File: stop_nxdomain_minimised.rpl

package info (click to toggle)
unbound 1.6.0-2~bpo8%2B1
  • links: PTS, VCS
  • area: main
  • in suites: jessie-backports
  • size: 20,444 kB
  • sloc: ansic: 79,862; sh: 5,040; yacc: 1,900; makefile: 1,315; python: 1,302; perl: 141
file content (110 lines) | stat: -rw-r--r-- 3,043 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
; config options
server:
	target-fetch-policy: "0 0 0 0 0"
	harden-below-nxdomain: yes
	qname-minimisation: yes
	trust-anchor: ". IN DNSKEY 257 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3"
	val-override-date: "20070916134226"

stub-zone:
	name: "."
	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
stub-zone:
	name: "anotherexample.local."
	stub-addr: 10.20.30.40
CONFIG_END

SCENARIO_BEGIN Test stop cache search on nxdomain for QNAME minimised query

; K.ROOT-SERVERS.NET.
RANGE_BEGIN 0 100
	ADDRESS 193.0.14.129 
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
. IN NS
SECTION ANSWER
. IN NS	K.ROOT-SERVERS.NET.
SECTION ADDITIONAL
K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
ENTRY_END

ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR NOERROR
SECTION QUESTION
. IN DNSKEY
SECTION ANSWER
.	3600	IN	DNSKEY	257 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30900 (ksk), size = 512b}
.	3600	IN	RRSIG	DNSKEY 5 0 3600 20070926134150 20070829134150 30900 . BlVcSh8xSgm7ne+XVCJwNHQKjk5kTJgG4Fa3sOSfp3YUjb2YclmVWyIw7XEHl0/C6CN5gdy18idnM6vT6Hy42A== ;{id = 30900}
ENTRY_END

ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NXDOMAIN
SECTION QUESTION
local. IN A
SECTION AUTHORITY
.	86400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2010111601 1800 900 604800 86400
.	86400	IN	RRSIG	SOA 5 0 86400 20070926134150 20070829134150 30900 . bOYbFZZp7vWWC2oxV+kph+YXjoQj2f6QJktlgmzRI7oReFX9jy/LibTPQi/sW0SGHpLaj3G5p4IfIlBibne4DA== ;{id = 30900}
.	86400	IN	NSEC	ac. NS SOA RRSIG NSEC DNSKEY 
.	86400	IN	RRSIG	NSEC 5 0 86400 20070926134150 20070829134150 30900 . U+/m5+FmczzkosEx1aTP7MK/F3PpcKWct8CzM1jhjwNe2RlnW7qFe0IH8SLzD/elvxDTQMpJSMlKOhUUdapB8g== ;{id = 30900}
lk.	86400	IN	NSEC	lr. NS DS RRSIG NSEC 
lk.	86400	IN	RRSIG	NSEC 5 1 86400 20070926134150 20070829134150 30900 . j6Pw5Eu9vGHDJcckTSWa8YD1b7FV7c/Z8aVkLfJCH+iPcaa40/LSp784+t2PnAAXL8fgriNL6jF/ve1rti3ANQ== ;{id = 30900}
ENTRY_END
RANGE_END

RANGE_BEGIN 0 100
	ADDRESS 10.20.30.40
ENTRY_BEGIN
MATCH opcode qtype qname
ADJUST copy_id
REPLY QR AA NOERROR
SECTION QUESTION
anotherexample.local. IN TXT
SECTION ANSWER
anotherexample.local.	86400	IN	TXT	"should not resolve this"
ENTRY_END
RANGE_END

STEP 1 QUERY
ENTRY_BEGIN
REPLY RD
SECTION QUESTION
example.local. IN TXT
ENTRY_END

; recursion happens here.
STEP 10 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA NXDOMAIN
SECTION QUESTION
example.local. IN TXT
SECTION AUTHORITY
.	86400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2010111601 1800 900 604800 86400
ENTRY_END

STEP 20 QUERY
ENTRY_BEGIN
REPLY RD
SECTION QUESTION
anotherexample.local. IN TXT
ENTRY_END

; query should be answered using NXDOMAIN for local in cache
STEP 30 CHECK_ANSWER
ENTRY_BEGIN
MATCH all
REPLY QR RD RA NXDOMAIN
SECTION QUESTION
anotherexample.local. IN TXT
SECTION AUTHORITY
.	86400	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2010111601 1800 900 604800 86400
ENTRY_END

SCENARIO_END