1; config options 2; fetch all extra targets - we want to trigger a lookup in cache 3server: 4 target-fetch-policy: "-1 -1 -1 -1 -1" 5 qname-minimisation: "no" 6 access-control: 127.0.0.1 allow_snoop 7 8stub-zone: 9 name: "." 10 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 11CONFIG_END 12 13SCENARIO_BEGIN Test TTL countdown on messages in the cache 14 15; K.ROOT-SERVERS.NET. 16RANGE_BEGIN 0 100 17 ADDRESS 193.0.14.129 18ENTRY_BEGIN 19MATCH opcode qtype qname 20ADJUST copy_id 21REPLY QR NOERROR 22SECTION QUESTION 23. IN NS 24SECTION ANSWER 25. IN NS K.ROOT-SERVERS.NET. 26SECTION ADDITIONAL 27K.ROOT-SERVERS.NET. IN A 193.0.14.129 28ENTRY_END 29 30ENTRY_BEGIN 31MATCH opcode subdomain 32ADJUST copy_id copy_query 33REPLY QR NOERROR 34SECTION QUESTION 35com. IN A 36SECTION AUTHORITY 37com. IN NS a.gtld-servers.net. 38SECTION ADDITIONAL 39a.gtld-servers.net. IN A 192.5.6.30 40ENTRY_END 41 42ENTRY_BEGIN 43MATCH opcode qtype qname 44ADJUST copy_id 45REPLY QR AA NOERROR 46SECTION QUESTION 47a.gtld-servers.net. IN A 48SECTION ANSWER 49a.gtld-servers.net. IN A 192.5.6.30 50ENTRY_END 51 52ENTRY_BEGIN 53MATCH opcode qtype qname 54ADJUST copy_id 55REPLY QR AA NOERROR 56SECTION QUESTION 57K.ROOT-SERVERS.NET. IN A 58SECTION ANSWER 59K.ROOT-SERVERS.NET. IN A 193.0.14.129 60ENTRY_END 61 62ENTRY_BEGIN 63MATCH opcode qtype qname 64ADJUST copy_id 65REPLY QR AA NOERROR 66SECTION QUESTION 67a.gtld-servers.net. IN AAAA 68SECTION AUTHORITY 69. 86400 IN SOA . . 20070304 28800 7200 604800 86400 70ENTRY_END 71 72ENTRY_BEGIN 73MATCH opcode qtype qname 74ADJUST copy_id 75REPLY QR AA NOERROR 76SECTION QUESTION 77K.ROOT-SERVERS.NET. IN AAAA 78SECTION AUTHORITY 79. 86400 IN SOA . . 20070304 28800 7200 604800 86400 80ENTRY_END 81 82RANGE_END 83 84; a.gtld-servers.net. 85RANGE_BEGIN 0 100 86 ADDRESS 192.5.6.30 87ENTRY_BEGIN 88MATCH opcode qtype qname 89ADJUST copy_id 90REPLY QR NOERROR 91SECTION QUESTION 92com. IN NS 93SECTION ANSWER 94com. IN NS a.gtld-servers.net. 95SECTION ADDITIONAL 96a.gtld-servers.net. IN A 192.5.6.30 97ENTRY_END 98 99ENTRY_BEGIN 100MATCH opcode subdomain 101ADJUST copy_id copy_query 102REPLY QR NOERROR 103SECTION QUESTION 104example.com. IN A 105SECTION AUTHORITY 106example.com. IN NS ns.example.com. 107SECTION ADDITIONAL 108ns.example.com. IN A 1.2.3.4 109ENTRY_END 110 111ENTRY_BEGIN 112MATCH opcode subdomain 113ADJUST copy_id copy_query 114REPLY QR NOERROR 115SECTION QUESTION 116foo.com. IN A 117SECTION AUTHORITY 118foo.com. IN NS ns.foo.com. 119;foo.com. IN NS nx1.example.com. 120SECTION ADDITIONAL 121ns.foo.com. IN A 1.2.5.6 122ENTRY_END 123RANGE_END 124 125; ns.foo.com 126RANGE_BEGIN 0 100 127 ADDRESS 1.2.5.6 128 129ENTRY_BEGIN 130MATCH opcode qtype qname 131ADJUST copy_id 132REPLY QR AA NOERROR 133SECTION QUESTION 134foo.com. IN NS 135SECTION ANSWER 136foo.com. IN NS ns.foo.com. 137;foo.com. IN NS nx1.example.com. 138SECTION ADDITIONAL 139ns.foo.com. IN A 1.2.5.6 140ENTRY_END 141 142ENTRY_BEGIN 143MATCH opcode qtype qname 144ADJUST copy_id 145REPLY QR AA NOERROR 146SECTION QUESTION 147www.foo.com. IN A 148SECTION ANSWER 149;www.foo.com. IN A 1.2.5.6 150www.foo.com. IN CNAME nx1.example.com. 151ENTRY_END 152 153ENTRY_BEGIN 154MATCH opcode qtype qname 155ADJUST copy_id 156REPLY QR AA NOERROR 157SECTION QUESTION 158ns.foo.com. IN A 159SECTION ANSWER 160ns.foo.com. IN A 1.2.5.6 161ENTRY_END 162 163ENTRY_BEGIN 164MATCH opcode qtype qname 165ADJUST copy_id 166REPLY QR AA NOERROR 167SECTION QUESTION 168ns.foo.com. IN AAAA 169SECTION AUTHORITY 170foo.com. IN SOA . . 1 2 3 4 3600 171ENTRY_END 172RANGE_END 173 174; ns.example.com. --- serial=15 175RANGE_BEGIN 0 20 176 ADDRESS 1.2.3.4 177ENTRY_BEGIN 178MATCH opcode qtype qname 179ADJUST copy_id 180REPLY QR NOERROR 181SECTION QUESTION 182example.com. IN NS 183SECTION ANSWER 184example.com. IN NS ns.example.com. 185SECTION ADDITIONAL 186ns.example.com. IN A 1.2.3.4 187ENTRY_END 188 189ENTRY_BEGIN 190MATCH opcode qtype qname 191ADJUST copy_id 192REPLY QR AA NOERROR 193SECTION QUESTION 194ns.example.com. IN A 195SECTION ANSWER 196ns.example.com. IN A 1.2.3.4 197SECTION AUTHORITY 198example.com. IN NS ns.example.com. 199ENTRY_END 200 201ENTRY_BEGIN 202MATCH opcode qtype qname 203ADJUST copy_id 204REPLY QR NOERROR 205SECTION QUESTION 206www.example.com. IN A 207SECTION ANSWER 208www.example.com. IN A 10.20.30.40 209SECTION AUTHORITY 210example.com. IN NS ns.example.com. 211SECTION ADDITIONAL 212ns.example.com. IN A 1.2.3.4 213ENTRY_END 214 215ENTRY_BEGIN 216MATCH opcode qtype qname 217ADJUST copy_id 218REPLY QR AA NOERROR 219SECTION QUESTION 220ns.example.com. IN AAAA 221SECTION AUTHORITY 222example.com. 10 IN SOA . . 15 28800 7200 604800 10 223ENTRY_END 224 225ENTRY_BEGIN 226MATCH opcode qtype qname 227ADJUST copy_id 228REPLY QR AA NXDOMAIN 229SECTION QUESTION 230nx1.example.com. IN A 231SECTION ANSWER 232SECTION AUTHORITY 233example.com. 10 IN SOA . . 15 28800 7200 604800 10 234SECTION ADDITIONAL 235ENTRY_END 236 237ENTRY_BEGIN 238MATCH opcode qtype qname 239ADJUST copy_id 240REPLY QR AA NXDOMAIN 241SECTION QUESTION 242nx2.example.com. IN A 243SECTION ANSWER 244SECTION AUTHORITY 245example.com. 10 IN SOA . . 15 28800 7200 604800 10 246SECTION ADDITIONAL 247ENTRY_END 248 249RANGE_END 250 251; ns.example.com. --- serial=17 252RANGE_BEGIN 20 100 253 ADDRESS 1.2.3.4 254ENTRY_BEGIN 255MATCH opcode qtype qname 256ADJUST copy_id 257REPLY QR NOERROR 258SECTION QUESTION 259example.com. IN NS 260SECTION ANSWER 261example.com. IN NS ns.example.com. 262SECTION ADDITIONAL 263ns.example.com. IN A 1.2.3.4 264ENTRY_END 265 266ENTRY_BEGIN 267MATCH opcode qtype qname 268ADJUST copy_id 269REPLY QR AA NOERROR 270SECTION QUESTION 271ns.example.com. IN A 272SECTION ANSWER 273ns.example.com. IN A 1.2.3.4 274SECTION AUTHORITY 275example.com. IN NS ns.example.com. 276ENTRY_END 277 278ENTRY_BEGIN 279MATCH opcode qtype qname 280ADJUST copy_id 281REPLY QR NOERROR 282SECTION QUESTION 283www.example.com. IN A 284SECTION ANSWER 285www.example.com. IN A 10.20.30.40 286SECTION AUTHORITY 287example.com. IN NS ns.example.com. 288SECTION ADDITIONAL 289ns.example.com. IN A 1.2.3.4 290ENTRY_END 291 292ENTRY_BEGIN 293MATCH opcode qtype qname 294ADJUST copy_id 295REPLY QR AA NOERROR 296SECTION QUESTION 297ns.example.com. IN AAAA 298SECTION AUTHORITY 299example.com. 10 IN SOA . . 17 28800 7200 604800 10 300ENTRY_END 301 302ENTRY_BEGIN 303MATCH opcode qtype qname 304ADJUST copy_id 305REPLY QR AA NXDOMAIN 306SECTION QUESTION 307nx1.example.com. IN A 308SECTION ANSWER 309SECTION AUTHORITY 310example.com. 10 IN SOA . . 17 28800 7200 604800 10 311SECTION ADDITIONAL 312ENTRY_END 313 314ENTRY_BEGIN 315MATCH opcode qtype qname 316ADJUST copy_id 317REPLY QR AA NXDOMAIN 318SECTION QUESTION 319nx2.example.com. IN A 320SECTION ANSWER 321SECTION AUTHORITY 322example.com. 10 IN SOA . . 17 28800 7200 604800 10 323SECTION ADDITIONAL 324ENTRY_END 325 326RANGE_END 327 328; start by passing time ; so we are not at 0 329STEP 1 TIME_PASSES ELAPSE 10 330 331; query for NXDOMAIN 332STEP 8 QUERY 333ENTRY_BEGIN 334REPLY RD CD 335SECTION QUESTION 336nx1.example.com. IN A 337ENTRY_END 338 339STEP 10 CHECK_ANSWER 340ENTRY_BEGIN 341MATCH all ttl 342REPLY QR RD RA NXDOMAIN CD 343SECTION QUESTION 344nx1.example.com. IN A 345SECTION ANSWER 346SECTION AUTHORITY 347example.com. 10 IN SOA . . 15 28800 7200 604800 10 348SECTION ADDITIONAL 349ENTRY_END 350 351; wait for 5 seconds 352STEP 20 TIME_PASSES ELAPSE 5 353 354; do a lookup for nx1.example.com just to check TTLs... 355STEP 25 QUERY 356ENTRY_BEGIN 357REPLY RD CD 358SECTION QUESTION 359nx1.example.com. IN A 360ENTRY_END 361STEP 26 CHECK_ANSWER 362ENTRY_BEGIN 363MATCH all ttl 364REPLY QR RD RA NXDOMAIN CD 365SECTION QUESTION 366nx1.example.com. IN A 367SECTION ANSWER 368SECTION AUTHORITY 369example.com. 5 IN SOA . . 15 28800 7200 604800 10 370SECTION ADDITIONAL 371ENTRY_END 372 373; cause a lookup that refreshes the TTL on the SOA record 374STEP 30 QUERY 375ENTRY_BEGIN 376REPLY RD 377SECTION QUESTION 378nx2.example.com. IN A 379ENTRY_END 380STEP 31 CHECK_ANSWER 381ENTRY_BEGIN 382MATCH all ttl 383REPLY QR RD RA NXDOMAIN 384SECTION QUESTION 385nx2.example.com. IN A 386SECTION ANSWER 387SECTION AUTHORITY 388example.com. 10 IN SOA . . 17 28800 7200 604800 10 389SECTION ADDITIONAL 390ENTRY_END 391 392; do a lookup for nx1.example.com to check TTLs updated 393STEP 35 QUERY 394ENTRY_BEGIN 395REPLY RD CD 396SECTION QUESTION 397nx1.example.com. IN A 398ENTRY_END 399STEP 36 CHECK_ANSWER 400ENTRY_BEGIN 401MATCH all ttl 402REPLY QR RD RA NXDOMAIN CD 403SECTION QUESTION 404nx1.example.com. IN A 405SECTION ANSWER 406SECTION AUTHORITY 407example.com. 10 IN SOA . . 17 28800 7200 604800 10 408SECTION ADDITIONAL 409ENTRY_END 410 411; cause a lookup for nx1.example.com bypassing the cache. 412; with bug; this causes msg ttl for nx1 to be time(NOW)+ttl. 413; so 15+5 = 20 414; visible in debug log as "msg ttl is %d" 415STEP 40 QUERY 416ENTRY_BEGIN 417REPLY RD 418SECTION QUESTION 419www.foo.com. IN A 420ENTRY_END 421STEP 41 CHECK_ANSWER 422ENTRY_BEGIN 423MATCH all ttl 424REPLY QR RD RA NXDOMAIN 425SECTION QUESTION 426www.foo.com. IN A 427SECTION ANSWER 428;www.foo.com IN A 1.2.5.6 429www.foo.com IN CNAME nx1.example.com. 430SECTION AUTHORITY 431example.com. 10 IN SOA . . 17 28800 7200 604800 10 432ENTRY_END 433 434; now cause lookup from cache by not passing CD flag 435; (validator has a look, and stores after iterator cache lookup). 436STEP 45 QUERY 437ENTRY_BEGIN 438REPLY RD 439SECTION QUESTION 440nx1.example.com. IN A 441ENTRY_END 442STEP 46 CHECK_ANSWER 443ENTRY_BEGIN 444MATCH all ttl 445REPLY QR RD RA NXDOMAIN 446SECTION QUESTION 447nx1.example.com. IN A 448SECTION ANSWER 449SECTION AUTHORITY 450example.com. 10 IN SOA . . 17 28800 7200 604800 10 451SECTION ADDITIONAL 452ENTRY_END 453 454; the message should timeout in 5 seconds, wait 7 455STEP 50 TIME_PASSES ELAPSE 7 456 457; it is still there? (nonRD query) 458STEP 55 QUERY 459ENTRY_BEGIN 460REPLY 461SECTION QUESTION 462nx1.example.com. IN A 463ENTRY_END 464 465; this answer is the bug - NXDOMAIN too long in the cache. 466;STEP 56 CHECK_ANSWER 467;ENTRY_BEGIN 468;MATCH all ttl 469;REPLY QR RA NXDOMAIN 470;SECTION QUESTION 471;nx1.example.com. IN A 472;SECTION ANSWER 473;SECTION AUTHORITY 474;example.com. 3 IN SOA . . 17 28800 7200 604800 10 475;SECTION ADDITIONAL 476;ENTRY_END 477 478; Now the correct answer: no such cached query. 479STEP 56 CHECK_ANSWER 480ENTRY_BEGIN 481MATCH all 482REPLY QR RA NOERROR 483SECTION QUESTION 484nx1.example.com. IN A 485SECTION ANSWER 486SECTION AUTHORITY 487example.com. IN NS ns.example.com. 488SECTION ADDITIONAL 489ns.example.com. IN A 1.2.3.4 490ENTRY_END 491 492SCENARIO_END 493