_BEGIN 65MATCH opcode qname 66ADJUST copy_id copy_query 67REPLY QR NOERROR 68SECTION QUESTION 69ns.example.net. IN A 70SECTION AUTHORITY 71net. IN NS a.gtld-servers.net. 72SECTION ADDITIONAL 73a.gtld-servers.net. IN A 192.5.6.30 74ENTRY_END 75RANGE_END 76 77; a.gtld-servers.net. 78RANGE_BEGIN 0 100 79 ADDRESS 192.5.6.30 80; com zone 81ENTRY_BEGIN 82MATCH opcode qname 83ADJUST copy_id copy_query 84REPLY QR NOERROR 85SECTION QUESTION 86com. IN NS 87SECTION ANSWER 88com. IN NS a.gtld-servers.net. 89SECTION ADDITIONAL 90a.gtld-servers.net. IN A 192.5.6.30 91ENTRY_END 92 93ENTRY_BEGIN 94MATCH opcode subdomain 95ADJUST copy_id copy_query 96REPLY QR NOERROR 97SECTION QUESTION 98example.com. IN A 99SECTION AUTHORITY 100example.com. IN NS ns.example.net. 101SECTION ADDITIONAL 102ENTRY_END 103 104; net zone 105ENTRY_BEGIN 106MATCH opcode qname 107ADJUST copy_id copy_query 108REPLY QR NOERROR 109SECTION QUESTION 110net. IN NS 111SECTION ANSWER 112net. IN NS a.gtld-servers.net. 113SECTION ADDITIONAL 114a.gtld-servers.net. IN A 192.5.6.30 115ENTRY_END 116 117ENTRY_BEGIN 118MATCH opcode qtype qname 119ADJUST copy_id copy_query 120REPLY QR NOERROR 121SECTION QUESTION 122A.ROOT-SERVERS.NET. IN AAAA 123SECTION ANSWER 124ENTRY_END 125 126ENTRY_BEGIN 127MATCH opcode qname 128ADJUST copy_id copy_query 129REPLY QR NOERROR 130SECTION QUESTION 131a.gtld-servers.net. IN AAAA 132SECTION ANSWER 133ENTRY_END 134 135ENTRY_BEGIN 136MATCH opcode qname 137ADJUST copy_id copy_query 138REPLY QR NOERROR 139SECTION QUESTION 140K.ROOT-SERVERS.NET. IN A 141SECTION AUTHORITY 142ROOT-SERVERS.NET. IN NS A.ROOT-SERVERS.NET. 143SECTION ADDITIONAL 144A.ROOT-SERVERS.NET. IN A 198.41.0.4 145ENTRY_END 146 147ENTRY_BEGIN 148MATCH opcode qname 149ADJUST copy_id copy_query 150REPLY QR NOERROR 151SECTION QUESTION 152K.ROOT-SERVERS.NET. IN AAAA 153SECTION ANSWER 154ENTRY_END 155 156ENTRY_BEGIN 157MATCH opcode qname 158ADJUST copy_id copy_query 159REPLY QR NOERROR 160SECTION QUESTION 161ns.example.net. IN A 162SECTION AUTHORITY 163example.net. NS ns.example.net. 164SECTION ADDITIONAL 165ns.example.net. IN A 1.2.3.4 166ENTRY_END 167RANGE_END 168 169; A.ROOT-SERVERS.NET. 170RANGE_BEGIN 0 100 171 ADDRESS 198.41.0.4 172ENTRY_BEGIN 173MATCH opcode qname qtype 174ADJUST copy_id copy_query 175REPLY QR NOERROR 176SECTION QUESTION 177ROOT-SERVERS.NET. IN NS 178SECTION ANSWER 179ROOT-SERVERS.NET. IN NS A.ROOT-SERVERS.NET. 180SECTION ADDITIONAL 181A.ROOT-SERVERS.NET. IN A 198.41.0.4 182ENTRY_END 183 184ENTRY_BEGIN 185MATCH opcode qname qtype 186ADJUST copy_id copy_query 187REPLY QR NOERROR 188SECTION QUESTION 189A.ROOT-SERVERS.NET. IN A 190SECTION ANSWER 191A.ROOT-SERVERS.NET. IN A 198.41.0.4 192SECTION AUTHORITY 193ROOT-SERVERS.NET. IN NS A.ROOT-SERVERS.NET. 194ENTRY_END 195 196ENTRY_BEGIN 197MATCH opcode qname qtype 198ADJUST copy_id copy_query 199REPLY QR NOERROR 200SECTION QUESTION 201A.ROOT-SERVERS.NET. IN AAAA 202SECTION ANSWER 203SECTION AUTHORITY 204ROOT-SERVERS.NET. IN NS A.ROOT-SERVERS.NET. 205ENTRY_END 206 207ENTRY_BEGIN 208MATCH opcode qtype qname 209ADJUST copy_id 210REPLY QR NOERROR 211SECTION QUESTION 212K.ROOT-SERVERS.NET. IN A 213SECTION ANSWER 214K.ROOT-SERVERS.NET. IN A 193.0.14.129 215ENTRY_END 216ENTRY_BEGIN 217MATCH opcode qtype qname 218ADJUST copy_id 219REPLY QR NOERROR 220SECTION QUESTION 221K.ROOT-SERVERS.NET. IN AAAA 222SECTION ANSWER 223; no ip6 address: we want to use only one address for K. to avoid having 224; to duplicate the entries in this file for both addresses. 225ENTRY_END 226RANGE_END 227 228; ns.example.net. 229RANGE_BEGIN 0 100 230 ADDRESS 1.2.3.4 231; example.net. zone 232ENTRY_BEGIN 233MATCH opcode qname 234ADJUST copy_id copy_query 235REPLY QR NOERROR 236SECTION QUESTION 237example.net. IN NS 238SECTION ANSWER 239example.net. NS ns.example.net. 240SECTION ADDITIONAL 241ns.example.net. IN A 1.2.3.4 242ENTRY_END 243 244ENTRY_BEGIN 245MATCH opcode qtype qname 246ADJUST copy_id 247REPLY QR AA NOERROR 248SECTION QUESTION 249ns.example.net. IN A 250SECTION ANSWER 251ns.example.net. IN A 1.2.3.4 252ENTRY_END 253 254ENTRY_BEGIN 255MATCH opcode qtype qname 256ADJUST copy_id 257REPLY QR AA NOERROR 258SECTION QUESTION 259ns.example.net. IN AAAA 260SECTION ANSWER 261ENTRY_END 262 263; example.com. zone 264ENTRY_BEGIN 265MATCH opcode qtype qname 266ADJUST copy_id 267REPLY QR NOERROR 268SECTION QUESTION 269example.com. IN NS 270SECTION ANSWER 271example.com. IN NS ns.example.com. 272example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 273SECTION ADDITIONAL 274ns.example.com. IN A 1.2.3.4 275ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 276ENTRY_END 277 278ENTRY_BEGIN 279MATCH opcode qname qtype 280ADJUST copy_id copy_query 281REPLY QR NOERROR 282SECTION QUESTION 283ns.example.com. IN AAAA 284SECTION ANSWER 285ENTRY_END 286 287 288; response to DNSKEY priming query 289ENTRY_BEGIN 290MATCH opcode qtype qname 291ADJUST copy_id 292REPLY QR NOERROR 293SECTION QUESTION 294example.com. IN DNSKEY 295SECTION ANSWER 296example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 297example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854} 298SECTION AUTHORITY 299example.com. IN NS ns.example.com. 300example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 301SECTION ADDITIONAL 302ns.example.com. IN A 1.2.3.4 303ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 304ENTRY_END 305 306; response to query of interest 307ENTRY_BEGIN 308MATCH opcode qtype qname 309ADJUST copy_id 310REPLY QR NOERROR 311SECTION QUESTION 312www.example.com. IN A 313SECTION ANSWER 314www.example.com. IN A 10.20.30.40 315ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} 316SECTION AUTHORITY 317example.com. IN NS ns.example.com. 318example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 319SECTION ADDITIONAL 320ns.example.com. IN A 1.2.3.4 321www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} 322ENTRY_END 323RANGE_END 324 325STEP 1 QUERY 326ENTRY_BEGIN 327REPLY RD DO 328SECTION QUESTION 329www.example.com. IN A 330ENTRY_END 331 332; recursion happens here. 333STEP 10 CHECK_ANSWER 334ENTRY_BEGIN 335MATCH all 336REPLY QR RD RA AD DO NOERROR 337SECTION QUESTION 338www.example.com. IN A 339SECTION ANSWER 340www.example.com. IN A 10.20.30.40 341www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854} 342SECTION AUTHORITY 343example.com. IN NS ns.example.com. 344example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 345SECTION ADDITIONAL 346ns.example.com. IN A 1.2.3.4 347ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854} 348ENTRY_END 349 350; make sure glue fetch is done. 351STEP 11 QUERY 352ENTRY_BEGIN 353REPLY RD 354SECTION QUESTION 355ns.example.net. IN AAAA 356ENTRY_END 357 358STEP 12 CHECK_ANSWER 359ENTRY_BEGIN 360MATCH all 361REPLY QR RD RA NOERROR 362SECTION QUESTION 363ns.example.net. IN AAAA 364SECTION ANSWER 365SECTION AUTHORITY 366SECTION ADDITIONAL 367ENTRY_END 368 369STEP 13 QUERY 370ENTRY_BEGIN 371REPLY RD 372SECTION QUESTION 373K.ROOT-SERVERS.NET. IN AAAA 374ENTRY_END 375 376STEP 14 CHECK_ANSWER 377ENTRY_BEGIN 378MATCH all 379REPLY QR RD RA NOERROR 380SECTION QUESTION 381K.ROOT-SERVERS.NET. IN AAAA 382SECTION ANSWER 383SECTION AUTHORITY 384SECTION ADDITIONAL 385ENTRY_END 386 387SCENARIO_END 388