1; config options 2server: 3 harden-referral-path: no 4 target-fetch-policy: "0 0 0 0 0" 5 qname-minimisation: "no" 6 minimal-responses: no 7 8stub-zone: 9 name: "." 10 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 11CONFIG_END 12 13SCENARIO_BEGIN Test scrub of CNAME in answer section 14 15STEP 10 QUERY 16ENTRY_BEGIN 17REPLY RD 18SECTION QUESTION 19www.example.com. IN A 20ENTRY_END 21 22; root prime is sent 23STEP 20 CHECK_OUT_QUERY 24ENTRY_BEGIN 25MATCH qname qtype opcode 26SECTION QUESTION 27. IN NS 28ENTRY_END 29STEP 30 REPLY 30ENTRY_BEGIN 31MATCH opcode qtype qname 32ADJUST copy_id 33REPLY QR AA NOERROR 34SECTION QUESTION 35. IN NS 36SECTION ANSWER 37. IN NS K.ROOT-SERVERS.NET. 38SECTION ADDITIONAL 39K.ROOT-SERVERS.NET. IN A 193.0.14.129 40ENTRY_END 41 42; query sent to root server 43STEP 40 CHECK_OUT_QUERY 44ENTRY_BEGIN 45MATCH qname qtype opcode 46SECTION QUESTION 47www.example.com. IN A 48ENTRY_END 49STEP 50 REPLY 50ENTRY_BEGIN 51MATCH opcode qtype qname 52ADJUST copy_id 53REPLY QR NOERROR 54SECTION QUESTION 55www.example.com. IN A 56SECTION AUTHORITY 57com. IN NS a.gtld-servers.net. 58SECTION ADDITIONAL 59a.gtld-servers.net. IN A 192.5.6.30 60ENTRY_END 61 62; query sent to .com server 63STEP 60 CHECK_OUT_QUERY 64ENTRY_BEGIN 65MATCH qname qtype opcode 66SECTION QUESTION 67www.example.com. IN A 68ENTRY_END 69 70; STEP 62 CHECK_OUT_QUERY 71; ENTRY_BEGIN 72; MATCH qname qtype opcode 73; SECTION QUESTION 74; com. IN NS 75; ENTRY_END 76; STEP 63 REPLY 77; ENTRY_BEGIN 78; MATCH opcode qtype qname 79; ADJUST copy_id 80; REPLY QR NOERROR 81; SECTION QUESTION 82; com. IN NS 83; SECTION ANSWER 84; com. IN NS a.gtld-servers.net. 85; SECTION ADDITIONAL 86; a.gtld-servers.net. IN A 192.5.6.30 87; ENTRY_END 88 89STEP 70 REPLY 90ENTRY_BEGIN 91MATCH opcode qtype qname 92ADJUST copy_id 93REPLY QR NOERROR 94SECTION QUESTION 95www.example.com. IN A 96SECTION AUTHORITY 97example.com. IN NS ns1.example.com. 98SECTION ADDITIONAL 99ns1.example.com. IN A 168.192.2.2 100ENTRY_END 101 102; this query reply has to be scrubbed 103STEP 80 CHECK_OUT_QUERY 104ENTRY_BEGIN 105MATCH qname qtype opcode 106SECTION QUESTION 107www.example.com. IN A 108ENTRY_END 109 110; STEP 82 CHECK_OUT_QUERY 111; ENTRY_BEGIN 112; MATCH qname qtype opcode 113; SECTION QUESTION 114; example.com. IN NS 115; ENTRY_END 116; STEP 83 REPLY 117; ENTRY_BEGIN 118; MATCH opcode qtype qname 119; ADJUST copy_id 120; REPLY QR NOERROR 121; SECTION QUESTION 122; example.com. IN NS 123; SECTION ANSWER 124; example.com. IN NS ns1.example.com. 125; SECTION ADDITIONAL 126; ns1.example.com. IN A 168.192.2.2 127; ENTRY_END 128 129STEP 90 REPLY 130ENTRY_BEGIN 131MATCH opcode qtype qname 132ADJUST copy_id 133REPLY QR AA NOERROR 134SECTION QUESTION 135www.example.com. IN A 136SECTION ANSWER 137www.example.com. IN CNAME next.example.com. 138next.example.com. IN A 10.20.30.0 139SECTION AUTHORITY 140example.com. IN NS ns1.example.com. 141SECTION ADDITIONAL 142ns1.example.com. IN A 168.192.2.2 143ENTRY_END 144 145; iterator should try again and ask the other nameserver. 146STEP 100 CHECK_OUT_QUERY 147ENTRY_BEGIN 148MATCH qname qtype opcode 149SECTION QUESTION 150next.example.com. IN A 151ENTRY_END 152STEP 110 REPLY 153ENTRY_BEGIN 154MATCH opcode qtype qname 155ADJUST copy_id 156REPLY QR AA NOERROR 157SECTION QUESTION 158next.example.com. IN A 159SECTION ANSWER 160next.example.com. IN A 10.20.30.40 161SECTION AUTHORITY 162example.com. IN NS ns1.example.com. 163SECTION ADDITIONAL 164ns1.example.com. IN A 168.192.2.2 165ENTRY_END 166 167; is the final answer correct? 168STEP 200 CHECK_ANSWER 169ENTRY_BEGIN 170MATCH all 171REPLY QR RD RA 172SECTION QUESTION 173www.example.com. IN A 174SECTION ANSWER 175www.example.com. IN CNAME next.example.com. 176next.example.com. IN A 10.20.30.40 177SECTION AUTHORITY 178example.com. IN NS ns1.example.com. 179SECTION ADDITIONAL 180ns1.example.com. IN A 168.192.2.2 181ENTRY_END 182 183SCENARIO_END 184