xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_ans_dsent.rpl (revision 7cd94d692f099dff0c03996f61fd7a476e40159b) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	val-override-date: "20070916134226"
6	target-fetch-policy: "0 0 0 0 0"
7	qname-minimisation: "no"
8	fake-sha1: yes
9	trust-anchor-signaling: no
10
11stub-zone:
12	name: "."
13	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
14CONFIG_END
15
16SCENARIO_BEGIN Test validator with empty nonterminals on the trust chain.
17
18; K.ROOT-SERVERS.NET.
19RANGE_BEGIN 0 100
20	ADDRESS 193.0.14.129
21ENTRY_BEGIN
22MATCH opcode qtype qname
23ADJUST copy_id
24REPLY QR NOERROR
25SECTION QUESTION
26. IN NS
27SECTION ANSWER
28. IN NS	K.ROOT-SERVERS.NET.
29SECTION ADDITIONAL
30K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
31ENTRY_END
32
33ENTRY_BEGIN
34MATCH opcode qtype qname
35ADJUST copy_id
36REPLY QR NOERROR
37SECTION QUESTION
38328.0.0.194.example.com. IN A
39SECTION AUTHORITY
40com.	IN NS	a.gtld-servers.net.
41SECTION ADDITIONAL
42a.gtld-servers.net.	IN 	A	192.5.6.30
43ENTRY_END
44RANGE_END
45
46; a.gtld-servers.net.
47RANGE_BEGIN 0 100
48	ADDRESS 192.5.6.30
49ENTRY_BEGIN
50MATCH opcode qtype qname
51ADJUST copy_id
52REPLY QR NOERROR
53SECTION QUESTION
54com. IN NS
55SECTION ANSWER
56com.    IN NS   a.gtld-servers.net.
57SECTION ADDITIONAL
58a.gtld-servers.net.     IN      A       192.5.6.30
59ENTRY_END
60
61ENTRY_BEGIN
62MATCH opcode qtype qname
63ADJUST copy_id
64REPLY QR NOERROR
65SECTION QUESTION
66328.0.0.194.example.com. IN A
67SECTION AUTHORITY
68example.com.	IN NS	ns.example.com.
69SECTION ADDITIONAL
70ns.example.com.		IN 	A	1.2.3.4
71ENTRY_END
72RANGE_END
73
74; ns.example.com.
75RANGE_BEGIN 0 100
76	ADDRESS 1.2.3.4
77ENTRY_BEGIN
78MATCH opcode qtype qname
79ADJUST copy_id
80REPLY QR NOERROR
81SECTION QUESTION
82example.com. IN NS
83SECTION ANSWER
84example.com.    IN NS   ns.example.com.
85example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
86SECTION ADDITIONAL
87ns.example.com.         IN      A       1.2.3.4
88ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
89ENTRY_END
90
91; response to DNSKEY priming query
92ENTRY_BEGIN
93MATCH opcode qtype qname
94ADJUST copy_id
95REPLY QR NOERROR
96SECTION QUESTION
97example.com. IN DNSKEY
98SECTION ANSWER
99example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
100example.com. 3600    IN      RRSIG   DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
101SECTION AUTHORITY
102example.com.	IN NS	ns.example.com.
103example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
104SECTION ADDITIONAL
105ns.example.com.		IN 	A	1.2.3.4
106ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
107ENTRY_END
108
109; responses to DS empty nonterminal queries.
110ENTRY_BEGIN
111MATCH opcode qtype qname
112ADJUST copy_id
113REPLY QR AA NOERROR
114SECTION QUESTION
115194.example.com. IN DS
116SECTION AUTHORITY
117example.com. 3600 IN SOA ns.example.com. host.example.com. 2007091980 3600 7200 1209600 7200
118example.com.    3600    IN      RRSIG   SOA 3 2 3600 20070926135752 20070829135752 2854 example.com. MC0CFCOn5qKBIV7bwFMBA+Qqiblx0cylAhUAoFiGtFm2wHhJpq9MooTYdeVw45s= ;{id = 2854}
119
120; This NSEC proves the NOERROR/NODATA case.
121194.example.com. IN NSEC 0.0.194.example.com. A RRSIG NSEC
122194.example.com.        3600    IN      RRSIG   NSEC 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFDcoKl74U9FjsuYF3Vc0E8GQ2GgzAhUAhlyhO2MMcAWQMxIhEZ4MguokN5g= ;{id = 2854}
123
124ENTRY_END
125
126ENTRY_BEGIN
127MATCH opcode qtype qname
128ADJUST copy_id
129; this should be NOERROR.
130REPLY QR AA NOERROR
131SECTION QUESTION
1320.194.example.com. IN DS
133SECTION AUTHORITY
134example.com. 3600 IN SOA ns.example.com. host.example.com. 2007091980 3600 7200 1209600 7200
135example.com.    3600    IN      RRSIG   SOA 3 2 3600 20070926135752 20070829135752 2854 example.com. MC0CFCOn5qKBIV7bwFMBA+Qqiblx0cylAhUAoFiGtFm2wHhJpq9MooTYdeVw45s= ;{id = 2854}
136
137; This NSEC proves the NOERROR/NODATA case.
138194.example.com. IN NSEC 0.0.194.example.com. A RRSIG NSEC
139194.example.com.        3600    IN      RRSIG   NSEC 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFDcoKl74U9FjsuYF3Vc0E8GQ2GgzAhUAhlyhO2MMcAWQMxIhEZ4MguokN5g= ;{id = 2854}
140
141ENTRY_END
142
143; response for delegation to sub zone.
144ENTRY_BEGIN
145MATCH opcode qtype qname
146ADJUST copy_id
147REPLY QR NOERROR
148SECTION QUESTION
149328.0.0.194.example.com. IN A
150SECTION ANSWER
151SECTION AUTHORITY
1520.0.194.example.com. IN NS ns.sub.example.com.
1530.0.194.example.com.    3600    IN      DS      30899 RSASHA1 1 aa46f0717075d9750ac3596c659a2e326b33c28c
1540.0.194.example.com.    3600    IN      RRSIG   DS 3 5 3600 20070926135752 20070829135752 2854 example.com. MCwCFC9GIqtp/103hktw6bPpD83gr+0iAhQ8yev2yUaR9l64rYBUYTJqOoTKdw== ;{id = 2854}
155SECTION ADDITIONAL
156ns.sub.example.com. IN A 1.2.3.6
157ENTRY_END
158
159; response for delegation to sub zone
160ENTRY_BEGIN
161MATCH opcode qtype qname
162ADJUST copy_id
163REPLY QR NOERROR
164SECTION QUESTION
1650.0.194.example.com. IN DNSKEY
166SECTION ANSWER
167SECTION AUTHORITY
1680.0.194.example.com. IN NS ns.sub.example.com.
1690.0.194.example.com.    3600    IN      DS      30899 RSASHA1 1 aa46f0717075d9750ac3596c659a2e326b33c28c
1700.0.194.example.com.    3600    IN      RRSIG   DS 3 5 3600 20070926135752 20070829135752 2854 example.com. MCwCFC9GIqtp/103hktw6bPpD83gr+0iAhQ8yev2yUaR9l64rYBUYTJqOoTKdw== ;{id = 2854}
171SECTION ADDITIONAL
172ns.sub.example.com. IN A 1.2.3.6
173ENTRY_END
174RANGE_END
175
176; ns.sub.example.com. for zone 0.0.194.example.com.
177RANGE_BEGIN 0 100
178	ADDRESS 1.2.3.6
179ENTRY_BEGIN
180MATCH opcode qtype qname
181ADJUST copy_id
182REPLY QR NOERROR
183SECTION QUESTION
1840.0.194.example.com. IN NS
185SECTION ANSWER
1860.0.194.example.com. IN	NS ns.sub.example.com.
1870.0.194.example.com.    3600    IN      RRSIG   NS 5 5 3600 20070926135752 20070829135752 30899 0.0.194.example.com. KXDA+/PJAE+dXhv6O6Z0ZovDwabSRJcIt+GT5AL6ewlj46hzo/SDKUtEhYCeT1IVQvYtXrESwFZjpp7N0rXXBg== ;{id = 30899}
188SECTION ADDITIONAL
189ns.sub.example.com. IN A 1.2.3.6
190ENTRY_END
191
192
193; response to DNSKEY priming query
194; 0.0.194.example.com.    3600    IN      DS      30899 RSASHA1 1 aa46f0717075d9750ac3596c659a2e326b33c28c
195ENTRY_BEGIN
196MATCH opcode qtype qname
197ADJUST copy_id
198REPLY QR NOERROR
199SECTION QUESTION
2000.0.194.example.com. IN DNSKEY
201SECTION ANSWER
2020.0.194.example.com.        3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
2030.0.194.example.com.    3600    IN      RRSIG   DNSKEY 5 5 3600 20070926135752 20070829135752 30899 0.0.194.example.com. fSmc7ef6NwbDXC0o4wPc/aa8LakW5ZJwEZ4xPYl3tTZKmPNM7hPXskl1tFlvst9Va4u37F62v+16trprHb+SCQ== ;{id = 30899}
204SECTION AUTHORITY
2050.0.194.example.com. IN	NS ns.sub.example.com.
2060.0.194.example.com.    3600    IN      RRSIG   NS 5 5 3600 20070926135752 20070829135752 30899 0.0.194.example.com. KXDA+/PJAE+dXhv6O6Z0ZovDwabSRJcIt+GT5AL6ewlj46hzo/SDKUtEhYCeT1IVQvYtXrESwFZjpp7N0rXXBg== ;{id = 30899}
207SECTION ADDITIONAL
208ns.sub.example.com. IN A 1.2.3.6
209ENTRY_END
210
211; response to query of interest
212ENTRY_BEGIN
213MATCH opcode qtype qname
214ADJUST copy_id
215REPLY QR NOERROR
216SECTION QUESTION
217328.0.0.194.example.com. IN A
218SECTION ANSWER
219328.0.0.194.example.com. IN A 11.11.11.11
220328.0.0.194.example.com.        3600    IN      RRSIG   A 5 6 3600 20070926135752 20070829135752 30899 0.0.194.example.com. chZW77mqywhw/4ch6BxXQ4EbFgb9zgh2xF75FLlKq/7ey6CfHSJRpJRjRqtMTn+1i18UL2B4nPS/WnK5DZeqlA== ;{id = 30899}
221SECTION AUTHORITY
222SECTION ADDITIONAL
223ENTRY_END
224RANGE_END
225
226STEP 1 QUERY
227ENTRY_BEGIN
228REPLY RD DO
229SECTION QUESTION
230328.0.0.194.example.com. IN A
231ENTRY_END
232
233; recursion happens here.
234STEP 10 CHECK_ANSWER
235ENTRY_BEGIN
236MATCH all
237REPLY QR RD RA AD DO NOERROR
238SECTION QUESTION
239328.0.0.194.example.com. IN A
240SECTION ANSWER
241328.0.0.194.example.com. 	3600	IN	A	11.11.11.11
242328.0.0.194.example.com.        3600    IN      RRSIG   A 5 6 3600 20070926135752 20070829135752 30899 0.0.194.example.com. chZW77mqywhw/4ch6BxXQ4EbFgb9zgh2xF75FLlKq/7ey6CfHSJRpJRjRqtMTn+1i18UL2B4nPS/WnK5DZeqlA== ;{id = 30899}
243SECTION AUTHORITY
244SECTION ADDITIONAL
245ENTRY_END
246
247SCENARIO_END
248