1 ; config options 2 server: 3 target-fetch-policy: "0 0 0 0 0" 4 ; Options for signed zone. The zone is partially copied from val_negcache_nxdomain.rpl 5 trust-anchor: "testzone.nlnetlabs.nl. IN DS 2926 8 2 6f8512d1e82eecbd684fc4a76f39f8c5b411af385494873bdead663ddb78a88b" 6 val-override-date: "20180213111425" 7 qname-minimisation: "no" 8 trust-anchor-signaling: no 9 aggressive-nsec: yes 10 zonemd-permissive-mode: yes 11 12 auth-zone: 13 name: "example.com." 14 ## zonefile (or none). 15 ## zonefile: "example.com.zone" 16 ## master by IP address or hostname 17 ## can list multiple masters, each on one line. 18 ## master: 19 ## url for http fetch 20 ## url: 21 ## queries from downstream clients get authoritative answers. 22 ## for-downstream: yes 23 for-downstream: yes 24 ## queries are used to fetch authoritative answers from this zone, 25 ## instead of unbound itself sending queries there. 26 ## for-upstream: yes 27 for-upstream: no 28 ## on failures with for-upstream, fallback to sending queries to 29 ## the authority servers 30 ## fallback-enabled: no 31 32 ## this line generates zonefile: \n"/tmp/xxx.example.com"\n 33 zonefile: 34 TEMPFILE_NAME example.com 35 ## this is the inline file /tmp/xxx.example.com 36 ## the tempfiles are deleted when the testrun is over. 37 TEMPFILE_CONTENTS example.com 38 $ORIGIN com. 39 example 3600 IN SOA dns.example.de. hostmaster.dns.example.de. ( 40 1379078166 28800 7200 604800 7200 ) 41 3600 IN NS ns1.example.com. 42 3600 IN NS ns2.example.com. 43 $ORIGIN example.com. 44 www 3600 IN A 1.2.3.4 45 mail 3600 IN A 1.2.3.5 46 3600 IN AAAA ::5 47 ns1 3600 IN A 1.2.3.4 48 ns2 3600 IN AAAA ::2 49 TEMPFILE_END 50 51 auth-zone: 52 name: "soa.high.com." 53 for-downstream: yes 54 for-upstream: no 55 zonefile: 56 TEMPFILE_NAME soa.high.com 57 TEMPFILE_CONTENTS soa.high.com 58 $ORIGIN high.com. 59 soa 500 IN SOA dns.example.de. hostmaster.dns.example.de. ( 60 1379078166 28800 7200 604800 200 ) 61 3600 IN NS ns1.example.com. 62 3600 IN NS ns2.example.com. 63 TEMPFILE_END 64 65 auth-zone: 66 name: "soa.low.com." 67 for-downstream: yes 68 for-upstream: no 69 zonefile: 70 TEMPFILE_NAME soa.low.com 71 TEMPFILE_CONTENTS soa.low.com 72 $ORIGIN low.com. 73 soa 200 IN SOA dns.example.de. hostmaster.dns.example.de. ( 74 1379078166 28800 7200 604800 500 ) 75 3600 IN NS ns1.example.com. 76 3600 IN NS ns2.example.com. 77 TEMPFILE_END 78 79 auth-zone: 80 name: "testzone.nlnetlabs.nl." 81 for-downstream: yes 82 for-upstream: no 83 zonefile: 84 TEMPFILE_NAME testzone.nlnetlabs.nl 85 TEMPFILE_CONTENTS testzone.nlnetlabs.nl 86 $ORIGIN testzone.nlnetlabs.nl. 87 testzone.nlnetlabs.nl. 3600 IN NSEC alligator.testzone.nlnetlabs.nl. NS SOA RRSIG NSEC DNSKEY 88 testzone.nlnetlabs.nl. 3600 IN RRSIG NSEC 8 3 3600 20180313102201 20180213102201 44940 testzone.nlnetlabs.nl. gTKn6U1nal9oA79IRxLa/7zexl6A0yJZzeEGBbZ5rh5feyAr2X4LTR9bPCgcHeMVggf4FP+kD1L/sxzj/YLwB1ZKGKlwnzsHtPFTlmvDClaqQ76DRZq5Vejr2ZfnclBUb2vtxaXywTRW8oueaaq9flcShEQ/cQ+KRU8sc344qd0= 89 alligator.testzone.nlnetlabs.nl. 3600 IN NSEC cheetah.testzone.nlnetlabs.nl. TXT RRSIG NSEC 90 alligator.testzone.nlnetlabs.nl. 3600 IN RRSIG NSEC 8 4 3600 20180313102201 20180213102201 44940 testzone.nlnetlabs.nl. QAgQ0AsMoYG02+VPfoOctSPlTHdQOkQt5fFkSkzIbVhUzNOqa+dB/Qkc81AwFeJosA+PvYjt6utcVkIWmK2Djy9eXC49gILtVF79vUe4G7ZrybO5NXjqNa5ANoUGM+yew4wkjeNOMVAsvs+1kvFY7S8RAa/0AIYlZHQ8vNBPNaI= 91 testzone.nlnetlabs.nl. 4600 IN SOA ns.nlnetlabs.nl. ralph.nlnetlabs.nl. 1 14400 3600 604800 3600 92 testzone.nlnetlabs.nl. 4600 IN RRSIG SOA 8 3 3600 20180313102201 20180213102201 44940 testzone.nlnetlabs.nl. GhmXNFQktZIgaBpGKwj9Q2mfq5+jcbRPK+PPgtRVicUPZga/d/iGEL8PV/8DzGwkaZbM14pamSUMgdJibW4zNhLz/ukjPilbjoj6giH1jtbdZLAQ6iK9pZ/4jKUEq4txviTczZNnDeolgPEEl4xo4NclQmi7zj1XBlQRbjvG0/0= 93 TEMPFILE_END 94 95 stub-zone: 96 name: "." 97 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 98 CONFIG_END 99 100 SCENARIO_BEGIN Test authority zone with zonefile for downstream responses 101 102 ; K.ROOT-SERVERS.NET. 103 RANGE_BEGIN 0 100 104 ADDRESS 193.0.14.129 105 ENTRY_BEGIN 106 MATCH opcode qtype qname 107 ADJUST copy_id 108 REPLY QR NOERROR 109 SECTION QUESTION 110 . IN NS 111 SECTION ANSWER 112 . IN NS K.ROOT-SERVERS.NET. 113 SECTION ADDITIONAL 114 K.ROOT-SERVERS.NET. IN A 193.0.14.129 115 ENTRY_END 116 117 ENTRY_BEGIN 118 MATCH opcode subdomain 119 ADJUST copy_id copy_query 120 REPLY QR NOERROR 121 SECTION QUESTION 122 com. IN NS 123 SECTION AUTHORITY 124 com. IN NS a.gtld-servers.net. 125 SECTION ADDITIONAL 126 a.gtld-servers.net. IN A 192.5.6.30 127 ENTRY_END 128 RANGE_END 129 130 ; a.gtld-servers.net. 131 RANGE_BEGIN 0 100 132 ADDRESS 192.5.6.30 133 ENTRY_BEGIN 134 MATCH opcode qtype qname 135 ADJUST copy_id 136 REPLY QR NOERROR 137 SECTION QUESTION 138 com. IN NS 139 SECTION ANSWER 140 com. IN NS a.gtld-servers.net. 141 SECTION ADDITIONAL 142 a.gtld-servers.net. IN A 192.5.6.30 143 ENTRY_END 144 145 ENTRY_BEGIN 146 MATCH opcode subdomain 147 ADJUST copy_id copy_query 148 REPLY QR NOERROR 149 SECTION QUESTION 150 example.com. IN NS 151 SECTION AUTHORITY 152 example.com. IN NS ns.example.com. 153 SECTION ADDITIONAL 154 ns.example.com. IN A 1.2.3.44 155 ENTRY_END 156 RANGE_END 157 158 ; ns.example.net. 159 RANGE_BEGIN 0 100 160 ADDRESS 1.2.3.44 161 ENTRY_BEGIN 162 MATCH opcode qtype qname 163 ADJUST copy_id 164 REPLY QR NOERROR 165 SECTION QUESTION 166 example.net. IN NS 167 SECTION ANSWER 168 example.net. IN NS ns.example.net. 169 SECTION ADDITIONAL 170 ns.example.net. IN A 1.2.3.44 171 ENTRY_END 172 173 ENTRY_BEGIN 174 MATCH opcode qtype qname 175 ADJUST copy_id 176 REPLY QR NOERROR 177 SECTION QUESTION 178 ns.example.net. IN A 179 SECTION ANSWER 180 ns.example.net. IN A 1.2.3.44 181 SECTION AUTHORITY 182 example.net. IN NS ns.example.net. 183 ENTRY_END 184 185 ENTRY_BEGIN 186 MATCH opcode qtype qname 187 ADJUST copy_id 188 REPLY QR NOERROR 189 SECTION QUESTION 190 ns.example.net. IN AAAA 191 SECTION AUTHORITY 192 example.net. IN NS ns.example.net. 193 SECTION ADDITIONAL 194 www.example.net. IN A 1.2.3.44 195 ENTRY_END 196 197 ENTRY_BEGIN 198 MATCH opcode qtype qname 199 ADJUST copy_id 200 REPLY QR NOERROR 201 SECTION QUESTION 202 example.com. IN NS 203 SECTION ANSWER 204 example.com. IN NS ns.example.net. 205 ENTRY_END 206 207 ENTRY_BEGIN 208 MATCH opcode qtype qname 209 ADJUST copy_id 210 REPLY QR NOERROR 211 SECTION QUESTION 212 www.example.com. IN A 213 SECTION ANSWER 214 www.example.com. IN A 10.20.30.40 215 ENTRY_END 216 RANGE_END 217 218 STEP 1 QUERY 219 ENTRY_BEGIN 220 REPLY RD 221 SECTION QUESTION 222 www.example.com. IN A 223 ENTRY_END 224 225 ; recursion happens here. 226 STEP 20 CHECK_ANSWER 227 ENTRY_BEGIN 228 MATCH all 229 REPLY QR RD RA AA NOERROR 230 SECTION QUESTION 231 www.example.com. IN A 232 SECTION ANSWER 233 www.example.com. IN A 1.2.3.4 234 ENTRY_END 235 236 ; check SOA TTL to be the minimum of the SOA.minimum and the SOA TTL 237 STEP 30 QUERY 238 ENTRY_BEGIN 239 REPLY RD 240 SECTION QUESTION 241 nonexistent.soa.high.com. IN A 242 ENTRY_END 243 STEP 31 CHECK_ANSWER 244 ENTRY_BEGIN 245 MATCH all ttl 246 REPLY QR RD RA AA NXDOMAIN 247 SECTION QUESTION 248 nonexistent.soa.high.com IN A 249 SECTION AUTHORITY 250 soa.high.com. 200 IN SOA dns.example.de. hostmaster.dns.example.de. 1379078166 28800 7200 604800 200 251 ENTRY_END 252 ; check that the original SOA is also returned 253 STEP 32 QUERY 254 ENTRY_BEGIN 255 REPLY RD 256 SECTION QUESTION 257 soa.high.com. IN SOA 258 ENTRY_END 259 STEP 33 CHECK_ANSWER 260 ENTRY_BEGIN 261 MATCH all ttl 262 REPLY QR RD RA AA NOERROR 263 SECTION QUESTION 264 soa.high.com. IN SOA 265 SECTION ANSWER 266 soa.high.com. 500 IN SOA dns.example.de. hostmaster.dns.example.de. 1379078166 28800 7200 604800 200 267 ENTRY_END 268 269 ; check SOA TTL to be the minimum of the SOA.minimum and the SOA TTL 270 STEP 40 QUERY 271 ENTRY_BEGIN 272 REPLY RD 273 SECTION QUESTION 274 nonexistent.soa.low.com. IN A 275 ENTRY_END 276 STEP 41 CHECK_ANSWER 277 ENTRY_BEGIN 278 MATCH all ttl 279 REPLY QR RD RA AA NXDOMAIN 280 SECTION QUESTION 281 nonexistent.soa.low.com. IN A 282 SECTION AUTHORITY 283 soa.low.com. 200 IN SOA dns.example.de. hostmaster.dns.example.de. 1379078166 28800 7200 604800 500 284 ENTRY_END 285 ; check that the original SOA is also returned 286 STEP 42 QUERY 287 ENTRY_BEGIN 288 REPLY RD 289 SECTION QUESTION 290 soa.low.com. IN SOA 291 ENTRY_END 292 STEP 43 CHECK_ANSWER 293 ENTRY_BEGIN 294 MATCH all ttl 295 REPLY QR RD RA AA NOERROR 296 SECTION QUESTION 297 soa.low.com. IN SOA 298 SECTION ANSWER 299 soa.low.com. 200 IN SOA dns.example.de. hostmaster.dns.example.de. 1379078166 28800 7200 604800 500 300 ENTRY_END 301 302 ; check SOA TTL to be minimum of the SOA.minimum and the SOA TTL for DNSSEC 303 STEP 50 QUERY 304 ENTRY_BEGIN 305 REPLY RD DO 306 SECTION QUESTION 307 ant.testzone.nlnetlabs.nl. IN A 308 ENTRY_END 309 STEP 51 CHECK_ANSWER 310 ENTRY_BEGIN 311 MATCH all ttl 312 REPLY QR RD DO RA AA NXDOMAIN 313 SECTION QUESTION 314 ant.testzone.nlnetlabs.nl. IN A 315 SECTION AUTHORITY 316 testzone.nlnetlabs.nl. 3600 IN SOA ns.nlnetlabs.nl. ralph.nlnetlabs.nl. 1 14400 3600 604800 3600 317 testzone.nlnetlabs.nl. 3600 IN RRSIG SOA 8 3 3600 20180313102201 20180213102201 44940 testzone.nlnetlabs.nl. GhmXNFQktZIgaBpGKwj9Q2mfq5+jcbRPK+PPgtRVicUPZga/d/iGEL8PV/8DzGwkaZbM14pamSUMgdJibW4zNhLz/ukjPilbjoj6giH1jtbdZLAQ6iK9pZ/4jKUEq4txviTczZNnDeolgPEEl4xo4NclQmi7zj1XBlQRbjvG0/0= 318 alligator.testzone.nlnetlabs.nl. 3600 IN NSEC cheetah.testzone.nlnetlabs.nl. TXT RRSIG NSEC 319 alligator.testzone.nlnetlabs.nl. 3600 IN RRSIG NSEC 8 4 3600 20180313102201 20180213102201 44940 testzone.nlnetlabs.nl. QAgQ0AsMoYG02+VPfoOctSPlTHdQOkQt5fFkSkzIbVhUzNOqa+dB/Qkc81AwFeJosA+PvYjt6utcVkIWmK2Djy9eXC49gILtVF79vUe4G7ZrybO5NXjqNa5ANoUGM+yew4wkjeNOMVAsvs+1kvFY7S8RAa/0AIYlZHQ8vNBPNaI= 320 testzone.nlnetlabs.nl. 3600 IN NSEC alligator.testzone.nlnetlabs.nl. NS SOA RRSIG NSEC DNSKEY 321 testzone.nlnetlabs.nl. 3600 IN RRSIG NSEC 8 3 3600 20180313102201 20180213102201 44940 testzone.nlnetlabs.nl. gTKn6U1nal9oA79IRxLa/7zexl6A0yJZzeEGBbZ5rh5feyAr2X4LTR9bPCgcHeMVggf4FP+kD1L/sxzj/YLwB1ZKGKlwnzsHtPFTlmvDClaqQ76DRZq5Vejr2ZfnclBUb2vtxaXywTRW8oueaaq9flcShEQ/cQ+KRU8sc344qd0= 322 ENTRY_END 323 ; check that the original SOA is also returned 324 STEP 52 QUERY 325 ENTRY_BEGIN 326 REPLY RD DO 327 SECTION QUESTION 328 testzone.nlnetlabs.nl. IN SOA 329 ENTRY_END 330 STEP 53 CHECK_ANSWER 331 ENTRY_BEGIN 332 MATCH all ttl 333 REPLY QR RD DO RA AA NOERROR 334 SECTION QUESTION 335 testzone.nlnetlabs.nl. IN SOA 336 SECTION ANSWER 337 testzone.nlnetlabs.nl. 4600 IN SOA ns.nlnetlabs.nl. ralph.nlnetlabs.nl. 1 14400 3600 604800 3600 338 testzone.nlnetlabs.nl. 4600 IN RRSIG SOA 8 3 3600 20180313102201 20180213102201 44940 testzone.nlnetlabs.nl. GhmXNFQktZIgaBpGKwj9Q2mfq5+jcbRPK+PPgtRVicUPZga/d/iGEL8PV/8DzGwkaZbM14pamSUMgdJibW4zNhLz/ukjPilbjoj6giH1jtbdZLAQ6iK9pZ/4jKUEq4txviTczZNnDeolgPEEl4xo4NclQmi7zj1XBlQRbjvG0/0= 339 ENTRY_END 340 341 SCENARIO_END 342
Indexes created Mon Jun 01 00:24:59 UTC 2026