xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_referglue.rpl (revision d0eba39ba71d0ccd0f91ae4c5ff83442e84710bf) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	val-override-date: "20070916134226"
6	directory: ""
7	access-control: 127.0.0.1 allow_snoop
8	target-fetch-policy: "0 0 0 0 0"
9	qname-minimisation: "no"
10	fake-sha1: yes
11	trust-anchor-signaling: no
12	minimal-responses: no
13	rrset-roundrobin: no
14
15stub-zone:
16	name: "."
17	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
18CONFIG_END
19
20SCENARIO_BEGIN Test validator with cache referral with unsigned glue
21
22; K.ROOT-SERVERS.NET.
23RANGE_BEGIN 0 100
24	ADDRESS 193.0.14.129
25ENTRY_BEGIN
26MATCH opcode qtype qname
27ADJUST copy_id
28REPLY QR NOERROR
29SECTION QUESTION
30. IN NS
31SECTION ANSWER
32. IN NS	K.ROOT-SERVERS.NET.
33SECTION ADDITIONAL
34K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
35ENTRY_END
36
37ENTRY_BEGIN
38MATCH opcode qtype qname
39ADJUST copy_id
40REPLY QR NOERROR
41SECTION QUESTION
42www.example.com. IN A
43SECTION AUTHORITY
44com.	IN NS	a.gtld-servers.net.
45SECTION ADDITIONAL
46a.gtld-servers.net.	IN 	A	192.5.6.30
47ENTRY_END
48RANGE_END
49
50; a.gtld-servers.net.
51RANGE_BEGIN 0 100
52	ADDRESS 192.5.6.30
53ENTRY_BEGIN
54MATCH opcode qtype qname
55ADJUST copy_id
56REPLY QR NOERROR
57SECTION QUESTION
58com. IN NS
59SECTION ANSWER
60com.    IN NS   a.gtld-servers.net.
61SECTION ADDITIONAL
62a.gtld-servers.net.     IN      A       192.5.6.30
63ENTRY_END
64
65ENTRY_BEGIN
66MATCH opcode qtype qname
67ADJUST copy_id
68REPLY QR NOERROR
69SECTION QUESTION
70www.example.com. IN A
71SECTION AUTHORITY
72example.com.	IN NS	ns.example.com.
73SECTION ADDITIONAL
74ns.example.com.		IN 	A	1.2.3.4
75ENTRY_END
76RANGE_END
77
78; ns.example.com.
79RANGE_BEGIN 0 100
80	ADDRESS 1.2.3.4
81ENTRY_BEGIN
82MATCH opcode qtype qname
83ADJUST copy_id
84REPLY QR NOERROR
85SECTION QUESTION
86example.com. IN NS
87SECTION ANSWER
88example.com.	IN NS	ns.example.com.
89example.com.	IN NS	ns2.sub.example.com.
90example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
91SECTION ADDITIONAL
92ns.example.com.		IN 	A	1.2.3.4
93ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
94ns2.sub.example.com.	IN 	A 	100.200.30.40
95ENTRY_END
96
97; referral, for all types
98ENTRY_BEGIN
99MATCH opcode qname
100ADJUST copy_id
101REPLY QR NOERROR
102SECTION QUESTION
103ns2.sub.example.com. IN A
104SECTION AUTHORITY
105sub.example.com. IN NS ns2.sub.example.com.
106sub.example.com. IN NSEC tlib.example.com. NS RRSIG NSEC
107sub.example.com.	3600	IN	RRSIG	NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. ABdrfr+eKT1syk2qFlV01wLOqQdvNMpEtPmGAM6CrtyQAje/ddXSi9A= ;{id = 2854}
108ns2.sub.example.com.    IN      A       100.200.30.40
109ENTRY_END
110
111; response to DNSKEY priming query
112ENTRY_BEGIN
113MATCH opcode qtype qname
114ADJUST copy_id
115REPLY QR NOERROR
116SECTION QUESTION
117example.com. IN DNSKEY
118SECTION ANSWER
119example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
120example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
121SECTION AUTHORITY
122example.com.	IN NS	ns.example.com.
123example.com.	IN NS	ns2.sub.example.com.
124example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
125SECTION ADDITIONAL
126ns.example.com.		IN 	A	1.2.3.4
127ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
128ns2.sub.example.com.	IN 	A 	100.200.30.40
129ENTRY_END
130
131ENTRY_BEGIN
132MATCH opcode qtype qname
133ADJUST copy_id
134REPLY QR NOERROR
135SECTION QUESTION
136www.example.com. IN A
137SECTION ANSWER
138www.example.com. IN A	10.20.30.40
139www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
140SECTION AUTHORITY
141example.com.	IN NS	ns.example.com.
142example.com.	IN NS	ns2.sub.example.com.
143example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
144SECTION ADDITIONAL
145ns.example.com.		IN 	A	1.2.3.4
146ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
147; This is from an unsigned subzone
148ns2.sub.example.com.	IN 	A 	100.200.30.40
149ENTRY_END
150ENTRY_BEGIN
151MATCH opcode qtype qname
152ADJUST copy_id
153REPLY QR NOERROR
154SECTION QUESTION
155sub.example.com. IN DS
156SECTION ANSWER
157SECTION AUTHORITY
158sub.example.com. IN NSEC	www.example.com. NS RRSIG NSEC
159sub.example.com.        3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFEG4WWIYBDknWlr2d8S42UZHRuByAhRgnDELUAccGZTCVzG+xl/locivpA== ;{id = 2854}
160ENTRY_END
161RANGE_END
162
163; ns2.sub.example.com.
164RANGE_BEGIN 0 100
165	ADDRESS 100.200.30.40
166ENTRY_BEGIN
167MATCH opcode qtype qname
168ADJUST copy_id
169REPLY QR NOERROR
170SECTION QUESTION
171example.com. IN NS
172SECTION ANSWER
173example.com.	IN NS	ns.example.com.
174example.com.	IN NS	ns2.sub.example.com.
175example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
176SECTION ADDITIONAL
177ns.example.com.		IN 	A	1.2.3.4
178ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
179ENTRY_END
180
181; response to DNSKEY priming query
182ENTRY_BEGIN
183MATCH opcode qtype qname
184ADJUST copy_id
185REPLY QR NOERROR
186SECTION QUESTION
187example.com. IN DNSKEY
188SECTION ANSWER
189example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
190example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
191SECTION AUTHORITY
192example.com.	IN NS	ns.example.com.
193example.com.	IN NS	ns2.sub.example.com.
194example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
195SECTION ADDITIONAL
196ns.example.com.		IN 	A	1.2.3.4
197ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
198ENTRY_END
199
200ENTRY_BEGIN
201MATCH opcode qtype qname
202ADJUST copy_id
203REPLY QR NOERROR
204SECTION QUESTION
205www.example.com. IN A
206SECTION ANSWER
207www.example.com. IN A	10.20.30.40
208www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
209SECTION AUTHORITY
210example.com.	IN NS	ns.example.com.
211example.com.	IN NS	ns2.sub.example.com.
212example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
213SECTION ADDITIONAL
214ns.example.com.		IN 	A	1.2.3.4
215ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
216; This is from an unsigned subzone
217ns2.sub.example.com.	IN 	A 	100.200.30.40
218ENTRY_END
219ENTRY_BEGIN
220MATCH opcode qtype qname
221ADJUST copy_id
222REPLY QR NOERROR
223SECTION QUESTION
224sub.example.com. IN DS
225SECTION ANSWER
226SECTION AUTHORITY
227sub.example.com. IN NSEC	www.example.com. NS RRSIG NSEC
228sub.example.com.        3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFEG4WWIYBDknWlr2d8S42UZHRuByAhRgnDELUAccGZTCVzG+xl/locivpA== ;{id = 2854}
229ENTRY_END
230
231ENTRY_BEGIN
232MATCH opcode qname qtype
233ADJUST copy_id
234REPLY QR NOERROR
235SECTION QUESTION
236ns2.sub.example.com. IN A
237SECTION ANSWER
238ns2.sub.example.com.    IN      A       100.200.30.40
239ENTRY_END
240
241ENTRY_BEGIN
242MATCH opcode qname qtype
243ADJUST copy_id
244REPLY QR NOERROR
245SECTION QUESTION
246ns2.sub.example.com. IN AAAA
247SECTION ANSWER
248ENTRY_END
249
250RANGE_END
251
252; first ask for +CD and get the data in the cache.
253STEP 1 QUERY
254ENTRY_BEGIN
255REPLY RD CD
256SECTION QUESTION
257www.example.com. IN A
258ENTRY_END
259
260STEP 3 CHECK_ANSWER
261ENTRY_BEGIN
262MATCH all
263REPLY QR RD RA CD NOERROR
264SECTION QUESTION
265www.example.com. IN A
266SECTION ANSWER
267www.example.com. IN A	10.20.30.40
268SECTION AUTHORITY
269example.com.	IN NS	ns.example.com.
270example.com.	IN NS	ns2.sub.example.com.
271SECTION ADDITIONAL
272ns.example.com.		IN 	A	1.2.3.4
273; already validated and thus stripped from the answer.
274;ns2.sub.example.com.	IN 	A 	100.200.30.40
275ENTRY_END
276
277; now the data is in the cache, validate a referral from cache
278; note, no recursion desired
279STEP 5 QUERY
280ENTRY_BEGIN
281REPLY DO
282SECTION QUESTION
283bla.example.com. IN A
284ENTRY_END
285
286STEP 6 CHECK_ANSWER
287ENTRY_BEGIN
288MATCH all
289REPLY QR RA AD DO NOERROR
290SECTION QUESTION
291bla.example.com. IN A
292SECTION ANSWER
293SECTION AUTHORITY
294example.com.	3600 IN NS	ns.example.com.
295example.com.	3600 IN NS	ns2.sub.example.com.
296example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
297SECTION ADDITIONAL
298ns.example.com.		IN 	A	1.2.3.4
299ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
300ENTRY_END
301
302SCENARIO_END
303