1 1.1 christos ; config options 2 1.1 christos server: 3 1.1 christos target-fetch-policy: "0 0 0 0 0" 4 1.1 christos trust-anchor: "com. DS 1444 8 2 0d72034e3e18a9ef383c164b68302433bbde957616e10cf44575fea2abae469c" 5 1.1 christos trust-anchor-signaling: no 6 1.1 christos val-override-date: 20201020135527 7 1.1 christos 8 1.1 christos auth-zone: 9 1.1 christos name: "example.com." 10 1.1 christos ## zonefile (or none). 11 1.1 christos ## zonefile: "example.com.zone" 12 1.1 christos ## master by IP address or hostname 13 1.1 christos ## can list multiple masters, each on one line. 14 1.1 christos ## master: 15 1.1 christos ## url for http fetch 16 1.1 christos ## url: 17 1.1 christos ## queries from downstream clients get authoritative answers. 18 1.1 christos ## for-downstream: yes 19 1.1 christos for-downstream: no 20 1.1 christos ## queries are used to fetch authoritative answers from this zone, 21 1.1 christos ## instead of unbound itself sending queries there. 22 1.1 christos ## for-upstream: yes 23 1.1 christos for-upstream: yes 24 1.1 christos ## on failures with for-upstream, fallback to sending queries to 25 1.1 christos ## the authority servers 26 1.1 christos ## fallback-enabled: no 27 1.1 christos zonemd-check: yes 28 1.1 christos 29 1.1 christos ## this line generates zonefile: \n"/tmp/xxx.example.com"\n 30 1.1 christos zonefile: 31 1.1 christos TEMPFILE_NAME example.com 32 1.1 christos ## this is the inline file /tmp/xxx.example.com 33 1.1 christos ## the tempfiles are deleted when the testrun is over. 34 1.1 christos TEMPFILE_CONTENTS example.com 35 1.1 christos example.com. IN SOA ns.example.com. hostmaster.example.com. 200154054 28800 7200 604800 3600 36 1.1 christos example.com. IN NS ns.example.com. 37 1.1 christos ; correct ZONEMD 38 1.1 christos ;example.com. IN ZONEMD 200154054 1 2 EFAA5B78B38AB1C45DE57B8167BCCE906451D0E72118E1F5E80B5F0C3CF04BFFC65D53C011185528EAD439D6F3A02F511961E090E5E4E0DFA013BD276D728B22 39 1.1 christos ; wrong ZONEMD 40 1.1 christos example.com. IN ZONEMD 200154054 1 2 EFAA5B78B38AB1C45DE57B8167BCCE906451D0E72118E1F5E80B5F0C3CF04BFFC65D53C011185528EAD439D6F3A02F511961E090E5E4E0DFA013BD276D7AAAAA 41 1.1 christos www.example.com. IN A 127.0.0.1 42 1.1 christos ns.example.com. IN A 127.0.0.1 43 1.1 christos bar.example.com. IN A 1.2.3.4 44 1.1 christos ding.example.com. IN A 1.2.3.4 45 1.1 christos foo.example.com. IN A 1.2.3.4 46 1.1 christos TEMPFILE_END 47 1.1 christos 48 1.1 christos stub-zone: 49 1.1 christos name: "." 50 1.1 christos stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 51 1.1 christos CONFIG_END 52 1.1 christos 53 1.1 christos SCENARIO_BEGIN Test authority zone with ZONEMD fail that is securely insecure 54 1.1 christos ; the trust anchor finds an online delegation with an insecure DS referral. 55 1.1 christos ; the ZONEMD is wrong, eg. the hash does not match the zone data. 56 1.1 christos 57 1.1 christos ; K.ROOT-SERVERS.NET. 58 1.1 christos RANGE_BEGIN 0 100 59 1.1 christos ADDRESS 193.0.14.129 60 1.1 christos ENTRY_BEGIN 61 1.1 christos MATCH opcode qtype qname 62 1.1 christos ADJUST copy_id 63 1.1 christos REPLY QR NOERROR 64 1.1 christos SECTION QUESTION 65 1.1 christos . IN NS 66 1.1 christos SECTION ANSWER 67 1.1 christos . IN NS K.ROOT-SERVERS.NET. 68 1.1 christos SECTION ADDITIONAL 69 1.1 christos K.ROOT-SERVERS.NET. IN A 193.0.14.129 70 1.1 christos ENTRY_END 71 1.1 christos 72 1.1 christos ENTRY_BEGIN 73 1.1 christos MATCH opcode subdomain 74 1.1 christos ADJUST copy_id copy_query 75 1.1 christos REPLY QR NOERROR 76 1.1 christos SECTION QUESTION 77 1.1 christos com. IN NS 78 1.1 christos SECTION AUTHORITY 79 1.1 christos com. IN NS a.gtld-servers.net. 80 1.1 christos SECTION ADDITIONAL 81 1.1 christos a.gtld-servers.net. IN A 192.5.6.30 82 1.1 christos ENTRY_END 83 1.1 christos RANGE_END 84 1.1 christos 85 1.1 christos ; a.gtld-servers.net. 86 1.1 christos RANGE_BEGIN 0 100 87 1.1 christos ADDRESS 192.5.6.30 88 1.1 christos ENTRY_BEGIN 89 1.1 christos MATCH opcode qtype qname 90 1.1 christos ADJUST copy_id 91 1.1 christos REPLY QR NOERROR 92 1.1 christos SECTION QUESTION 93 1.1 christos com. IN NS 94 1.1 christos SECTION ANSWER 95 1.1 christos com. IN NS a.gtld-servers.net. 96 1.1 christos SECTION ADDITIONAL 97 1.1 christos a.gtld-servers.net. IN A 192.5.6.30 98 1.1 christos ENTRY_END 99 1.1 christos 100 1.1 christos ENTRY_BEGIN 101 1.1 christos MATCH opcode qname qtype 102 1.1 christos ADJUST copy_id 103 1.1 christos REPLY QR AA NOERROR 104 1.1 christos SECTION QUESTION 105 1.1 christos example.com. IN DS 106 1.1 christos SECTION AUTHORITY 107 1.1 christos com. SOA a.gtld-servers.net. nstld.verisign-grs.com. 1603979208 1800 900 604800 86400 108 1.1 christos com. 3600 IN RRSIG SOA 8 1 3600 20201116135527 20201019135527 1444 com. LTUZ8PlkMLX+dBZLGcJcahrzOgf1PgYbi/s5VKyR9iyYKeP6qdxO5VehUVHdXfmUiXrsszvhAHzo4AZnfRbDkK6uTfMKCSIB1aXOU4A74LpjhJBsXjyo3CN3IK/dMS/FpJfAb6JnuQV1E3ytDd34yNsoBazEjYeoN1kymGAttbM= 109 1.1 christos example.com. IN NSEC foo.com. NS RRSIG 110 1.1 christos example.com. 3600 IN RRSIG NSEC 8 2 3600 20201116135527 20201019135527 1444 com. KK6ci3DUnGJ9gaBBqS+71TiFBGcl51YLZAYGADDWuSgFOLLbh1nV//la08zE1i8ITQjjsqyRw7/MA8LWpPR3TnUjJLk6mBd/kB3dJ8BHWRqcyreFo6Pu383oCcXTpwkFcL4ulhp54LUxbA3arWVjWbx8815vvNKsEtWUyrz4LN8= 111 1.1 christos ENTRY_END 112 1.1 christos 113 1.1 christos ENTRY_BEGIN 114 1.1 christos MATCH opcode subdomain 115 1.1 christos ADJUST copy_id copy_query 116 1.1 christos REPLY QR NOERROR 117 1.1 christos SECTION QUESTION 118 1.1 christos example.com. IN NS 119 1.1 christos SECTION AUTHORITY 120 1.1 christos example.com. IN NS ns.example.com. 121 1.1 christos example.com. IN NSEC foo.com. NS RRSIG 122 1.1 christos example.com. 3600 IN RRSIG NSEC 8 2 3600 20201116135527 20201019135527 1444 com. KK6ci3DUnGJ9gaBBqS+71TiFBGcl51YLZAYGADDWuSgFOLLbh1nV//la08zE1i8ITQjjsqyRw7/MA8LWpPR3TnUjJLk6mBd/kB3dJ8BHWRqcyreFo6Pu383oCcXTpwkFcL4ulhp54LUxbA3arWVjWbx8815vvNKsEtWUyrz4LN8= 123 1.1 christos SECTION ADDITIONAL 124 1.1 christos ns.example.com. IN A 1.2.3.44 125 1.1 christos ENTRY_END 126 1.1 christos 127 1.1 christos ENTRY_BEGIN 128 1.1 christos MATCH opcode qtype qname 129 1.1 christos ADJUST copy_id 130 1.1 christos REPLY QR AA NOERROR 131 1.1 christos SECTION QUESTION 132 1.1 christos com. IN DNSKEY 133 1.1 christos SECTION ANSWER 134 1.1 christos com. 3600 IN DNSKEY 257 3 8 AwEAAbd9WqjzE2Pynz21OG5doSf9hFzMr5dhzz2waZ3vTa+0o5r7AjTAqmA1yH/B3+aAMihUm5ucZSfVqo7+kOaRE8yFj9aivOmA1n1+JLevJq/oyvQyjxQN2Qb89LyaNUT5oKZIiL+uyyhNW3KDR3SSbQ/GBwQNDHVcZi+JDR3RC0r7 ;{id = 1444 (ksk), size = 1024b} 135 1.1 christos com. 3600 IN RRSIG DNSKEY 8 1 3600 20201116135527 20201019135527 1444 com. BEOMfWvi6RgnHaHsst+Ed265hBuCkgMR7gDpu89J7ZrVL6DzMKnNVFdgjl/9xwLj/pkukc7qeLSHjAfLlN0E4THW7PVshscQnjvXCkktG2Ejx9fTyllAqeGDh9z9QDGlQZIGTMgb9413qZhNqe2Tda9PTJRpiZ8b4bdQp6V1kVo= 136 1.1 christos SECTION ADDITIONAL 137 1.1 christos ENTRY_END 138 1.1 christos 139 1.1 christos RANGE_END 140 1.1 christos 141 1.1 christos ; ns.example.net. 142 1.1 christos RANGE_BEGIN 0 100 143 1.1 christos ADDRESS 1.2.3.44 144 1.1 christos ENTRY_BEGIN 145 1.1 christos MATCH opcode qtype qname 146 1.1 christos ADJUST copy_id 147 1.1 christos REPLY QR NOERROR 148 1.1 christos SECTION QUESTION 149 1.1 christos example.net. IN NS 150 1.1 christos SECTION ANSWER 151 1.1 christos example.net. IN NS ns.example.net. 152 1.1 christos SECTION ADDITIONAL 153 1.1 christos ns.example.net. IN A 1.2.3.44 154 1.1 christos ENTRY_END 155 1.1 christos 156 1.1 christos ENTRY_BEGIN 157 1.1 christos MATCH opcode qtype qname 158 1.1 christos ADJUST copy_id 159 1.1 christos REPLY QR NOERROR 160 1.1 christos SECTION QUESTION 161 1.1 christos ns.example.net. IN A 162 1.1 christos SECTION ANSWER 163 1.1 christos ns.example.net. IN A 1.2.3.44 164 1.1 christos SECTION AUTHORITY 165 1.1 christos example.net. IN NS ns.example.net. 166 1.1 christos ENTRY_END 167 1.1 christos 168 1.1 christos ENTRY_BEGIN 169 1.1 christos MATCH opcode qtype qname 170 1.1 christos ADJUST copy_id 171 1.1 christos REPLY QR NOERROR 172 1.1 christos SECTION QUESTION 173 1.1 christos ns.example.net. IN AAAA 174 1.1 christos SECTION AUTHORITY 175 1.1 christos example.net. IN NS ns.example.net. 176 1.1 christos SECTION ADDITIONAL 177 1.1 christos www.example.net. IN A 1.2.3.44 178 1.1 christos ENTRY_END 179 1.1 christos 180 1.1 christos ENTRY_BEGIN 181 1.1 christos MATCH opcode qtype qname 182 1.1 christos ADJUST copy_id 183 1.1 christos REPLY QR NOERROR 184 1.1 christos SECTION QUESTION 185 1.1 christos example.com. IN NS 186 1.1 christos SECTION ANSWER 187 1.1 christos example.com. IN NS ns.example.net. 188 1.1 christos ENTRY_END 189 1.1 christos 190 1.1 christos ENTRY_BEGIN 191 1.1 christos MATCH opcode qtype qname 192 1.1 christos ADJUST copy_id 193 1.1 christos REPLY QR NOERROR 194 1.1 christos SECTION QUESTION 195 1.1 christos www.example.com. IN A 196 1.1 christos SECTION ANSWER 197 1.1 christos www.example.com. IN A 10.20.30.40 198 1.1 christos ENTRY_END 199 1.1 christos RANGE_END 200 1.1 christos 201 1.1 christos STEP 1 QUERY 202 1.1 christos ENTRY_BEGIN 203 1.1 christos REPLY RD 204 1.1 christos SECTION QUESTION 205 1.1 christos www.example.com. IN A 206 1.1 christos ENTRY_END 207 1.1 christos 208 1.1 christos ; recursion happens here. 209 1.1 christos STEP 20 CHECK_ANSWER 210 1.1 christos ENTRY_BEGIN 211 1.1 christos MATCH all 212 1.1 christos REPLY QR RD RA SERVFAIL 213 1.1 christos SECTION QUESTION 214 1.1 christos www.example.com. IN A 215 1.1 christos SECTION ANSWER 216 1.1 christos ENTRY_END 217 1.1 christos 218 1.1 christos SCENARIO_END 219
Indexes created Tue Jun 02 00:25:15 UTC 2026