xref: /netbsd-src/external/bsd/unbound/dist/testdata/subnet_val_positive.crpl (revision 782713e6c126f1866c6d9cfdee4ceb49483b5828) 
1; Test subnet option in combination with dnssec
2
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	val-override-date: "20070916134226"
6	trust-anchor-signaling: no
7	target-fetch-policy: "0 0 0 0 0"
8	send-client-subnet: 1.2.3.4
9	max-client-subnet-ipv4: 17
10	module-config: "subnetcache validator iterator"
11	verbosity: 3
12	fake-sha1: yes
13	fake-dsa: yes
14	qname-minimisation: "no"
15	minimal-responses: no
16
17stub-zone:
18	name: "."
19	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
20CONFIG_END
21
22SCENARIO_BEGIN Test validator with positive response
23
24; K.ROOT-SERVERS.NET.
25RANGE_BEGIN 0 100
26	ADDRESS 193.0.14.129
27	ENTRY_BEGIN
28		MATCH opcode qtype qname ednsdata
29		ADJUST copy_id
30		REPLY QR NOERROR
31		SECTION QUESTION
32			. IN NS
33		SECTION ANSWER
34			. IN NS	K.ROOT-SERVERS.NET.
35		SECTION ADDITIONAL
36			HEX_EDNSDATA_BEGIN
37				;; we expect to receive empty
38			HEX_EDNSDATA_END
39			K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
40	ENTRY_END
41
42	ENTRY_BEGIN
43		MATCH opcode qtype qname ednsdata
44		ADJUST copy_id
45		REPLY QR NOERROR
46		SECTION QUESTION
47			www.example.com. IN A
48		SECTION AUTHORITY
49			com.	IN NS	a.gtld-servers.net.
50		SECTION ADDITIONAL
51			HEX_EDNSDATA_BEGIN
52				;; we expect to receive empty
53			HEX_EDNSDATA_END
54			a.gtld-servers.net.	IN 	A	192.5.6.30
55	ENTRY_END
56RANGE_END
57
58; a.gtld-servers.net.
59RANGE_BEGIN 0 100
60	ADDRESS 192.5.6.30
61	ENTRY_BEGIN
62		MATCH opcode qtype qname ednsdata
63		ADJUST copy_id
64		REPLY QR NOERROR
65		SECTION QUESTION
66			com. IN NS
67		SECTION ANSWER
68			com.    IN NS   a.gtld-servers.net.
69		SECTION ADDITIONAL
70			HEX_EDNSDATA_BEGIN
71				;; we expect to receive empty
72			HEX_EDNSDATA_END
73			a.gtld-servers.net.     IN      A       192.5.6.30
74	ENTRY_END
75
76	ENTRY_BEGIN
77		MATCH opcode qtype qname ednsdata
78		ADJUST copy_id
79		REPLY QR NOERROR
80		SECTION QUESTION
81			www.example.com. IN A
82		SECTION AUTHORITY
83			example.com.	IN NS	ns.example.com.
84		SECTION ADDITIONAL
85			HEX_EDNSDATA_BEGIN
86				;; we expect to receive empty
87			HEX_EDNSDATA_END
88			ns.example.com.		IN 	A	1.2.3.4
89	ENTRY_END
90RANGE_END
91
92; ns.example.com.
93RANGE_BEGIN 0 100
94	ADDRESS 1.2.3.4
95	ENTRY_BEGIN
96		MATCH opcode qtype qname ednsdata
97		ADJUST copy_id
98		REPLY QR NOERROR
99		SECTION QUESTION
100			example.com. IN NS
101		SECTION ANSWER
102			example.com.    IN NS   ns.example.com.
103			example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
104		SECTION ADDITIONAL
105			HEX_EDNSDATA_BEGIN
106				;; we expect to receive empty
107			HEX_EDNSDATA_END
108			ns.example.com.         IN      A       1.2.3.4
109			ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
110	ENTRY_END
111
112	; response to DNSKEY priming query
113	ENTRY_BEGIN
114		MATCH opcode qtype qname ednsdata
115		ADJUST copy_id
116		REPLY QR NOERROR
117		SECTION QUESTION
118			example.com. IN DNSKEY
119		SECTION ANSWER
120			example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
121			example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
122		SECTION AUTHORITY
123			example.com.	IN NS	ns.example.com.
124			example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
125		SECTION ADDITIONAL
126			HEX_EDNSDATA_BEGIN
127				;; we expect to receive empty
128			HEX_EDNSDATA_END
129			ns.example.com.		IN 	A	1.2.3.4
130			ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
131	ENTRY_END
132
133	; response to query of interest
134	ENTRY_BEGIN
135		MATCH opcode qtype qname ednsdata
136		ADJUST copy_id
137		REPLY QR NOERROR
138		SECTION QUESTION
139			www.example.com. IN A
140		SECTION ANSWER
141			www.example.com. IN A	10.20.30.40
142			ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
143		SECTION AUTHORITY
144			example.com.	IN NS	ns.example.com.
145			example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
146		SECTION ADDITIONAL
147			HEX_EDNSDATA_BEGIN
148							; client is 127.0.0.1
149				00 08 		; OPC
150				00 07 		; option length
151				00 01 		; Family
152				11 00 		; source mask, scopemask
153				7f 00 00 	; address
154			HEX_EDNSDATA_END
155			ns.example.com.		IN 	A	1.2.3.4
156			www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
157	ENTRY_END
158RANGE_END
159
160STEP 1 QUERY
161ENTRY_BEGIN
162	REPLY RD DO
163	SECTION QUESTION
164		www.example.com. IN A
165ENTRY_END
166
167; recursion happens here.
168STEP 10 CHECK_ANSWER
169ENTRY_BEGIN
170	MATCH all ednsdata
171	REPLY QR RD RA AD NOERROR
172	SECTION QUESTION
173		www.example.com. IN A
174	SECTION ANSWER
175		www.example.com. IN A	10.20.30.40
176		www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
177	SECTION AUTHORITY
178		example.com.	IN NS	ns.example.com.
179		example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
180	SECTION ADDITIONAL
181		HEX_EDNSDATA_BEGIN
182			;; we expect to receive empty
183		HEX_EDNSDATA_END
184		ns.example.com.		IN 	A	1.2.3.4
185		ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
186ENTRY_END
187
188SCENARIO_END
189