1; config options 2; The island of trust is at example.com 3server: 4 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" 5 trust-anchor: "example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}" 6 val-override-date: "20070916134226" 7 target-fetch-policy: "0 0 0 0 0" 8 fake-sha1: yes 9 trust-anchor-signaling: no 10 11stub-zone: 12 name: "." 13 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 14CONFIG_END 15 16SCENARIO_BEGIN Test validator with a cname to a dname 17 18; K.ROOT-SERVERS.NET. 19RANGE_BEGIN 0 100 20 ADDRESS 193.0.14.129 21ENTRY_BEGIN 22MATCH opcode qtype qname 23ADJUST copy_id 24REPLY QR NOERROR 25SECTION QUESTION 26. IN NS 27SECTION ANSWER 28. IN NS K.ROOT-SERVERS.NET. 29SECTION ADDITIONAL 30K.ROOT-SERVERS.NET. IN A 193.0.14.129 31ENTRY_END 32 33ENTRY_BEGIN 34MATCH opcode qtype qname 35ADJUST copy_id 36REPLY QR NOERROR 37SECTION QUESTION 38www.example.com. IN DNAME 39SECTION AUTHORITY 40com. IN NS a.gtld-servers.net. 41SECTION ADDITIONAL 42a.gtld-servers.net. IN A 192.5.6.30 43ENTRY_END 44 45ENTRY_BEGIN 46MATCH opcode qtype qname 47ADJUST copy_id 48REPLY QR NOERROR 49SECTION QUESTION 50www.example.net. IN DNAME 51SECTION AUTHORITY 52net. IN NS a.gtld-servers.net. 53SECTION ADDITIONAL 54a.gtld-servers.net. IN A 192.5.6.30 55ENTRY_END 56RANGE_END 57 58; a.gtld-servers.net. 59RANGE_BEGIN 0 100 60 ADDRESS 192.5.6.30 61ENTRY_BEGIN 62MATCH opcode qtype qname 63ADJUST copy_id 64REPLY QR NOERROR 65SECTION QUESTION 66com. IN NS 67SECTION ANSWER 68com. IN NS a.gtld-servers.net. 69SECTION ADDITIONAL 70a.gtld-servers.net. IN A 192.5.6.30 71ENTRY_END 72 73ENTRY_BEGIN 74MATCH opcode qtype qname 75ADJUST copy_id 76REPLY QR NOERROR 77SECTION QUESTION 78net. IN NS 79SECTION ANSWER 80net. IN NS a.gtld-servers.net. 81SECTION ADDITIONAL 82a.gtld-servers.net. IN A 192.5.6.30 83ENTRY_END 84 85ENTRY_BEGIN 86MATCH opcode qtype qname 87ADJUST copy_id 88REPLY QR NOERROR 89SECTION QUESTION 90www.example.com. IN DNAME 91SECTION AUTHORITY 92example.com. IN NS ns.example.com. 93SECTION ADDITIONAL 94ns.example.com. IN A 1.2.3.4 95ENTRY_END 96ENTRY_BEGIN 97MATCH opcode qtype qname 98ADJUST copy_id 99REPLY QR NOERROR 100SECTION QUESTION 101www.example.net. IN DNAME 102SECTION AUTHORITY 103example.net. IN NS ns.example.net. 104SECTION ADDITIONAL 105ns.example.net. IN A 1.2.3.5 106ENTRY_END 107RANGE_END 108 109; ns.example.com. 110RANGE_BEGIN 0 100 111 ADDRESS 1.2.3.4 112ENTRY_BEGIN 113MATCH opcode qtype qname 114ADJUST copy_id 115REPLY QR NOERROR 116SECTION QUESTION 117example.com. IN NS 118SECTION ANSWER 119example.com. IN NS ns.example.com. 120example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 121SECTION ADDITIONAL 122ns.example.com. IN A 1.2.3.4 123ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 124ENTRY_END 125 126; response to DNSKEY priming query 127ENTRY_BEGIN 128MATCH opcode qtype qname 129ADJUST copy_id 130REPLY QR NOERROR 131SECTION QUESTION 132example.com. IN DNSKEY 133SECTION ANSWER 134example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 135example.com. 3600 IN RRSIG DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854} 136SECTION AUTHORITY 137example.com. IN NS ns.example.com. 138example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 139SECTION ADDITIONAL 140ns.example.com. IN A 1.2.3.4 141ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 142ENTRY_END 143 144; response to query of interest 145ENTRY_BEGIN 146MATCH opcode qtype qname 147ADJUST copy_id 148REPLY QR NOERROR 149SECTION QUESTION 150www.example.com. IN DNAME 151SECTION ANSWER 152www.example.com. IN CNAME www.example.net. 153www.example.com. 3600 IN RRSIG CNAME DSA 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFGcJxnNxpWCBzXejiSdl4p1BKRMnAhUApoJrugVBRwFgAoYAhhqlZFac7fE= ;{id = 2854} 154SECTION AUTHORITY 155SECTION ADDITIONAL 156ENTRY_END 157RANGE_END 158 159; ns.example.net. 160RANGE_BEGIN 0 100 161 ADDRESS 1.2.3.5 162ENTRY_BEGIN 163MATCH opcode qtype qname 164ADJUST copy_id 165REPLY QR NOERROR 166SECTION QUESTION 167example.net. IN NS 168SECTION ANSWER 169example.net. IN NS ns.example.net. 170example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} 171SECTION ADDITIONAL 172ns.example.net. IN A 1.2.3.5 173ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} 174ENTRY_END 175 176; response to DNSKEY priming query 177ENTRY_BEGIN 178MATCH opcode qtype qname 179ADJUST copy_id 180REPLY QR NOERROR 181SECTION QUESTION 182example.net. IN DNSKEY 183SECTION ANSWER 184example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} 185example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} 186SECTION AUTHORITY 187example.net. IN NS ns.example.net. 188example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} 189SECTION ADDITIONAL 190ns.example.net. IN A 1.2.3.5 191ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} 192ENTRY_END 193 194; response to query of interest 195ENTRY_BEGIN 196MATCH opcode qtype qname 197ADJUST copy_id 198REPLY QR NOERROR 199SECTION QUESTION 200www.example.net. IN DNAME 201SECTION ANSWER 202www.example.net. IN DNAME blarg.com. 203www.example.net. 3600 IN RRSIG DNAME RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. ByevtOI1ChCDb8CD8Qvu2pNcooUWN4LkNXQj0vzSLp62rCltiWWTg8iU6DiojeOx2inVqx+PZXyiX1nX80kCgg== ;{id = 30899} 204SECTION AUTHORITY 205SECTION ADDITIONAL 206ENTRY_END 207RANGE_END 208 209STEP 1 QUERY 210ENTRY_BEGIN 211REPLY RD DO 212SECTION QUESTION 213www.example.com. IN DNAME 214ENTRY_END 215 216; recursion happens here. 217STEP 10 CHECK_ANSWER 218ENTRY_BEGIN 219MATCH all 220REPLY QR RD RA AD DO NOERROR 221SECTION QUESTION 222www.example.com. IN DNAME 223SECTION ANSWER 224www.example.com. IN CNAME www.example.net. 225www.example.com. 3600 IN RRSIG CNAME DSA 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFGcJxnNxpWCBzXejiSdl4p1BKRMnAhUApoJrugVBRwFgAoYAhhqlZFac7fE= ;{id = 2854} 226www.example.net. IN DNAME blarg.com. 227www.example.net. 3600 IN RRSIG DNAME RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. ByevtOI1ChCDb8CD8Qvu2pNcooUWN4LkNXQj0vzSLp62rCltiWWTg8iU6DiojeOx2inVqx+PZXyiX1nX80kCgg== ;{id = 30899} 228SECTION AUTHORITY 229SECTION ADDITIONAL 230ENTRY_END 231 232SCENARIO_END 233