xref: /netbsd-src/external/bsd/unbound/dist/testdata/subnet_val_positive_client.crpl (revision d0eba39ba71d0ccd0f91ae4c5ff83442e84710bf) 
1; Test subnet option in combination with dnssec
2; Client asks for subnet data
3
4server:
5	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
6	val-override-date: "20070916134226"
7	trust-anchor-signaling: no
8	target-fetch-policy: "0 0 0 0 0"
9	send-client-subnet: 1.2.3.4
10	max-client-subnet-ipv4: 17
11	module-config: "subnetcache validator iterator"
12	verbosity: 3
13	fake-sha1: yes
14	fake-dsa: yes
15	qname-minimisation: "no"
16	minimal-responses: no
17
18stub-zone:
19	name: "."
20	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
21CONFIG_END
22
23SCENARIO_BEGIN Test validator with positive response
24
25; K.ROOT-SERVERS.NET.
26RANGE_BEGIN 0 100
27	ADDRESS 193.0.14.129
28	ENTRY_BEGIN
29		MATCH opcode qtype qname ednsdata
30		ADJUST copy_id
31		REPLY QR NOERROR
32		SECTION QUESTION
33			. IN NS
34		SECTION ANSWER
35			. IN NS	K.ROOT-SERVERS.NET.
36		SECTION ADDITIONAL
37			HEX_EDNSDATA_BEGIN
38				;; we expect to receive empty
39			HEX_EDNSDATA_END
40			K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
41	ENTRY_END
42
43	ENTRY_BEGIN
44		MATCH opcode qtype qname
45		ADJUST copy_id
46		REPLY QR NOERROR
47		SECTION QUESTION
48			www.example.com. IN A
49		SECTION AUTHORITY
50			com.	IN NS	a.gtld-servers.net.
51		SECTION ADDITIONAL
52			a.gtld-servers.net.	IN 	A	192.5.6.30
53	ENTRY_END
54RANGE_END
55
56; a.gtld-servers.net.
57RANGE_BEGIN 0 100
58	ADDRESS 192.5.6.30
59	ENTRY_BEGIN
60		MATCH opcode qtype qname ednsdata
61		ADJUST copy_id
62		REPLY QR NOERROR
63		SECTION QUESTION
64			com. IN NS
65		SECTION ANSWER
66			com.    IN NS   a.gtld-servers.net.
67		SECTION ADDITIONAL
68			HEX_EDNSDATA_BEGIN
69				;; we expect to receive empty
70			HEX_EDNSDATA_END
71			a.gtld-servers.net.     IN      A       192.5.6.30
72	ENTRY_END
73
74	ENTRY_BEGIN
75		MATCH opcode qtype qname
76		ADJUST copy_id
77		REPLY QR NOERROR
78		SECTION QUESTION
79			www.example.com. IN A
80		SECTION AUTHORITY
81			example.com.	IN NS	ns.example.com.
82		SECTION ADDITIONAL
83			ns.example.com.		IN 	A	1.2.3.4
84	ENTRY_END
85RANGE_END
86
87; ns.example.com.
88RANGE_BEGIN 0 100
89	ADDRESS 1.2.3.4
90	ENTRY_BEGIN
91		MATCH opcode qtype qname ednsdata
92		ADJUST copy_id
93		REPLY QR NOERROR
94		SECTION QUESTION
95			example.com. IN NS
96		SECTION ANSWER
97			example.com.    IN NS   ns.example.com.
98			example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
99		SECTION ADDITIONAL
100			HEX_EDNSDATA_BEGIN
101				;; we expect to receive empty
102			HEX_EDNSDATA_END
103			ns.example.com.         IN      A       1.2.3.4
104			ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
105	ENTRY_END
106
107	; response to DNSKEY priming query
108	ENTRY_BEGIN
109		MATCH opcode qtype qname ednsdata
110		ADJUST copy_id
111		REPLY QR NOERROR
112		SECTION QUESTION
113			example.com. IN DNSKEY
114		SECTION ANSWER
115			example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
116			example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
117		SECTION AUTHORITY
118			example.com.	IN NS	ns.example.com.
119			example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
120		SECTION ADDITIONAL
121			HEX_EDNSDATA_BEGIN
122				;; we expect to receive empty
123			HEX_EDNSDATA_END
124			ns.example.com.		IN 	A	1.2.3.4
125			ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
126	ENTRY_END
127
128	; response to query of interest
129	ENTRY_BEGIN
130		MATCH opcode qtype qname ednsdata
131		ADJUST copy_id
132		REPLY QR NOERROR
133		SECTION QUESTION
134			www.example.com. IN A
135		SECTION ANSWER
136			www.example.com. IN A	10.20.30.40
137			ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
138		SECTION AUTHORITY
139			example.com.	IN NS	ns.example.com.
140			example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
141		SECTION ADDITIONAL
142			HEX_EDNSDATA_BEGIN
143							; client is 127.0.0.1
144				00 08 		; OPC
145				00 07 		; option length
146				00 01 		; Family
147				11 00 		; source mask, scopemask
148				7f 00 00 	; address
149			HEX_EDNSDATA_END
150			ns.example.com.		IN 	A	1.2.3.4
151			www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
152	ENTRY_END
153RANGE_END
154
155STEP 1 QUERY
156ENTRY_BEGIN
157	HEX_ANSWER_BEGIN;
158		00 00 01 00 00 01 00 00		;ID 0
159		00 00 00 01 03 77 77 77		; www.example.com A? (DO)
160		07 65 78 61 6d 70 6c 65
161		03 63 6f 6d 00 00 01 00
162		01 00 00 29 10 00 00 00
163		80 00 00 0b
164
165		00 08 00 07					; OPC, optlen
166		00 01 11 00					; ip4, scope 17, source 0
167		7f 00 00   					;127.0.0.0/17
168	HEX_ANSWER_END
169ENTRY_END
170
171
172
173; recursion happens here.
174STEP 10 CHECK_ANSWER
175ENTRY_BEGIN
176	MATCH all ednsdata
177	REPLY QR RD RA AD NOERROR
178	SECTION QUESTION
179		www.example.com. IN A
180	SECTION ANSWER
181		www.example.com. IN A	10.20.30.40
182		www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
183	SECTION AUTHORITY
184		example.com.	IN NS	ns.example.com.
185		example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
186	SECTION ADDITIONAL
187		HEX_EDNSDATA_BEGIN
188						; client is 127.0.0.1
189			00 08 		; OPC
190			00 07 		; option length
191			00 01 		; Family
192			11 00 		; source mask, scopemask
193			7f 00 00 	; address
194		HEX_EDNSDATA_END
195		ns.example.com.		IN 	A	1.2.3.4
196		ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
197ENTRY_END
198
199SCENARIO_END
200