1; config options 2; fetch all extra targets - we want to trigger a lookup in cache 3server: 4 target-fetch-policy: "-1 -1 -1 -1 -1" 5 access-control: 127.0.0.1 allow_snoop 6 7stub-zone: 8 name: "." 9 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 10CONFIG_END 11 12SCENARIO_BEGIN Test TTL countdown on messages in the cache 13 14; K.ROOT-SERVERS.NET. 15RANGE_BEGIN 0 100 16 ADDRESS 193.0.14.129 17ENTRY_BEGIN 18MATCH opcode qtype qname 19ADJUST copy_id 20REPLY QR NOERROR 21SECTION QUESTION 22. IN NS 23SECTION ANSWER 24. IN NS K.ROOT-SERVERS.NET. 25SECTION ADDITIONAL 26K.ROOT-SERVERS.NET. IN A 193.0.14.129 27ENTRY_END 28 29ENTRY_BEGIN 30MATCH opcode subdomain 31ADJUST copy_id copy_query 32REPLY QR NOERROR 33SECTION QUESTION 34com. IN A 35SECTION AUTHORITY 36com. IN NS a.gtld-servers.net. 37SECTION ADDITIONAL 38a.gtld-servers.net. IN A 192.5.6.30 39ENTRY_END 40 41ENTRY_BEGIN 42MATCH opcode qtype qname 43ADJUST copy_id 44REPLY QR AA NOERROR 45SECTION QUESTION 46a.gtld-servers.net. IN A 47SECTION ANSWER 48a.gtld-servers.net. IN A 192.5.6.30 49ENTRY_END 50 51ENTRY_BEGIN 52MATCH opcode qtype qname 53ADJUST copy_id 54REPLY QR AA NOERROR 55SECTION QUESTION 56K.ROOT-SERVERS.NET. IN A 57SECTION ANSWER 58K.ROOT-SERVERS.NET. IN A 193.0.14.129 59ENTRY_END 60 61ENTRY_BEGIN 62MATCH opcode qtype qname 63ADJUST copy_id 64REPLY QR AA NOERROR 65SECTION QUESTION 66a.gtld-servers.net. IN AAAA 67SECTION AUTHORITY 68. 86400 IN SOA . . 20070304 28800 7200 604800 86400 69ENTRY_END 70 71ENTRY_BEGIN 72MATCH opcode qtype qname 73ADJUST copy_id 74REPLY QR AA NOERROR 75SECTION QUESTION 76K.ROOT-SERVERS.NET. IN AAAA 77SECTION AUTHORITY 78. 86400 IN SOA . . 20070304 28800 7200 604800 86400 79ENTRY_END 80 81RANGE_END 82 83; a.gtld-servers.net. 84RANGE_BEGIN 0 100 85 ADDRESS 192.5.6.30 86ENTRY_BEGIN 87MATCH opcode qtype qname 88ADJUST copy_id 89REPLY QR NOERROR 90SECTION QUESTION 91com. IN NS 92SECTION ANSWER 93com. IN NS a.gtld-servers.net. 94SECTION ADDITIONAL 95a.gtld-servers.net. IN A 192.5.6.30 96ENTRY_END 97 98ENTRY_BEGIN 99MATCH opcode subdomain 100ADJUST copy_id copy_query 101REPLY QR NOERROR 102SECTION QUESTION 103example.com. IN A 104SECTION AUTHORITY 105example.com. IN NS ns.example.com. 106SECTION ADDITIONAL 107ns.example.com. IN A 1.2.3.4 108ENTRY_END 109 110ENTRY_BEGIN 111MATCH opcode subdomain 112ADJUST copy_id copy_query 113REPLY QR NOERROR 114SECTION QUESTION 115foo.com. IN A 116SECTION AUTHORITY 117foo.com. IN NS ns.foo.com. 118;foo.com. IN NS nx1.example.com. 119SECTION ADDITIONAL 120ns.foo.com. IN A 1.2.5.6 121ENTRY_END 122RANGE_END 123 124; ns.foo.com 125RANGE_BEGIN 0 100 126 ADDRESS 1.2.5.6 127 128ENTRY_BEGIN 129MATCH opcode qtype qname 130ADJUST copy_id 131REPLY QR AA NOERROR 132SECTION QUESTION 133foo.com. IN NS 134SECTION ANSWER 135foo.com. IN NS ns.foo.com. 136;foo.com. IN NS nx1.example.com. 137SECTION ADDITIONAL 138ns.foo.com. IN A 1.2.5.6 139ENTRY_END 140 141ENTRY_BEGIN 142MATCH opcode qtype qname 143ADJUST copy_id 144REPLY QR AA NOERROR 145SECTION QUESTION 146www.foo.com. IN A 147SECTION ANSWER 148;www.foo.com. IN A 1.2.5.6 149www.foo.com. IN CNAME nx1.example.com. 150ENTRY_END 151 152ENTRY_BEGIN 153MATCH opcode qtype qname 154ADJUST copy_id 155REPLY QR AA NOERROR 156SECTION QUESTION 157ns.foo.com. IN A 158SECTION ANSWER 159ns.foo.com. IN A 1.2.5.6 160ENTRY_END 161 162ENTRY_BEGIN 163MATCH opcode qtype qname 164ADJUST copy_id 165REPLY QR AA NOERROR 166SECTION QUESTION 167ns.foo.com. IN AAAA 168SECTION AUTHORITY 169foo.com. IN SOA . . 1 2 3 4 3600 170ENTRY_END 171RANGE_END 172 173; ns.example.com. --- serial=15 174RANGE_BEGIN 0 20 175 ADDRESS 1.2.3.4 176ENTRY_BEGIN 177MATCH opcode qtype qname 178ADJUST copy_id 179REPLY QR NOERROR 180SECTION QUESTION 181example.com. IN NS 182SECTION ANSWER 183example.com. IN NS ns.example.com. 184SECTION ADDITIONAL 185ns.example.com. IN A 1.2.3.4 186ENTRY_END 187 188ENTRY_BEGIN 189MATCH opcode qtype qname 190ADJUST copy_id 191REPLY QR AA NOERROR 192SECTION QUESTION 193ns.example.com. IN A 194SECTION ANSWER 195ns.example.com. IN A 1.2.3.4 196SECTION AUTHORITY 197example.com. IN NS ns.example.com. 198ENTRY_END 199 200ENTRY_BEGIN 201MATCH opcode qtype qname 202ADJUST copy_id 203REPLY QR NOERROR 204SECTION QUESTION 205www.example.com. IN A 206SECTION ANSWER 207www.example.com. IN A 10.20.30.40 208SECTION AUTHORITY 209example.com. IN NS ns.example.com. 210SECTION ADDITIONAL 211ns.example.com. IN A 1.2.3.4 212ENTRY_END 213 214ENTRY_BEGIN 215MATCH opcode qtype qname 216ADJUST copy_id 217REPLY QR AA NOERROR 218SECTION QUESTION 219ns.example.com. IN AAAA 220SECTION AUTHORITY 221example.com. 10 IN SOA . . 15 28800 7200 604800 10 222ENTRY_END 223 224ENTRY_BEGIN 225MATCH opcode qtype qname 226ADJUST copy_id 227REPLY QR AA NXDOMAIN 228SECTION QUESTION 229nx1.example.com. IN A 230SECTION ANSWER 231SECTION AUTHORITY 232example.com. 10 IN SOA . . 15 28800 7200 604800 10 233SECTION ADDITIONAL 234ENTRY_END 235 236ENTRY_BEGIN 237MATCH opcode qtype qname 238ADJUST copy_id 239REPLY QR AA NXDOMAIN 240SECTION QUESTION 241nx2.example.com. IN A 242SECTION ANSWER 243SECTION AUTHORITY 244example.com. 10 IN SOA . . 15 28800 7200 604800 10 245SECTION ADDITIONAL 246ENTRY_END 247 248RANGE_END 249 250; ns.example.com. --- serial=17 251RANGE_BEGIN 20 100 252 ADDRESS 1.2.3.4 253ENTRY_BEGIN 254MATCH opcode qtype qname 255ADJUST copy_id 256REPLY QR NOERROR 257SECTION QUESTION 258example.com. IN NS 259SECTION ANSWER 260example.com. IN NS ns.example.com. 261SECTION ADDITIONAL 262ns.example.com. IN A 1.2.3.4 263ENTRY_END 264 265ENTRY_BEGIN 266MATCH opcode qtype qname 267ADJUST copy_id 268REPLY QR AA NOERROR 269SECTION QUESTION 270ns.example.com. IN A 271SECTION ANSWER 272ns.example.com. IN A 1.2.3.4 273SECTION AUTHORITY 274example.com. IN NS ns.example.com. 275ENTRY_END 276 277ENTRY_BEGIN 278MATCH opcode qtype qname 279ADJUST copy_id 280REPLY QR NOERROR 281SECTION QUESTION 282www.example.com. IN A 283SECTION ANSWER 284www.example.com. IN A 10.20.30.40 285SECTION AUTHORITY 286example.com. IN NS ns.example.com. 287SECTION ADDITIONAL 288ns.example.com. IN A 1.2.3.4 289ENTRY_END 290 291ENTRY_BEGIN 292MATCH opcode qtype qname 293ADJUST copy_id 294REPLY QR AA NOERROR 295SECTION QUESTION 296ns.example.com. IN AAAA 297SECTION AUTHORITY 298example.com. 10 IN SOA . . 17 28800 7200 604800 10 299ENTRY_END 300 301ENTRY_BEGIN 302MATCH opcode qtype qname 303ADJUST copy_id 304REPLY QR AA NXDOMAIN 305SECTION QUESTION 306nx1.example.com. IN A 307SECTION ANSWER 308SECTION AUTHORITY 309example.com. 10 IN SOA . . 17 28800 7200 604800 10 310SECTION ADDITIONAL 311ENTRY_END 312 313ENTRY_BEGIN 314MATCH opcode qtype qname 315ADJUST copy_id 316REPLY QR AA NXDOMAIN 317SECTION QUESTION 318nx2.example.com. IN A 319SECTION ANSWER 320SECTION AUTHORITY 321example.com. 10 IN SOA . . 17 28800 7200 604800 10 322SECTION ADDITIONAL 323ENTRY_END 324 325RANGE_END 326 327; start by passing time ; so we are not at 0 328STEP 1 TIME_PASSES ELAPSE 10 329 330; query for NXDOMAIN 331STEP 8 QUERY 332ENTRY_BEGIN 333REPLY RD CD 334SECTION QUESTION 335nx1.example.com. IN A 336ENTRY_END 337 338STEP 10 CHECK_ANSWER 339ENTRY_BEGIN 340MATCH all ttl 341REPLY QR RD RA NXDOMAIN CD 342SECTION QUESTION 343nx1.example.com. IN A 344SECTION ANSWER 345SECTION AUTHORITY 346example.com. 10 IN SOA . . 15 28800 7200 604800 10 347SECTION ADDITIONAL 348ENTRY_END 349 350; wait for 5 seconds 351STEP 20 TIME_PASSES ELAPSE 5 352 353; do a lookup for nx1.example.com just to check TTLs... 354STEP 25 QUERY 355ENTRY_BEGIN 356REPLY RD CD 357SECTION QUESTION 358nx1.example.com. IN A 359ENTRY_END 360STEP 26 CHECK_ANSWER 361ENTRY_BEGIN 362MATCH all ttl 363REPLY QR RD RA NXDOMAIN CD 364SECTION QUESTION 365nx1.example.com. IN A 366SECTION ANSWER 367SECTION AUTHORITY 368example.com. 5 IN SOA . . 15 28800 7200 604800 10 369SECTION ADDITIONAL 370ENTRY_END 371 372; cause a lookup that refreshes the TTL on the SOA record 373STEP 30 QUERY 374ENTRY_BEGIN 375REPLY RD 376SECTION QUESTION 377nx2.example.com. IN A 378ENTRY_END 379STEP 31 CHECK_ANSWER 380ENTRY_BEGIN 381MATCH all ttl 382REPLY QR RD RA NXDOMAIN 383SECTION QUESTION 384nx2.example.com. IN A 385SECTION ANSWER 386SECTION AUTHORITY 387example.com. 10 IN SOA . . 17 28800 7200 604800 10 388SECTION ADDITIONAL 389ENTRY_END 390 391; do a lookup for nx1.example.com to check TTLs updated 392STEP 35 QUERY 393ENTRY_BEGIN 394REPLY RD CD 395SECTION QUESTION 396nx1.example.com. IN A 397ENTRY_END 398STEP 36 CHECK_ANSWER 399ENTRY_BEGIN 400MATCH all ttl 401REPLY QR RD RA NXDOMAIN CD 402SECTION QUESTION 403nx1.example.com. IN A 404SECTION ANSWER 405SECTION AUTHORITY 406example.com. 10 IN SOA . . 17 28800 7200 604800 10 407SECTION ADDITIONAL 408ENTRY_END 409 410; cause a lookup for nx1.example.com bypassing the cache. 411; with bug; this causes msg ttl for nx1 to be time(NOW)+ttl. 412; so 15+5 = 20 413; visiable in debug log as "msg ttl is %d" 414STEP 40 QUERY 415ENTRY_BEGIN 416REPLY RD 417SECTION QUESTION 418www.foo.com. IN A 419ENTRY_END 420STEP 41 CHECK_ANSWER 421ENTRY_BEGIN 422MATCH all ttl 423REPLY QR RD RA NXDOMAIN 424SECTION QUESTION 425www.foo.com. IN A 426SECTION ANSWER 427;www.foo.com IN A 1.2.5.6 428www.foo.com IN CNAME nx1.example.com. 429SECTION AUTHORITY 430example.com. 10 IN SOA . . 17 28800 7200 604800 10 431ENTRY_END 432 433; now cause lookup from cache by not passing CD flag 434; (validator has a look, and stores after iterator cache lookup). 435STEP 45 QUERY 436ENTRY_BEGIN 437REPLY RD 438SECTION QUESTION 439nx1.example.com. IN A 440ENTRY_END 441STEP 46 CHECK_ANSWER 442ENTRY_BEGIN 443MATCH all ttl 444REPLY QR RD RA NXDOMAIN 445SECTION QUESTION 446nx1.example.com. IN A 447SECTION ANSWER 448SECTION AUTHORITY 449example.com. 10 IN SOA . . 17 28800 7200 604800 10 450SECTION ADDITIONAL 451ENTRY_END 452 453; the message should timeout in 5 seconds, wait 7 454STEP 50 TIME_PASSES ELAPSE 7 455 456; it is still there? (nonRD query) 457STEP 55 QUERY 458ENTRY_BEGIN 459REPLY 460SECTION QUESTION 461nx1.example.com. IN A 462ENTRY_END 463 464; this answer is the bug - NXDOMAIN too long in the cache. 465;STEP 56 CHECK_ANSWER 466;ENTRY_BEGIN 467;MATCH all ttl 468;REPLY QR RA NXDOMAIN 469;SECTION QUESTION 470;nx1.example.com. IN A 471;SECTION ANSWER 472;SECTION AUTHORITY 473;example.com. 3 IN SOA . . 17 28800 7200 604800 10 474;SECTION ADDITIONAL 475;ENTRY_END 476 477; Now the correct answer: no such cached query. 478STEP 56 CHECK_ANSWER 479ENTRY_BEGIN 480MATCH all 481REPLY QR RA NOERROR 482SECTION QUESTION 483nx1.example.com. IN A 484SECTION ANSWER 485SECTION AUTHORITY 486example.com. IN NS ns.example.com. 487SECTION ADDITIONAL 488ns.example.com. IN A 1.2.3.4 489ENTRY_END 490 491SCENARIO_END 492