xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_dnamewc.rpl (revision 91f7d55fb697b5e0475da4718fa34c3a3ebeac85) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	trust-anchor: "example.net.    3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}"
6	val-override-date: "20070916134226"
7	target-fetch-policy: "0 0 0 0 0"
8	qname-minimisation: "no"
9	fake-sha1: yes
10	trust-anchor-signaling: no
11	ede: yes
12	access-control: 127.0.0.0/8 allow_snoop
13
14stub-zone:
15	name: "."
16	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
17CONFIG_END
18
19SCENARIO_BEGIN Test validator with a wildcarded dname
20
21; K.ROOT-SERVERS.NET.
22RANGE_BEGIN 0 100
23	ADDRESS 193.0.14.129
24ENTRY_BEGIN
25MATCH opcode qtype qname
26ADJUST copy_id
27REPLY QR NOERROR
28SECTION QUESTION
29. IN NS
30SECTION ANSWER
31. IN NS	K.ROOT-SERVERS.NET.
32SECTION ADDITIONAL
33K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
34ENTRY_END
35
36ENTRY_BEGIN
37MATCH opcode qtype qname
38ADJUST copy_id
39REPLY QR NOERROR
40SECTION QUESTION
41www.sub.example.com. IN A
42SECTION AUTHORITY
43com.	IN NS	a.gtld-servers.net.
44SECTION ADDITIONAL
45a.gtld-servers.net.	IN 	A	192.5.6.30
46ENTRY_END
47
48ENTRY_BEGIN
49MATCH opcode qtype qname
50ADJUST copy_id
51REPLY QR NOERROR
52SECTION QUESTION
53www.example.net. IN A
54SECTION AUTHORITY
55net.	IN NS	a.gtld-servers.net.
56SECTION ADDITIONAL
57a.gtld-servers.net.	IN 	A	192.5.6.30
58ENTRY_END
59RANGE_END
60
61; a.gtld-servers.net.
62RANGE_BEGIN 0 100
63	ADDRESS 192.5.6.30
64ENTRY_BEGIN
65MATCH opcode qtype qname
66ADJUST copy_id
67REPLY QR NOERROR
68SECTION QUESTION
69com. IN NS
70SECTION ANSWER
71com.    IN NS   a.gtld-servers.net.
72SECTION ADDITIONAL
73a.gtld-servers.net.     IN      A       192.5.6.30
74ENTRY_END
75
76ENTRY_BEGIN
77MATCH opcode qtype qname
78ADJUST copy_id
79REPLY QR NOERROR
80SECTION QUESTION
81net. IN NS
82SECTION ANSWER
83net.    IN NS   a.gtld-servers.net.
84SECTION ADDITIONAL
85a.gtld-servers.net.     IN      A       192.5.6.30
86ENTRY_END
87
88ENTRY_BEGIN
89MATCH opcode subdomain
90ADJUST copy_id copy_query
91REPLY QR NOERROR
92SECTION QUESTION
93example.com. IN A
94SECTION AUTHORITY
95example.com.	IN NS	ns.example.com.
96SECTION ADDITIONAL
97ns.example.com.		IN 	A	1.2.3.4
98ENTRY_END
99ENTRY_BEGIN
100MATCH opcode subdomain
101ADJUST copy_id copy_query
102REPLY QR NOERROR
103SECTION QUESTION
104example.net. IN A
105SECTION AUTHORITY
106example.net.	IN NS	ns.example.net.
107SECTION ADDITIONAL
108ns.example.net.		IN 	A	1.2.3.5
109ENTRY_END
110RANGE_END
111
112; ns.example.com.
113RANGE_BEGIN 0 100
114	ADDRESS 1.2.3.4
115ENTRY_BEGIN
116MATCH opcode qtype qname
117ADJUST copy_id
118REPLY QR AA REFUSED
119SECTION QUESTION
120ns.example.com. IN AAAA
121ENTRY_END
122
123ENTRY_BEGIN
124MATCH opcode qtype qname
125ADJUST copy_id
126REPLY QR AA REFUSED
127SECTION QUESTION
128ns.example.com. IN A
129ENTRY_END
130
131ENTRY_BEGIN
132MATCH opcode qtype qname
133ADJUST copy_id
134REPLY QR NOERROR
135SECTION QUESTION
136example.com. IN NS
137SECTION ANSWER
138example.com.    IN NS   ns.example.com.
139example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
140SECTION ADDITIONAL
141ns.example.com.         IN      A       1.2.3.4
142ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
143ENTRY_END
144
145; response to DNSKEY priming query
146ENTRY_BEGIN
147MATCH opcode qtype qname
148ADJUST copy_id
149REPLY QR NOERROR
150SECTION QUESTION
151example.com. IN DNSKEY
152SECTION ANSWER
153example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
154example.com. 3600    IN      RRSIG   DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
155SECTION AUTHORITY
156example.com.	IN NS	ns.example.com.
157example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
158SECTION ADDITIONAL
159ns.example.com.		IN 	A	1.2.3.4
160ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
161ENTRY_END
162
163; response to query of interest
164ENTRY_BEGIN
165MATCH opcode qtype qname
166ADJUST copy_id
167REPLY QR NOERROR
168SECTION QUESTION
169www.sub.example.com. IN A
170SECTION ANSWER
171; *.example.com. IN	DNAME	example.net.
172sub.example.com. IN	DNAME	example.net.
173sub.example.com.  3600    IN      RRSIG   DNAME 3 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFEyO+NY3QgAf/cF0mmZhsj3TqgoGAhRqJhHoCd+aA1FbBp16WGfk1HmeIg== ;{id = 2854}
174; unsigned CNAME; one interpretation of the wildcarded DNAME expansion
175www.sub.example.com. IN	CNAME	www.example.net.
176SECTION AUTHORITY
177; prove original does not exist
178ns.example.com.	IN	NSEC	www.example.com. A RRSIG NSEC
179ns.example.com. 3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCCqvDUT+jMCvfm7OHL2IDY75JDmQIUfOtDiiyeSiwjuq3i3OuLnVRyoJ8= ;{id = 2854}
180SECTION ADDITIONAL
181ENTRY_END
182RANGE_END
183
184; ns.example.net.
185RANGE_BEGIN 0 100
186	ADDRESS 1.2.3.5
187ENTRY_BEGIN
188MATCH opcode qtype qname
189ADJUST copy_id
190REPLY QR AA REFUSED
191SECTION QUESTION
192ns.example.net. IN AAAA
193ENTRY_END
194
195ENTRY_BEGIN
196MATCH opcode qtype qname
197ADJUST copy_id
198REPLY QR AA REFUSED
199SECTION QUESTION
200ns.example.net. IN A
201ENTRY_END
202
203ENTRY_BEGIN
204MATCH opcode qtype qname
205ADJUST copy_id
206REPLY QR NOERROR
207SECTION QUESTION
208example.net. IN NS
209SECTION ANSWER
210example.net.	IN NS	ns.example.net.
211example.net.    3600    IN      RRSIG   NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
212SECTION ADDITIONAL
213ns.example.net.		IN 	A	1.2.3.5
214ns.example.net. 3600    IN      RRSIG   A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
215ENTRY_END
216
217; response to DNSKEY priming query
218ENTRY_BEGIN
219MATCH opcode qtype qname
220ADJUST copy_id
221REPLY QR NOERROR
222SECTION QUESTION
223example.net. IN DNSKEY
224SECTION ANSWER
225example.net.    3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
226example.net.    3600    IN      RRSIG   DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899}
227SECTION AUTHORITY
228example.net.	IN NS	ns.example.net.
229example.net.    3600    IN      RRSIG   NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899}
230SECTION ADDITIONAL
231ns.example.net.		IN 	A	1.2.3.5
232ns.example.net. 3600    IN      RRSIG   A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899}
233ENTRY_END
234
235; response to query of interest
236ENTRY_BEGIN
237MATCH opcode qtype qname
238ADJUST copy_id
239REPLY QR NOERROR
240SECTION QUESTION
241www.example.net. IN A
242SECTION ANSWER
243; from *.example.net.
244www.example.net. IN	A	11.12.13.14
245www.example.net.        3600    IN      RRSIG   A 5 3 3600 20070926134150 20070829134150 30899 example.net. CPxF5hK9Kg5eT7W6LgZwr0ePYEm9HMcSY4vvqCS6gDWB4X9jvXLCfBkCLhsNybPBpGWlsLi5wM6MTdJXuPpsRA== ;{id = 30899}
246SECTION AUTHORITY
247SECTION ADDITIONAL
248ENTRY_END
249RANGE_END
250
251STEP 1 QUERY
252ENTRY_BEGIN
253REPLY RD DO
254SECTION QUESTION
255www.sub.example.com. IN A
256ENTRY_END
257
258; recursion happens here.
259STEP 10 CHECK_ANSWER
260ENTRY_BEGIN
261MATCH all ede=6
262REPLY QR RD RA DO SERVFAIL
263SECTION QUESTION
264www.sub.example.com. IN A
265SECTION ANSWER
266ENTRY_END
267
268; Redo the query without RD to check EDE caching.
269STEP 11 QUERY
270ENTRY_BEGIN
271REPLY DO
272SECTION QUESTION
273www.sub.example.com. IN A
274ENTRY_END
275
276STEP 12 CHECK_ANSWER
277ENTRY_BEGIN
278MATCH all ede=6
279REPLY QR RA DO SERVFAIL
280SECTION QUESTION
281www.sub.example.com. IN A
282SECTION ANSWER
283ENTRY_END
284
285SCENARIO_END
286