File: serve_expired_client_timeout_servfail.rpl

package info (click to toggle)
unbound 1.22.0-2
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 30,124 kB
  • sloc: ansic: 131,784; sh: 6,810; yacc: 4,119; python: 1,948; makefile: 1,646; awk: 162; perl: 158; xml: 36
file content (196 lines) | stat: -rw-r--r-- 4,416 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
 
; config options
server:
	module-config: "validator iterator"
	qname-minimisation: "no"
	minimal-responses: no
	serve-expired: yes
	serve-expired-client-timeout: 1
	serve-expired-reply-ttl: 123
	log-servfail: yes
	ede: yes
	ede-serve-expired: yes


stub-zone:
	name: "example.com"
	stub-addr: 1.2.3.4
CONFIG_END

SCENARIO_BEGIN Test serve-expired with client-timeout and a SERVFAIL upstream reply
; Scenario overview:
; - query for example.com. IN A
; - check that we get an answer for example.com. IN A with the correct TTL
; - query again right after the TTL expired
; - answer from upstream is servfail
; - (expired cached answer will not be replaced, instead marked as unresolvable for NORR_TTL(5))
; - check that we get the expired cached answer
; - query again (the answer is available on the upstream server now)
; - check that we get the immediate expired answer back instead
; - (the upstream query does happen after the expired reply and updates the cache)
; - query again (the upstream has no answer)
; - check that we get the freshly cached answer

; ns.example.com.
RANGE_BEGIN 0 20
	ADDRESS 1.2.3.4
	ENTRY_BEGIN
		MATCH opcode qtype qname
		ADJUST copy_id
		REPLY QR NOERROR
		SECTION QUESTION
			example.com. IN NS
		SECTION ANSWER
			example.com. 10 IN NS ns.example.com.
		SECTION ADDITIONAL
			ns.example.com. 10 IN A 1.2.3.4
	ENTRY_END

	ENTRY_BEGIN
		MATCH opcode qtype qname
		ADJUST copy_id
		REPLY QR NOERROR
		SECTION QUESTION
			example.com. IN A
		SECTION ANSWER
			example.com. 10 IN A 5.6.7.8
		SECTION AUTHORITY
			example.com. 10 IN NS ns.example.com.
		SECTION ADDITIONAL
			ns.example.com. 10 IN A 1.2.3.4
	ENTRY_END
RANGE_END

; ns.example.com.
RANGE_BEGIN 30 40
	ADDRESS 1.2.3.4
	; response to A query
	ENTRY_BEGIN
		MATCH opcode qtype qname
		ADJUST copy_id
		REPLY QR AA SERVFAIL
		SECTION QUESTION
			example.com. IN A
	ENTRY_END
RANGE_END

; ns.example.com.
RANGE_BEGIN 50 60
	ADDRESS 1.2.3.4
	; response to A query
	ENTRY_BEGIN
		MATCH opcode qtype qname
		ADJUST copy_id
		REPLY QR NOERROR
		SECTION QUESTION
			example.com. IN A
		SECTION ANSWER
			example.com. 10 IN A 5.6.7.8
		SECTION AUTHORITY
			example.com. 10 IN NS ns.example.com.
		SECTION ADDITIONAL
			ns.example.com. 10 IN A 1.2.3.4
	ENTRY_END
RANGE_END

; Query with RD flag
STEP 1 QUERY
ENTRY_BEGIN
	REPLY RD
	SECTION QUESTION
		example.com. IN A
ENTRY_END

; Check that we got the correct answer (should be cached)
STEP 10 CHECK_ANSWER
ENTRY_BEGIN
	MATCH all ttl
	REPLY QR RD RA NOERROR
	SECTION QUESTION
		example.com. IN A
	SECTION ANSWER
		example.com. 10 IN A 5.6.7.8
	SECTION AUTHORITY
		example.com. 10 IN NS ns.example.com.
	SECTION ADDITIONAL
		ns.example.com. 10 IN A 1.2.3.4
ENTRY_END

; Wait for the TTL to expire
STEP 11 TIME_PASSES ELAPSE 11

; Query again
STEP 30 QUERY
ENTRY_BEGIN
	REPLY RD DO
	SECTION QUESTION
		example.com. IN A
ENTRY_END

; Check that we got a stale answer because of the upstream SERVFAIL
STEP 40 CHECK_ANSWER
ENTRY_BEGIN
	MATCH all ttl ede=3
	REPLY QR RD RA DO NOERROR
	SECTION QUESTION
		example.com. IN A
	SECTION ANSWER
		example.com.  123 IN A 5.6.7.8
	SECTION AUTHORITY
		example.com. 123 IN NS ns.example.com.
	SECTION ADDITIONAL
		ns.example.com. 123 IN A 1.2.3.4
ENTRY_END

; Query again
STEP 50 QUERY
ENTRY_BEGIN
	REPLY RD DO
	SECTION QUESTION
		example.com. IN A
ENTRY_END

; Allow for upstream query to resolve.
STEP 51 TRAFFIC

; Check that we got an immediate stale answer because of the previous failure,
; regardless if upstream has the answer already in this range. The query will
; be resolved after the immediate cached answer and will cache the result.
STEP 60 CHECK_ANSWER
ENTRY_BEGIN
	MATCH all ttl ede=3
	REPLY QR RD RA DO NOERROR
	SECTION QUESTION
		example.com. IN A
	SECTION ANSWER
		example.com.  123 IN A 5.6.7.8
	SECTION AUTHORITY
		example.com. 123 IN NS ns.example.com.
	SECTION ADDITIONAL
		ns.example.com. 123 IN A 1.2.3.4
ENTRY_END

; Query again
STEP 70 QUERY
ENTRY_BEGIN
	REPLY RD
	SECTION QUESTION
		example.com. IN A
ENTRY_END

; Check that we got the cached updated answer from the previous step since
; there is no upstream in this range.
STEP 80 CHECK_ANSWER
ENTRY_BEGIN
	MATCH all ttl
	REPLY QR RD RA NOERROR
	SECTION QUESTION
		example.com. IN A
	SECTION ANSWER
		example.com. 10 IN A 5.6.7.8
	SECTION AUTHORITY
		example.com. 10 IN NS ns.example.com.
	SECTION ADDITIONAL
		ns.example.com. 10 IN A 1.2.3.4
ENTRY_END

SCENARIO_END