1Copyright (C) Internet Systems Consortium, Inc. ("ISC") 2 3See COPYRIGHT in the source root or https://isc.org/copyright.html for terms. 4 5This is for testing RFC 5011 Automated Updates of DNSSEC Trust Anchors. 6 7ns1 is the root server that offers new KSKs and hosts one record for 8testing. The TTL for the zone's records is 2 seconds. 9 10ns2 is a validator that uses managed keys. "-T mkeytimers=2/20/40" 11is used so it will attempt do automated updates frequently. "-T tat=1" 12is used so it will send TAT queries once per second. 13 14ns3 is a validator with a broken initializing key in trust-anchors. 15 16ns4 is a validator with a deliberately broken managed-keys.bind and 17managed-keys.jnl, causing RFC 5011 initialization to fail. 18 19ns5 is a validator which is prevented from getting a response from the 20root server, causing key refresh queries to fail. 21 22ns6 is a validator which has unsupported algorithms, one at start up, 23one because of an algorithm rollover. 24 25ns7 is a validator with multiple views configured. It is used for 26testing per-view rndc commands and checking interactions between options 27related to and potentially affecting RFC 5011 processing. 28