clones/unbound
1
0
Fork 0
mirror of https://github.com/NLnetLabs/unbound.git synced 2024-09-21 14:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
57230d7f22
unbound/testdata/iter_dname_insec.rpl
Wouter Wijngaards e0745813f4 - Set defaults to yes for a number of options to increase speed and 
resilience of the server.  The so-reuseport, harden-below-nxdomain,
  and minimal-responses options are enabled by default.  They used
  to be disabled by default, waiting to make sure they worked.  They
  are enabled by default now, and can be disabled explicitly by
  setting them to "no" in the unbound.conf config file.  The reuseport
  and minimal options increases speed of the server, and should be
  otherwise harmless.  The harden-below-nxdomain option works well
  together with the recently default enabled qname minimisation, this
  causes more fetches to use information from the cache.


git-svn-id: file:///svn/unbound/trunk@4871 be551aaa-1e26-0410-a405-d3ace91eadb9
2018-08-27 13:18:19 +00:00

1057 lines
24 KiB
Plaintext
Raw Blame History

; config options
server:
harden-referral-path: no
target-fetch-policy: "0 0 0 0 0"
qname-minimisation: "no"
minimal-responses: no
stub-zone:
name: "."
stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
CONFIG_END
SCENARIO_BEGIN Test scrub of insecure DNAME in answer section
; root infrastucture
RANGE_BEGIN 0 10000000
ADDRESS 193.0.14.129
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
. IN NS
SECTION ANSWER
. IN NS K.ROOT-SERVERS.NET.
SECTION ADDITIONAL
K.ROOT-SERVERS.NET. IN A 193.0.14.129
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
shortloop. IN TXT
SECTION ANSWER
shortloop. IN TXT "shortloop end"
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
K.ROOT-SERVERS.NET. IN A
SECTION ANSWER
K.ROOT-SERVERS.NET. IN A 193.0.14.129
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
K.ROOT-SERVERS.NET. IN AAAA
SECTION ANSWER
ENTRY_END
ENTRY_BEGIN
MATCH subdomain opcode
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
com. IN A
SECTION AUTHORITY
com. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH subdomain opcode
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
net. IN A
SECTION AUTHORITY
net. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH subdomain opcode
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
x. IN A
SECTION AUTHORITY
x. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH opcode subdomain
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
long. IN NS
SECTION AUTHORITY
long. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH opcode subdomain
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. IN NS
SECTION AUTHORITY
60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
a.gtld-servers.net. IN A
SECTION ANSWER
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
a.gtld-servers.net. IN AAAA
SECTION ANSWER
ENTRY_END
RANGE_END
; end of root infrastucture
; a.gtld-servers.net. (com. net. x.)
RANGE_BEGIN 0 10000000
ADDRESS 192.5.6.30
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
a.gtld-servers.net. IN A
SECTION ANSWER
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
a.gtld-servers.net. IN AAAA
SECTION ANSWER
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
com. IN NS
SECTION AUTHORITY
com. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
net. IN NS
SECTION AUTHORITY
net. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH opcode subdomain
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
example.com. IN A
SECTION AUTHORITY
example.com. IN NS ns1.example.com.
SECTION ADDITIONAL
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode subdomain
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
example.net. IN A
SECTION AUTHORITY
example.net. IN NS ns1.example.net.
SECTION ADDITIONAL
ns1.example.net. IN A 168.192.3.3
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
x. IN NS
SECTION AUTHORITY
x. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
x. IN DNAME
SECTION AUTHORITY
x. IN DNAME .
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH qname opcode
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
shortloop.x.x. IN CNAME
SECTION ANSWER
x. DNAME .
shortloop.x.x. IN CNAME shortloop.x.
shortloop.x. IN CNAME shortloop.
ENTRY_END
ENTRY_BEGIN
MATCH qname opcode
ADJUST copy_id copy_query
REPLY QR NOERROR
SECTION QUESTION
shortloop.x. IN CNAME
SECTION ANSWER
x. DNAME .
shortloop.x. IN CNAME shortloop.
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. IN NS
SECTION AUTHORITY
60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
long. IN NS
SECTION AUTHORITY
long. IN NS a.gtld-servers.net.
SECTION ADDITIONAL
a.gtld-servers.net. IN A 192.5.6.30
ENTRY_END
; DNAME at zone apex, allowed by RFC 6672 section 2.3
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
long. IN DNAME
SECTION ANSWER
long. 3600 IN DNAME 63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
x.long. IN A
SECTION ANSWER
long. 3600 IN DNAME 63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
x.long. 3600 IN CNAME x.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
x.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. 3600 IN A 192.0.2.1
ENTRY_END
ENTRY_BEGIN
MATCH qname qtype opcode
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
x.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. IN A
SECTION ANSWER
x.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. 3600 IN A 192.0.2.1
ENTRY_END
ENTRY_BEGIN
MATCH qname opcode
ADJUST copy_id copy_query
REPLY QR YXDOMAIN
SECTION QUESTION
too.long. IN A
SECTION ANSWER
long. 3600 IN DNAME 63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
ENTRY_END
RANGE_END
; end of a.gtld-servers.net.
; RFC 6672 section 2.2. The DNAME Substitution table tests
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;1 com. example.com. example.net. <no match>
;2 example.com. example.com. example.net. [0]
;3 a.example.com. example.com. example.net. a.example.net.
;4 a.b.example.com. example.com. example.net. a.b.example.net.
;5 ab.example.com. b.example.com. example.net. <no match>
;6 foo.example.com. example.com. example.net. foo.example.net.
;7 a.x.example.com. x.example.com. example.net. a.example.net.
;8 a.example.com. example.com. y.example.net. a.y.example.net.
;9 cyc.example.com. example.com. example.com. cyc.example.com.
;10 cyc.example.com. example.com. c.example.com. cyc.c.example.com.
;11 shortloop.x.x. x. . shortloop.x.
;12 shortloop.x. x. . shortloop.
;
; [0] The result depends on the QTYPE. If the QTYPE = DNAME, then
; the result is "example.com.", else "<no match>".
;
; Table 1. DNAME Substitution Examples
; line no. 1 is mostly for authoritative server
; line no. 2 QTYPE != DNAME
STEP 220201 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
example.com. IN NS
ENTRY_END
STEP 220202 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
example.com. IN NS
SECTION ANSWER
example.com. IN NS ns1.example.com.
SECTION ADDITIONAL
ns1.example.com. 0 IN A 168.192.2.2
ENTRY_END
; line no. 2 QTYPE == DNAME
STEP 220203 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
example.com. IN DNAME
ENTRY_END
STEP 220204 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
example.com. IN DNAME
SECTION ANSWER
example.com. IN DNAME example.net.
ENTRY_END
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;3 a.example.com. example.com. example.net. a.example.net.
STEP 220301 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
a.example.com. IN A
ENTRY_END
STEP 220302 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
a.example.com. IN A
SECTION ANSWER
example.com. IN DNAME example.net.
a.example.com. IN CNAME a.example.net.
a.example.net. IN A 10.0.0.97
ENTRY_END
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;4 a.b.example.com. example.com. example.net. a.b.example.net.
STEP 220401 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
a.b.example.com. IN A
ENTRY_END
STEP 220402 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
a.b.example.com. IN A
SECTION ANSWER
example.com. IN DNAME example.net.
a.b.example.com. IN CNAME a.b.example.net.
a.b.example.net. IN A 10.0.97.98
ENTRY_END
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;5 ab.example.com. b.example.com. example.net. <no match>
;6 foo.example.com. example.com. example.net. foo.example.net.
; line no. 5 is mostly for authoritative server
; line no. 6 is basically the same as line no. 3
; ns1.example.com.
RANGE_BEGIN 220000 220699
ADDRESS 168.192.2.2
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN NS
SECTION ANSWER
example.com. IN NS ns1.example.com.
SECTION ADDITIONAL
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN A
SECTION ANSWER
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN AAAA
SECTION ANSWER
ENTRY_END
; line 2 DNAME
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN DNAME
SECTION ANSWER
example.com. IN DNAME example.net.
ENTRY_END
; line 3
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
a.example.com. IN A
SECTION ANSWER
example.com. IN DNAME example.net.
a.example.com. IN CNAME a.example.net.
ENTRY_END
; line 4
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
a.b.example.com. IN A
SECTION ANSWER
example.com. IN DNAME example.net.
a.b.example.com. IN CNAME a.b.example.net.
ENTRY_END
RANGE_END
; end of ns1.example.com.
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;7 a.x.example.com. x.example.com. example.net. a.example.net.
STEP 220701 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
a.x.example.com. IN A
ENTRY_END
STEP 220702 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
a.x.example.com. IN A
SECTION ANSWER
x.example.com. IN DNAME example.net.
a.x.example.com. IN CNAME a.example.net.
a.example.net. IN A 10.0.0.97
ENTRY_END
; ns1.example.com.
RANGE_BEGIN 220700 220799
ADDRESS 168.192.2.2
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN NS
SECTION ANSWER
example.com. IN NS ns1.example.com.
SECTION ADDITIONAL
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN A
SECTION ANSWER
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN AAAA
SECTION ANSWER
ENTRY_END
; line 7 DNAME
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN DNAME
SECTION ANSWER
x.example.com. IN DNAME example.net.
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
a.x.example.com. IN A
SECTION ANSWER
x.example.com. IN DNAME example.net.
a.x.example.com. IN CNAME a.example.net.
ENTRY_END
RANGE_END
; end of ns1.example.com.
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;8 a.example.com. example.com. y.example.net. a.y.example.net.
;
; a.example.com. was renamed to a2.example.com. to avoid cache clashes
; on the synthetized CNAME (caching CNAMEs is allowed by RFC 6672 section 3.4)
STEP 220801 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
a2.example.com. IN A
ENTRY_END
STEP 220802 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
a2.example.com. IN A
SECTION ANSWER
example.com. IN DNAME y.example.net.
a2.example.com. IN CNAME a2.y.example.net.
a2.y.example.net. IN A 10.97.50.121
ENTRY_END
; ns1.example.com.
RANGE_BEGIN 220800 220899
ADDRESS 168.192.2.2
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN NS
SECTION ANSWER
example.com. IN NS ns1.example.com.
SECTION ADDITIONAL
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN A
SECTION ANSWER
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN AAAA
SECTION ANSWER
ENTRY_END
; line 8 DNAME
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN DNAME
SECTION ANSWER
example.com. IN DNAME y.example.net.
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
a2.example.com. IN A
SECTION ANSWER
example.com. IN DNAME y.example.net.
a2.example.com. IN CNAME a2.y.example.net.
ENTRY_END
RANGE_END
; end of ns1.example.com.
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;9 cyc.example.com. example.com. example.com. cyc.example.com.
STEP 220901 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
cyc.example.com. IN A
ENTRY_END
; Expected result is defined by RFC 1034 section 3.6.2:
; CNAME chains should be followed and CNAME loops signalled as an error
STEP 220902 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
REPLY NOERROR
SECTION QUESTION
cyc.example.com. IN A
SECTION ANSWER
example.com. 0 IN DNAME example.com.
cyc.example.com. 0 IN CNAME cyc.example.com.
ENTRY_END
; ns1.example.com.
RANGE_BEGIN 220900 220999
ADDRESS 168.192.2.2
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN NS
SECTION ANSWER
example.com. IN NS ns1.example.com.
SECTION ADDITIONAL
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN A
SECTION ANSWER
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN AAAA
SECTION ANSWER
ENTRY_END
; line 9 DNAME
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN DNAME
SECTION ANSWER
example.com. IN DNAME example.com.
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
cyc.example.com. IN A
SECTION ANSWER
example.com. IN DNAME example.com.
cyc.example.com. IN CNAME cyc.example.com.
ENTRY_END
RANGE_END
; end of ns1.example.com.
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;10 cyc.example.com. example.com. c.example.com. cyc.c.example.com.
;
; cyc.example.com. was renamed to cyc2.example.com. to avoid cache clashes
; on the synthetized CNAME (caching CNAMEs is allowed by RFC 6672 section 3.4)
;
; target c.example.com. was renamed to cyc2.example.net.
; to limit number of pre-canned answers required for the test
STEP 221001 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
cyc2.example.com. IN A
ENTRY_END
; Expected result is defined by RFC 1034 section 3.6.2:
; CNAME chains should be followed and CNAME loops signalled as an error
STEP 221002 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO SERVFAIL
SECTION QUESTION
cyc2.example.com. IN A
ENTRY_END
; ns1.example.com.
RANGE_BEGIN 221000 221099
ADDRESS 168.192.2.2
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN NS
SECTION ANSWER
example.com. IN NS ns1.example.com.
SECTION ADDITIONAL
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN A
SECTION ANSWER
ns1.example.com. IN A 168.192.2.2
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.com. IN AAAA
SECTION ANSWER
ENTRY_END
; line 10 DNAME
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.com. IN DNAME
SECTION ANSWER
example.com. IN DNAME cyc2.example.net.
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
cyc2.example.com. IN A
SECTION ANSWER
example.com. IN DNAME cyc2.example.net.
cyc2.example.com. IN CNAME cyc2.cyc2.example.net.
ENTRY_END
RANGE_END
; end of ns1.example.com.
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;11 shortloop.x.x. x. . shortloop.x.
STEP 221101 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
shortloop.x.x. TXT
ENTRY_END
STEP 221102 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
shortloop.x.x. IN TXT
SECTION ANSWER
x. IN DNAME .
shortloop.x.x. IN CNAME shortloop.x.
;;x. IN DNAME .
shortloop.x. IN CNAME shortloop.
shortloop. IN TXT "shortloop end"
ENTRY_END
;# QNAME owner DNAME target result
;-- ---------------- -------------- -------------- -----------------
;12 shortloop.x. x. . shortloop.
; expire potentically cached CNAMEs for shortloop.x. from cache
STEP 221200 TIME_PASSES ELAPSE 10000
STEP 221201 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
shortloop.x. TXT
ENTRY_END
STEP 221202 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
shortloop.x. IN TXT
SECTION ANSWER
x. IN DNAME .
shortloop.x. IN CNAME shortloop.
shortloop. IN TXT "shortloop end"
ENTRY_END
; ns1.example.net. (data shared by whole 22xxxx range)
RANGE_BEGIN 220000 229999
ADDRESS 168.192.3.3
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
example.net. IN NS
SECTION ANSWER
example.net. IN NS ns1.example.net.
SECTION ADDITIONAL
example.net. IN A 168.192.3.3
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.net. IN A
SECTION ANSWER
ns1.example.net. IN A 168.192.3.3
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
ns1.example.net. IN AAAA
SECTION ANSWER
ENTRY_END
; line 3
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
a.example.net. IN A
SECTION ANSWER
a.example.net. IN A 10.0.0.97
ENTRY_END
; line 4
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
a.b.example.net. IN A
SECTION ANSWER
a.b.example.net. IN A 10.0.97.98
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
a2.y.example.net. IN A
SECTION ANSWER
a2.y.example.net. IN A 10.97.50.121
ENTRY_END
; line 10
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
cyc2.example.net. IN DNAME
SECTION ANSWER
cyc2.example.net. IN DNAME example.com.
ENTRY_END
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
cyc2.cyc2.example.net. IN A
SECTION ANSWER
cyc2.example.net. IN DNAME example.com.
cyc2.cyc2.example.com. IN CNAME cyc2.example.com.
ENTRY_END
RANGE_END
; end of ns1.example.net.
; RFC 6672 section 2.2: YXDOMAIN answers for too long results for substitution
; RFC 6672 section 2.3: DNAME can be at zone apex: zone apex = long.
STEP 229001 QUERY
ENTRY_BEGIN
REPLY RD DO
SECTION QUESTION
x.long. IN A
ENTRY_END
; query returning maximal permissible length - should work
STEP 229002 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA DO
SECTION QUESTION
x.long. IN A
SECTION ANSWER
long. 3600 IN DNAME 63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
x.long. 3600 IN CNAME x.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
x.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. 3600 IN A 192.0.2.1
ENTRY_END
; result of substitution has too long name
; YXDOMAIN should be propagated to the client
; Unbound SEVFAILs: https://www.ietf.org/mail-archive/web/dnsext/current/msg11282.html
;TODO
; STEP 229003 QUERY
; ENTRY_BEGIN
; REPLY RD DO
; SECTION QUESTION
; too.long. IN A
; ENTRY_END
;
; STEP 229004 CHECK_ANSWER
; ENTRY_BEGIN
; MATCH all
; REPLY QR YXDOMAIN
; SECTION QUESTION
; x.long. IN A
; SECTION ANSWER
; long. 3600 IN DNAME 63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
; ENTRY_END
; YXDOMAIN should work even if the cache is empty
STEP 229005 TIME_PASSES ELAPSE 4000
; STEP 229006 QUERY
; ENTRY_BEGIN
; REPLY RD DO
; SECTION QUESTION
; too.long. IN A
; ENTRY_END
;
; STEP 229007 CHECK_ANSWER
; ENTRY_BEGIN
; MATCH all
; REPLY QR YXDOMAIN
; SECTION QUESTION
; x.long. IN A
; SECTION ANSWER
; long. 3600 IN DNAME 63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.63o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.60o-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.
; ENTRY_END
SCENARIO_END
Reference in New Issue View Git Blame Copy Permalink