; config options server: target-fetch-policy: "0 0 0 0 0" qname-minimisation: "no" minimal-responses: no discard-timeout: 86400 stub-zone: name: "." stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. CONFIG_END SCENARIO_BEGIN Test ghost subdomain with extension reply in timewindow. ; K.ROOT-SERVERS.NET. RANGE_BEGIN 0 100 ADDRESS 193.0.14.129 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION . 86400 IN NS SECTION ANSWER . 86400 IN NS K.ROOT-SERVERS.NET. SECTION ADDITIONAL K.ROOT-SERVERS.NET. 86400 IN A 193.0.14.129 ENTRY_END ENTRY_BEGIN MATCH opcode subdomain ADJUST copy_id copy_query REPLY QR NOERROR SECTION QUESTION com. IN NS SECTION AUTHORITY com. 86400 IN NS a.gtld-servers.net. SECTION ADDITIONAL a.gtld-servers.net. 86400 IN A 192.5.6.30 ENTRY_END RANGE_END ; a.gtld-servers.net. ; this is the one where example.com is delegated. RANGE_BEGIN 0 100 ADDRESS 192.5.6.30 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION com. IN NS SECTION ANSWER com. 86400 IN NS a.gtld-servers.net. SECTION ADDITIONAL a.gtld-servers.net. 86400 IN A 192.5.6.30 ENTRY_END ENTRY_BEGIN MATCH opcode subdomain ADJUST copy_id copy_query REPLY QR NOERROR SECTION QUESTION example.com. IN NS SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END ENTRY_BEGIN MATCH opcode subdomain ADJUST copy_id copy_query REPLY QR NOERROR SECTION QUESTION example2.com. IN NS SECTION AUTHORITY example2.com. 3610 IN NS ns.example2.com. SECTION ADDITIONAL ns.example2.com. 3610 IN A 1.2.3.5 ENTRY_END RANGE_END ; a.gtld-servers.net. ; this is the one where example.com is no longer delegated. RANGE_BEGIN 100 300 ADDRESS 192.5.6.30 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION com. IN NS SECTION ANSWER com. 86400 IN NS a.gtld-servers.net. SECTION ADDITIONAL a.gtld-servers.net. 86400 IN A 192.5.6.30 ENTRY_END ENTRY_BEGIN MATCH opcode subdomain ADJUST copy_id copy_query REPLY QR NXDOMAIN SECTION QUESTION example.com. IN NS SECTION AUTHORITY com. 86400 IN SOA a. b. 1 2 3 4 5 ENTRY_END ENTRY_BEGIN MATCH opcode subdomain ADJUST copy_id copy_query REPLY QR NXDOMAIN SECTION QUESTION example2.com. IN NS SECTION AUTHORITY com. 86400 IN SOA a. b. 1 2 3 4 5 ENTRY_END RANGE_END ; ns.example.com. RANGE_BEGIN 0 100 ADDRESS 1.2.3.4 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION example.com. IN NS SECTION ANSWER example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION ns.example.com. IN A SECTION ANSWER ns.example.com. IN A 1.2.3.4 SECTION AUTHORITY example.com. IN NS ns.example.com. ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION ns.example.com. IN AAAA SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION www.example.com. IN A SECTION ANSWER www.example.com. IN A 10.20.30.40 SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com IN A 1.2.3.4 ENTRY_END RANGE_END ; ns.example2.com. RANGE_BEGIN 0 100 ADDRESS 1.2.3.5 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION example2.com. IN NS SECTION ANSWER example2.com. 3610 IN NS ns.example2.com. SECTION ADDITIONAL ns.example2.com. 3610 IN A 1.2.3.5 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION ns.example2.com. IN A SECTION ANSWER ns.example2.com. 3610 IN A 1.2.3.5 SECTION AUTHORITY example2.com. 3610 IN NS ns.example2.com. ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION ns.example2.com. IN AAAA SECTION AUTHORITY example2.com. 3610 IN NS ns.example2.com. SECTION ADDITIONAL ns.example2.com. 3610 IN A 1.2.3.5 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION www.example2.com. IN A SECTION ANSWER www.example2.com. 3610 IN A 10.20.30.40 SECTION AUTHORITY example2.com. 3610 IN NS ns.example2.com. SECTION ADDITIONAL ns.example2.com 3610 IN A 1.2.3.5 ENTRY_END RANGE_END STEP 1 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION www.example.com. IN A ENTRY_END ; get the delegation in cache STEP 20 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NOERROR SECTION QUESTION www.example.com. IN A SECTION ANSWER www.example.com. IN A 10.20.30.40 SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com IN A 1.2.3.4 ENTRY_END ; get example2 in cache too to check other response type STEP 30 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION www.example2.com. IN A ENTRY_END STEP 40 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NOERROR SECTION QUESTION www.example2.com. IN A SECTION ANSWER www.example2.com. IN A 10.20.30.40 SECTION AUTHORITY example2.com. IN NS ns.example2.com. SECTION ADDITIONAL ns.example2.com IN A 1.2.3.5 ENTRY_END ; time passes STEP 95 TIME_PASSES ELAPSE 3595 STEP 100 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION ns.example.com. IN A ENTRY_END ; ns.example.com RANGE does not answer, only until step 100, ; so we provide an answer, but first, let time pass beyond the TTL. ; it is going to time 3605, just passed the 3600 expire TTL, but the ; query started at 3595 before the TTL expired. STEP 110 TIME_PASSES ELAPSE 10 ; provide the answer to the query sent. STEP 120 CHECK_OUT_QUERY ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION ns.example.com. IN A SECTION ANSWER SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com IN A 1.2.3.4 ENTRY_END STEP 130 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NOERROR SECTION QUESTION ns.example.com. IN A SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END ; check if the domain is still live. STEP 140 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION www2.example.com. IN A ENTRY_END STEP 150 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NXDOMAIN SECTION QUESTION www2.example.com. IN A SECTION AUTHORITY com. 86400 IN SOA a. b. 1 2 3 4 5 ENTRY_END ; example2 is valid with TTL of 3610, it is time 3605 STEP 160 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION ns.example2.com. IN A ENTRY_END ; move to time 3615 STEP 170 TIME_PASSES ELAPSE 10 STEP 180 CHECK_OUT_QUERY ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION ns.example2.com. IN A SECTION ANSWER ns.example2.com. IN A 1.2.3.5 SECTION AUTHORITY example2.com. IN NS ns.example2.com. SECTION ADDITIONAL ns.example2.com. IN A 1.2.3.5 ENTRY_END STEP 190 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NOERROR SECTION QUESTION ns.example2.com. IN A SECTION ANSWER ns.example2.com IN A 1.2.3.5 SECTION AUTHORITY example2.com. IN NS ns.example2.com. SECTION ADDITIONAL ENTRY_END ; check if the domain is still live. STEP 200 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION www2.example2.com. IN A ENTRY_END STEP 210 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RD RA NXDOMAIN SECTION QUESTION www2.example2.com. IN A SECTION AUTHORITY com. 86400 IN SOA a. b. 1 2 3 4 5 ENTRY_END SCENARIO_END