xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_fwdds.rpl (revision 0cd9f4ecf44538bbdd5619b5b2081449960ab3e6) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	val-override-date: "20070916134226"
6	target-fetch-policy: "0 0 0 0 0"
7	fake-sha1: yes
8	trust-anchor-signaling: no
9
10stub-zone:
11	name: "."
12	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
13forward-zone:
14	name: "sub.example.com"
15	forward-addr: 1.2.3.6
16CONFIG_END
17
18SCENARIO_BEGIN Test forward-zone with DS query
19; The fwd zone is linked validly with a DS to the public internet zone.
20; unbound just has to be able to ask the DS from the right server (not
21; from the fwd).
22; Here the fwd is not even recursive, just the plain server for sub.example.com
23
24; K.ROOT-SERVERS.NET.
25RANGE_BEGIN 0 100
26	ADDRESS 193.0.14.129
27ENTRY_BEGIN
28MATCH opcode qtype qname
29ADJUST copy_id
30REPLY QR NOERROR
31SECTION QUESTION
32. IN NS
33SECTION ANSWER
34. IN NS	K.ROOT-SERVERS.NET.
35SECTION ADDITIONAL
36K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
37ENTRY_END
38
39ENTRY_BEGIN
40MATCH opcode subdomain
41ADJUST copy_id copy_query
42REPLY QR NOERROR
43SECTION QUESTION
44com. IN NS
45SECTION AUTHORITY
46com.	IN NS	a.gtld-servers.net.
47SECTION ADDITIONAL
48a.gtld-servers.net.	IN 	A	192.5.6.30
49ENTRY_END
50RANGE_END
51
52; a.gtld-servers.net.
53RANGE_BEGIN 0 100
54	ADDRESS 192.5.6.30
55ENTRY_BEGIN
56MATCH opcode qtype qname
57ADJUST copy_id
58REPLY QR NOERROR
59SECTION QUESTION
60com. IN NS
61SECTION ANSWER
62com.    IN NS   a.gtld-servers.net.
63SECTION ADDITIONAL
64a.gtld-servers.net.     IN      A       192.5.6.30
65ENTRY_END
66
67ENTRY_BEGIN
68MATCH opcode subdomain
69ADJUST copy_id copy_query
70REPLY QR NOERROR
71SECTION QUESTION
72example.com. IN A
73SECTION AUTHORITY
74example.com.	IN NS	ns.example.com.
75SECTION ADDITIONAL
76ns.example.com.		IN 	A	1.2.3.4
77ENTRY_END
78RANGE_END
79
80; ns.example.com.
81RANGE_BEGIN 0 100
82	ADDRESS 1.2.3.4
83ENTRY_BEGIN
84MATCH opcode qtype qname
85ADJUST copy_id
86REPLY QR NOERROR
87SECTION QUESTION
88example.com. IN NS
89SECTION ANSWER
90example.com.    IN NS   ns.example.com.
91example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
92SECTION ADDITIONAL
93ns.example.com.         IN      A       1.2.3.4
94ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
95ENTRY_END
96
97; response to DNSKEY priming query
98ENTRY_BEGIN
99MATCH opcode qtype qname
100ADJUST copy_id
101REPLY QR NOERROR
102SECTION QUESTION
103example.com. IN DNSKEY
104SECTION ANSWER
105example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
106example.com. 3600    IN      RRSIG   DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854}
107SECTION AUTHORITY
108example.com.	IN NS	ns.example.com.
109example.com.    3600    IN      RRSIG   NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
110SECTION ADDITIONAL
111ns.example.com.		IN 	A	1.2.3.4
112ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
113ENTRY_END
114
115; response for DS of sub.example.com.
116ENTRY_BEGIN
117MATCH opcode qtype qname
118ADJUST copy_id
119REPLY QR NOERROR
120SECTION QUESTION
121sub.example.com. IN DS
122SECTION ANSWER
123sub.example.com.        3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3
124sub.example.com.        3600    IN      RRSIG   DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854}
125SECTION AUTHORITY
126SECTION ADDITIONAL
127ENTRY_END
128
129; response for delegation to sub.example.com.
130ENTRY_BEGIN
131MATCH opcode subdomain
132ADJUST copy_id copy_query
133REPLY QR NOERROR
134SECTION QUESTION
135sub.example.com. IN A
136SECTION ANSWER
137SECTION AUTHORITY
138sub.example.com. IN	NS ns.sub.example.com.
139sub.example.com.        3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3
140sub.example.com.        3600    IN      RRSIG   DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854}
141SECTION ADDITIONAL
142ns.sub.example.com. IN A 1.2.3.6
143ENTRY_END
144
145RANGE_END
146
147; ns.sub.example.com.
148RANGE_BEGIN 0 100
149	ADDRESS 1.2.3.6
150ENTRY_BEGIN
151MATCH opcode qtype qname
152ADJUST copy_id
153REPLY QR NOERROR
154SECTION QUESTION
155sub.example.com. IN NS
156SECTION ANSWER
157sub.example.com. IN	NS ns.sub.example.com.
158sub.example.com.        3600    IN      RRSIG   NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. wcpHeBILHfo8C9uxMhcW03gcURZeUffiKdSTb50ZjzTHgMNhRyMfpcvSpXEd9548A9UTmWKeLZChfr5Z/glONw== ;{id = 30899}
159SECTION ADDITIONAL
160ns.sub.example.com. IN A 1.2.3.6
161ns.sub.example.com.     3600    IN      RRSIG   A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. UF7shD/gt1FOp2UHgLTNbPzVykklSXFMEtJ1xD+Hholwf/PIzd7zoaIttIYibNa4fUXCqMg22H9P7MRhfmFe6g== ;{id = 30899}
162ENTRY_END
163
164; response to DNSKEY priming query
165; sub.example.com.        3600    IN      DS      30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3
166ENTRY_BEGIN
167MATCH opcode qtype qname
168ADJUST copy_id
169REPLY QR NOERROR
170SECTION QUESTION
171sub.example.com. IN DNSKEY
172SECTION ANSWER
173sub.example.com.        3600    IN      DNSKEY  256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}
174sub.example.com.        3600    IN      RRSIG   DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. uNGp99iznjD7oOX02XnQbDnbg75UwBHRvZSKYUorTKvPUnCWMHKdRsQ+mf+Fx3GZ+Fz9BVjoCmQqpnfgXLEYqw== ;{id = 30899}
175SECTION AUTHORITY
176sub.example.com. IN	NS ns.sub.example.com.
177sub.example.com.        3600    IN      RRSIG   NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. wcpHeBILHfo8C9uxMhcW03gcURZeUffiKdSTb50ZjzTHgMNhRyMfpcvSpXEd9548A9UTmWKeLZChfr5Z/glONw== ;{id = 30899}
178SECTION ADDITIONAL
179ns.sub.example.com. IN A 1.2.3.6
180ns.sub.example.com.     3600    IN      RRSIG   A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. UF7shD/gt1FOp2UHgLTNbPzVykklSXFMEtJ1xD+Hholwf/PIzd7zoaIttIYibNa4fUXCqMg22H9P7MRhfmFe6g== ;{id = 30899}
181ENTRY_END
182
183; response for qtype DS.  This is not available here.
184ENTRY_BEGIN
185MATCH opcode qtype qname
186ADJUST copy_id
187REPLY QR SERVFAIL
188SECTION QUESTION
189sub.example.com. IN DS
190SECTION ANSWER
191SECTION AUTHORITY
192SECTION ADDITIONAL
193ENTRY_END
194
195; response to query of interest
196ENTRY_BEGIN
197MATCH opcode qtype qname
198ADJUST copy_id
199REPLY QR NOERROR
200SECTION QUESTION
201www.sub.example.com. IN A
202SECTION ANSWER
203www.sub.example.com. IN A	11.11.11.11
204www.sub.example.com.    3600    IN      RRSIG   A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. 0DqqRfRtm7VSEQ4mmBbzrKRqQAay3JAE8DPDGmjtokrrjN9F1G/HxozDV7bjdIh2EChlQea8FPwf/GepJMUVxg== ;{id = 30899}
205SECTION AUTHORITY
206SECTION ADDITIONAL
207ENTRY_END
208RANGE_END
209
210STEP 1 QUERY
211ENTRY_BEGIN
212REPLY RD DO
213SECTION QUESTION
214www.sub.example.com. IN A
215ENTRY_END
216
217; recursion happens here.
218STEP 10 CHECK_ANSWER
219ENTRY_BEGIN
220MATCH all
221REPLY QR RD RA AD DO NOERROR
222SECTION QUESTION
223www.sub.example.com. IN A
224SECTION ANSWER
225www.sub.example.com. 	3600	IN	A	11.11.11.11
226www.sub.example.com.    3600    IN      RRSIG   A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. 0DqqRfRtm7VSEQ4mmBbzrKRqQAay3JAE8DPDGmjtokrrjN9F1G/HxozDV7bjdIh2EChlQea8FPwf/GepJMUVxg== ;{id = 30899}
227SECTION AUTHORITY
228SECTION ADDITIONAL
229ENTRY_END
230
231SCENARIO_END
232