Home | History | Annotate | Line # | Download | only in testdata 
      1 ; config options
      2 server:
      3 	target-fetch-policy: "0 0 0 0 0"
      4 	trust-anchor: "com. DS 1444 8 2 0d72034e3e18a9ef383c164b68302433bbde957616e10cf44575fea2abae469c"
      5 	trust-anchor-signaling: no
      6 	val-override-date: 20201020135527
      7 
      8 auth-zone:
      9 	name: "example.com."
     10 	## zonefile (or none).
     11 	## zonefile: "example.com.zone"
     12 	## master by IP address or hostname
     13 	## can list multiple masters, each on one line.
     14 	## master:
     15 	## url for http fetch
     16 	## url:
     17 	## queries from downstream clients get authoritative answers.
     18 	## for-downstream: yes
     19 	for-downstream: no
     20 	## queries are used to fetch authoritative answers from this zone,
     21 	## instead of unbound itself sending queries there.
     22 	## for-upstream: yes
     23 	for-upstream: yes
     24 	## on failures with for-upstream, fallback to sending queries to
     25 	## the authority servers
     26 	## fallback-enabled: no
     27 	zonemd-check: yes
     28 
     29 	## this line generates zonefile: \n"/tmp/xxx.example.com"\n
     30 	zonefile:
     31 TEMPFILE_NAME example.com
     32 	## this is the inline file /tmp/xxx.example.com
     33 	## the tempfiles are deleted when the testrun is over.
     34 TEMPFILE_CONTENTS example.com
     35 example.com. IN SOA ns.example.com. hostmaster.example.com. 200154054 28800 7200 604800 3600
     36 example.com. IN NS ns.example.com.
     37 example.com. IN ZONEMD 200154054 1 2 EFAA5B78B38AB1C45DE57B8167BCCE906451D0E72118E1F5E80B5F0C3CF04BFFC65D53C011185528EAD439D6F3A02F511961E090E5E4E0DFA013BD276D728B22
     38 www.example.com. IN A 127.0.0.1
     39 ns.example.com. IN A 127.0.0.1
     40 bar.example.com. IN A 1.2.3.4
     41 ding.example.com. IN A 1.2.3.4
     42 foo.example.com. IN A 1.2.3.4
     43 TEMPFILE_END
     44 
     45 stub-zone:
     46 	name: "."
     47 	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
     48 CONFIG_END
     49 
     50 SCENARIO_BEGIN Test authority zone with ZONEMD that lacks a DNSKEY
     51 ; the zone has no DNSSEC, but the trust anchor requires it.
     52 
     53 ; K.ROOT-SERVERS.NET.
     54 RANGE_BEGIN 0 100
     55 	ADDRESS 193.0.14.129
     56 ENTRY_BEGIN
     57 MATCH opcode qtype qname
     58 ADJUST copy_id
     59 REPLY QR NOERROR
     60 SECTION QUESTION
     61 . IN NS
     62 SECTION ANSWER
     63 . IN NS	K.ROOT-SERVERS.NET.
     64 SECTION ADDITIONAL
     65 K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
     66 ENTRY_END
     67 
     68 ENTRY_BEGIN
     69 MATCH opcode subdomain
     70 ADJUST copy_id copy_query
     71 REPLY QR NOERROR
     72 SECTION QUESTION
     73 com. IN NS
     74 SECTION AUTHORITY
     75 com.	IN NS	a.gtld-servers.net.
     76 SECTION ADDITIONAL
     77 a.gtld-servers.net.	IN 	A	192.5.6.30
     78 ENTRY_END
     79 RANGE_END
     80 
     81 ; a.gtld-servers.net.
     82 RANGE_BEGIN 0 100
     83 	ADDRESS 192.5.6.30
     84 ENTRY_BEGIN
     85 MATCH opcode qtype qname
     86 ADJUST copy_id
     87 REPLY QR NOERROR
     88 SECTION QUESTION
     89 com. IN NS
     90 SECTION ANSWER
     91 com.	IN NS	a.gtld-servers.net.
     92 SECTION ADDITIONAL
     93 a.gtld-servers.net.	IN 	A	192.5.6.30
     94 ENTRY_END
     95 
     96 ENTRY_BEGIN
     97 MATCH opcode qname qtype
     98 ADJUST copy_id
     99 REPLY QR AA NOERROR
    100 SECTION QUESTION
    101 example.com. IN DS
    102 SECTION ANSWER
    103 example.com.	3600	IN	DS	55566 8 2 9c148338951ce1c3b5cd3da532f3d90dfcf92595148022f2c2fd98e5deee90af
    104 example.com.	3600	IN	RRSIG	DS 8 2 3600 20201116135527 20201019135527 1444 com. BpV1M171SSkbdlGawwweJwQ0W+aNaCrgkt2QTsxCvbo1acR5i3AKm4REOUzo4I36lRx26mYkF9Topkeu0aFmov7P2uUhCxk4faFK7k87k97FAqZaDGp/K9b3YCfiwJBc5pJSUW0ndU/Ve5zAh/wL493RMSC7LwJr5JjV0NxydFk=
    105 ENTRY_END
    106 
    107 ENTRY_BEGIN
    108 MATCH opcode subdomain
    109 ADJUST copy_id copy_query
    110 REPLY QR NOERROR
    111 SECTION QUESTION
    112 example.com. IN NS
    113 SECTION AUTHORITY
    114 example.com.	IN NS	ns.example.com.
    115 example.com.	3600	IN	DS	55566 8 2 9c148338951ce1c3b5cd3da532f3d90dfcf92595148022f2c2fd98e5deee90af
    116 example.com.	3600	IN	RRSIG	DS 8 2 3600 20201116135527 20201019135527 1444 com. BpV1M171SSkbdlGawwweJwQ0W+aNaCrgkt2QTsxCvbo1acR5i3AKm4REOUzo4I36lRx26mYkF9Topkeu0aFmov7P2uUhCxk4faFK7k87k97FAqZaDGp/K9b3YCfiwJBc5pJSUW0ndU/Ve5zAh/wL493RMSC7LwJr5JjV0NxydFk=
    117 SECTION ADDITIONAL
    118 ns.example.com. IN A 1.2.3.44
    119 ENTRY_END
    120 
    121 ENTRY_BEGIN
    122 MATCH opcode qtype qname
    123 ADJUST copy_id
    124 REPLY QR AA NOERROR
    125 SECTION QUESTION
    126 com. IN DNSKEY
    127 SECTION ANSWER
    128 com.	3600	IN	DNSKEY	257 3 8 AwEAAbd9WqjzE2Pynz21OG5doSf9hFzMr5dhzz2waZ3vTa+0o5r7AjTAqmA1yH/B3+aAMihUm5ucZSfVqo7+kOaRE8yFj9aivOmA1n1+JLevJq/oyvQyjxQN2Qb89LyaNUT5oKZIiL+uyyhNW3KDR3SSbQ/GBwQNDHVcZi+JDR3RC0r7 ;{id = 1444 (ksk), size = 1024b}
    129 com.	3600	IN	RRSIG	DNSKEY 8 1 3600 20201116135527 20201019135527 1444 com. BEOMfWvi6RgnHaHsst+Ed265hBuCkgMR7gDpu89J7ZrVL6DzMKnNVFdgjl/9xwLj/pkukc7qeLSHjAfLlN0E4THW7PVshscQnjvXCkktG2Ejx9fTyllAqeGDh9z9QDGlQZIGTMgb9413qZhNqe2Tda9PTJRpiZ8b4bdQp6V1kVo=
    130 SECTION ADDITIONAL
    131 ENTRY_END
    132 
    133 RANGE_END
    134 
    135 ; ns.example.net.
    136 RANGE_BEGIN 0 100
    137 	ADDRESS 1.2.3.44
    138 ENTRY_BEGIN
    139 MATCH opcode qtype qname
    140 ADJUST copy_id
    141 REPLY QR NOERROR
    142 SECTION QUESTION
    143 example.net. IN NS
    144 SECTION ANSWER
    145 example.net.	IN NS	ns.example.net.
    146 SECTION ADDITIONAL
    147 ns.example.net.		IN 	A	1.2.3.44
    148 ENTRY_END
    149 
    150 ENTRY_BEGIN
    151 MATCH opcode qtype qname
    152 ADJUST copy_id
    153 REPLY QR NOERROR
    154 SECTION QUESTION
    155 ns.example.net. IN A
    156 SECTION ANSWER
    157 ns.example.net. IN A	1.2.3.44
    158 SECTION AUTHORITY
    159 example.net.	IN NS	ns.example.net.
    160 ENTRY_END
    161 
    162 ENTRY_BEGIN
    163 MATCH opcode qtype qname
    164 ADJUST copy_id
    165 REPLY QR NOERROR
    166 SECTION QUESTION
    167 ns.example.net. IN AAAA
    168 SECTION AUTHORITY
    169 example.net.	IN NS	ns.example.net.
    170 SECTION ADDITIONAL
    171 www.example.net. IN A	1.2.3.44
    172 ENTRY_END
    173 
    174 ENTRY_BEGIN
    175 MATCH opcode qtype qname
    176 ADJUST copy_id
    177 REPLY QR NOERROR
    178 SECTION QUESTION
    179 example.com. IN NS
    180 SECTION ANSWER
    181 example.com.	IN NS	ns.example.net.
    182 ENTRY_END
    183 
    184 ENTRY_BEGIN
    185 MATCH opcode qtype qname
    186 ADJUST copy_id
    187 REPLY QR NOERROR
    188 SECTION QUESTION
    189 www.example.com. IN A
    190 SECTION ANSWER
    191 www.example.com. IN A	10.20.30.40
    192 ENTRY_END
    193 RANGE_END
    194 
    195 STEP 1 QUERY
    196 ENTRY_BEGIN
    197 REPLY RD
    198 SECTION QUESTION
    199 www.example.com. IN A
    200 ENTRY_END
    201 
    202 ; recursion happens here.
    203 STEP 20 CHECK_ANSWER
    204 ENTRY_BEGIN
    205 MATCH all
    206 REPLY QR RD RA SERVFAIL
    207 SECTION QUESTION
    208 www.example.com. IN A
    209 SECTION ANSWER
    210 ENTRY_END
    211 
    212 SCENARIO_END
    213