1; config options 2server: 3 harden-referral-path: no 4 target-fetch-policy: "0 0 0 0 0" 5 6stub-zone: 7 name: "." 8 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 9CONFIG_END 10 11SCENARIO_BEGIN Test scrub of CNAME in answer section 12 13STEP 10 QUERY 14ENTRY_BEGIN 15REPLY RD 16SECTION QUESTION 17www.example.com. IN A 18ENTRY_END 19 20; root prime is sent 21STEP 20 CHECK_OUT_QUERY 22ENTRY_BEGIN 23MATCH qname qtype opcode 24SECTION QUESTION 25. IN NS 26ENTRY_END 27STEP 30 REPLY 28ENTRY_BEGIN 29MATCH opcode qtype qname 30ADJUST copy_id 31REPLY QR AA NOERROR 32SECTION QUESTION 33. IN NS 34SECTION ANSWER 35. IN NS K.ROOT-SERVERS.NET. 36SECTION ADDITIONAL 37K.ROOT-SERVERS.NET. IN A 193.0.14.129 38ENTRY_END 39 40; query sent to root server 41STEP 40 CHECK_OUT_QUERY 42ENTRY_BEGIN 43MATCH qname qtype opcode 44SECTION QUESTION 45www.example.com. IN A 46ENTRY_END 47STEP 50 REPLY 48ENTRY_BEGIN 49MATCH opcode qtype qname 50ADJUST copy_id 51REPLY QR NOERROR 52SECTION QUESTION 53www.example.com. IN A 54SECTION AUTHORITY 55com. IN NS a.gtld-servers.net. 56SECTION ADDITIONAL 57a.gtld-servers.net. IN A 192.5.6.30 58ENTRY_END 59 60; query sent to .com server 61STEP 60 CHECK_OUT_QUERY 62ENTRY_BEGIN 63MATCH qname qtype opcode 64SECTION QUESTION 65www.example.com. IN A 66ENTRY_END 67 68; STEP 62 CHECK_OUT_QUERY 69; ENTRY_BEGIN 70; MATCH qname qtype opcode 71; SECTION QUESTION 72; com. IN NS 73; ENTRY_END 74; STEP 63 REPLY 75; ENTRY_BEGIN 76; MATCH opcode qtype qname 77; ADJUST copy_id 78; REPLY QR NOERROR 79; SECTION QUESTION 80; com. IN NS 81; SECTION ANSWER 82; com. IN NS a.gtld-servers.net. 83; SECTION ADDITIONAL 84; a.gtld-servers.net. IN A 192.5.6.30 85; ENTRY_END 86 87STEP 70 REPLY 88ENTRY_BEGIN 89MATCH opcode qtype qname 90ADJUST copy_id 91REPLY QR NOERROR 92SECTION QUESTION 93www.example.com. IN A 94SECTION AUTHORITY 95example.com. IN NS ns1.example.com. 96SECTION ADDITIONAL 97ns1.example.com. IN A 168.192.2.2 98ENTRY_END 99 100; this query reply has to be scrubbed 101STEP 80 CHECK_OUT_QUERY 102ENTRY_BEGIN 103MATCH qname qtype opcode 104SECTION QUESTION 105www.example.com. IN A 106ENTRY_END 107 108; STEP 82 CHECK_OUT_QUERY 109; ENTRY_BEGIN 110; MATCH qname qtype opcode 111; SECTION QUESTION 112; example.com. IN NS 113; ENTRY_END 114; STEP 83 REPLY 115; ENTRY_BEGIN 116; MATCH opcode qtype qname 117; ADJUST copy_id 118; REPLY QR NOERROR 119; SECTION QUESTION 120; example.com. IN NS 121; SECTION ANSWER 122; example.com. IN NS ns1.example.com. 123; SECTION ADDITIONAL 124; ns1.example.com. IN A 168.192.2.2 125; ENTRY_END 126 127STEP 90 REPLY 128ENTRY_BEGIN 129MATCH opcode qtype qname 130ADJUST copy_id 131REPLY QR AA NOERROR 132SECTION QUESTION 133www.example.com. IN A 134SECTION ANSWER 135www.example.com. IN CNAME next.example.com. 136next.example.com. IN A 10.20.30.0 137SECTION AUTHORITY 138example.com. IN NS ns1.example.com. 139SECTION ADDITIONAL 140ns1.example.com. IN A 168.192.2.2 141ENTRY_END 142 143; iterator should try again and ask the other nameserver. 144STEP 100 CHECK_OUT_QUERY 145ENTRY_BEGIN 146MATCH qname qtype opcode 147SECTION QUESTION 148next.example.com. IN A 149ENTRY_END 150STEP 110 REPLY 151ENTRY_BEGIN 152MATCH opcode qtype qname 153ADJUST copy_id 154REPLY QR AA NOERROR 155SECTION QUESTION 156next.example.com. IN A 157SECTION ANSWER 158next.example.com. IN A 10.20.30.40 159SECTION AUTHORITY 160example.com. IN NS ns1.example.com. 161SECTION ADDITIONAL 162ns1.example.com. IN A 168.192.2.2 163ENTRY_END 164 165; is the final answer correct? 166STEP 200 CHECK_ANSWER 167ENTRY_BEGIN 168MATCH all 169REPLY QR RD RA 170SECTION QUESTION 171www.example.com. IN A 172SECTION ANSWER 173www.example.com. IN CNAME next.example.com. 174next.example.com. IN A 10.20.30.40 175SECTION AUTHORITY 176example.com. IN NS ns1.example.com. 177SECTION ADDITIONAL 178ns1.example.com. IN A 168.192.2.2 179ENTRY_END 180 181SCENARIO_END 182