xref: /netbsd-src/external/bsd/unbound/dist/testdata/val_referglue.rpl (revision 4d342c046e3288fb5a1edcd33cfec48c41c80664) 
1; config options
2; The island of trust is at example.com
3server:
4	trust-anchor: "example.com.    3600    IN      DS      2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
5	val-override-date: "20070916134226"
6	directory: ""
7	access-control: 127.0.0.1 allow_snoop
8	target-fetch-policy: "0 0 0 0 0"
9	qname-minimisation: "no"
10	fake-sha1: yes
11	trust-anchor-signaling: no
12	minimal-responses: no
13
14stub-zone:
15	name: "."
16	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
17CONFIG_END
18
19SCENARIO_BEGIN Test validator with cache referral with unsigned glue
20
21; K.ROOT-SERVERS.NET.
22RANGE_BEGIN 0 100
23	ADDRESS 193.0.14.129
24ENTRY_BEGIN
25MATCH opcode qtype qname
26ADJUST copy_id
27REPLY QR NOERROR
28SECTION QUESTION
29. IN NS
30SECTION ANSWER
31. IN NS	K.ROOT-SERVERS.NET.
32SECTION ADDITIONAL
33K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
34ENTRY_END
35
36ENTRY_BEGIN
37MATCH opcode qtype qname
38ADJUST copy_id
39REPLY QR NOERROR
40SECTION QUESTION
41www.example.com. IN A
42SECTION AUTHORITY
43com.	IN NS	a.gtld-servers.net.
44SECTION ADDITIONAL
45a.gtld-servers.net.	IN 	A	192.5.6.30
46ENTRY_END
47RANGE_END
48
49; a.gtld-servers.net.
50RANGE_BEGIN 0 100
51	ADDRESS 192.5.6.30
52ENTRY_BEGIN
53MATCH opcode qtype qname
54ADJUST copy_id
55REPLY QR NOERROR
56SECTION QUESTION
57com. IN NS
58SECTION ANSWER
59com.    IN NS   a.gtld-servers.net.
60SECTION ADDITIONAL
61a.gtld-servers.net.     IN      A       192.5.6.30
62ENTRY_END
63
64ENTRY_BEGIN
65MATCH opcode qtype qname
66ADJUST copy_id
67REPLY QR NOERROR
68SECTION QUESTION
69www.example.com. IN A
70SECTION AUTHORITY
71example.com.	IN NS	ns.example.com.
72SECTION ADDITIONAL
73ns.example.com.		IN 	A	1.2.3.4
74ENTRY_END
75RANGE_END
76
77; ns.example.com.
78RANGE_BEGIN 0 100
79	ADDRESS 1.2.3.4
80ENTRY_BEGIN
81MATCH opcode qtype qname
82ADJUST copy_id
83REPLY QR NOERROR
84SECTION QUESTION
85example.com. IN NS
86SECTION ANSWER
87example.com.	IN NS	ns.example.com.
88example.com.	IN NS	ns2.sub.example.com.
89example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
90SECTION ADDITIONAL
91ns.example.com.		IN 	A	1.2.3.4
92ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
93ns2.sub.example.com.	IN 	A 	100.200.30.40
94ENTRY_END
95
96; referral, for all types
97ENTRY_BEGIN
98MATCH opcode qname
99ADJUST copy_id
100REPLY QR NOERROR
101SECTION QUESTION
102ns2.sub.example.com. IN A
103SECTION AUTHORITY
104sub.example.com. IN NS ns2.sub.example.com.
105sub.example.com. IN NSEC tlib.example.com. NS RRSIG NSEC
106sub.example.com.	3600	IN	RRSIG	NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. ABdrfr+eKT1syk2qFlV01wLOqQdvNMpEtPmGAM6CrtyQAje/ddXSi9A= ;{id = 2854}
107ns2.sub.example.com.    IN      A       100.200.30.40
108ENTRY_END
109
110; response to DNSKEY priming query
111ENTRY_BEGIN
112MATCH opcode qtype qname
113ADJUST copy_id
114REPLY QR NOERROR
115SECTION QUESTION
116example.com. IN DNSKEY
117SECTION ANSWER
118example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
119example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
120SECTION AUTHORITY
121example.com.	IN NS	ns.example.com.
122example.com.	IN NS	ns2.sub.example.com.
123example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
124SECTION ADDITIONAL
125ns.example.com.		IN 	A	1.2.3.4
126ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
127ns2.sub.example.com.	IN 	A 	100.200.30.40
128ENTRY_END
129
130ENTRY_BEGIN
131MATCH opcode qtype qname
132ADJUST copy_id
133REPLY QR NOERROR
134SECTION QUESTION
135www.example.com. IN A
136SECTION ANSWER
137www.example.com. IN A	10.20.30.40
138www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
139SECTION AUTHORITY
140example.com.	IN NS	ns.example.com.
141example.com.	IN NS	ns2.sub.example.com.
142example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
143SECTION ADDITIONAL
144ns.example.com.		IN 	A	1.2.3.4
145ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
146; This is from an unsigned subzone
147ns2.sub.example.com.	IN 	A 	100.200.30.40
148ENTRY_END
149ENTRY_BEGIN
150MATCH opcode qtype qname
151ADJUST copy_id
152REPLY QR NOERROR
153SECTION QUESTION
154sub.example.com. IN DS
155SECTION ANSWER
156SECTION AUTHORITY
157sub.example.com. IN NSEC	www.example.com. NS RRSIG NSEC
158sub.example.com.        3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFEG4WWIYBDknWlr2d8S42UZHRuByAhRgnDELUAccGZTCVzG+xl/locivpA== ;{id = 2854}
159ENTRY_END
160RANGE_END
161
162; ns2.sub.example.com.
163RANGE_BEGIN 0 100
164	ADDRESS 100.200.30.40
165ENTRY_BEGIN
166MATCH opcode qtype qname
167ADJUST copy_id
168REPLY QR NOERROR
169SECTION QUESTION
170example.com. IN NS
171SECTION ANSWER
172example.com.	IN NS	ns.example.com.
173example.com.	IN NS	ns2.sub.example.com.
174example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
175SECTION ADDITIONAL
176ns.example.com.		IN 	A	1.2.3.4
177ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
178ENTRY_END
179
180; response to DNSKEY priming query
181ENTRY_BEGIN
182MATCH opcode qtype qname
183ADJUST copy_id
184REPLY QR NOERROR
185SECTION QUESTION
186example.com. IN DNSKEY
187SECTION ANSWER
188example.com.    3600    IN      DNSKEY  256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
189example.com.    3600    IN      RRSIG   DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
190SECTION AUTHORITY
191example.com.	IN NS	ns.example.com.
192example.com.	IN NS	ns2.sub.example.com.
193example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
194SECTION ADDITIONAL
195ns.example.com.		IN 	A	1.2.3.4
196ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
197ENTRY_END
198
199ENTRY_BEGIN
200MATCH opcode qtype qname
201ADJUST copy_id
202REPLY QR NOERROR
203SECTION QUESTION
204www.example.com. IN A
205SECTION ANSWER
206www.example.com. IN A	10.20.30.40
207www.example.com.        3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
208SECTION AUTHORITY
209example.com.	IN NS	ns.example.com.
210example.com.	IN NS	ns2.sub.example.com.
211example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
212SECTION ADDITIONAL
213ns.example.com.		IN 	A	1.2.3.4
214ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
215; This is from an unsigned subzone
216ns2.sub.example.com.	IN 	A 	100.200.30.40
217ENTRY_END
218ENTRY_BEGIN
219MATCH opcode qtype qname
220ADJUST copy_id
221REPLY QR NOERROR
222SECTION QUESTION
223sub.example.com. IN DS
224SECTION ANSWER
225SECTION AUTHORITY
226sub.example.com. IN NSEC	www.example.com. NS RRSIG NSEC
227sub.example.com.        3600    IN      RRSIG   NSEC 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFEG4WWIYBDknWlr2d8S42UZHRuByAhRgnDELUAccGZTCVzG+xl/locivpA== ;{id = 2854}
228ENTRY_END
229
230ENTRY_BEGIN
231MATCH opcode qname qtype
232ADJUST copy_id
233REPLY QR NOERROR
234SECTION QUESTION
235ns2.sub.example.com. IN A
236SECTION ANSWER
237ns2.sub.example.com.    IN      A       100.200.30.40
238ENTRY_END
239
240ENTRY_BEGIN
241MATCH opcode qname qtype
242ADJUST copy_id
243REPLY QR NOERROR
244SECTION QUESTION
245ns2.sub.example.com. IN AAAA
246SECTION ANSWER
247ENTRY_END
248
249RANGE_END
250
251; first ask for +CD and get the data in the cache.
252STEP 1 QUERY
253ENTRY_BEGIN
254REPLY RD CD
255SECTION QUESTION
256www.example.com. IN A
257ENTRY_END
258
259STEP 3 CHECK_ANSWER
260ENTRY_BEGIN
261MATCH all
262REPLY QR RD RA CD NOERROR
263SECTION QUESTION
264www.example.com. IN A
265SECTION ANSWER
266www.example.com. IN A	10.20.30.40
267SECTION AUTHORITY
268example.com.	IN NS	ns.example.com.
269example.com.	IN NS	ns2.sub.example.com.
270SECTION ADDITIONAL
271ns.example.com.		IN 	A	1.2.3.4
272; already validated and thus stripped from the answer.
273;ns2.sub.example.com.	IN 	A 	100.200.30.40
274ENTRY_END
275
276; now the data is in the cache, validate a referral from cache
277; note, no recursion desired
278STEP 5 QUERY
279ENTRY_BEGIN
280REPLY DO
281SECTION QUESTION
282bla.example.com. IN A
283ENTRY_END
284
285STEP 6 CHECK_ANSWER
286ENTRY_BEGIN
287MATCH all
288REPLY QR RA AD DO NOERROR
289SECTION QUESTION
290bla.example.com. IN A
291SECTION ANSWER
292SECTION AUTHORITY
293example.com.	3600 IN NS	ns.example.com.
294example.com.	3600 IN NS	ns2.sub.example.com.
295example.com.    3600    IN      RRSIG   NS DSA 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCiyp/3hxwKS5QZPnjk36t16s4QTwIUI0m+MBVOAPacANrXXFKieyZd39o= ;{id = 2854}
296SECTION ADDITIONAL
297ns.example.com.		IN 	A	1.2.3.4
298ns.example.com. 3600    IN      RRSIG   A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
299ENTRY_END
300
301SCENARIO_END
302