1 ; config options 2 ; The island of trust is at example.com 3 ; validation is enabled because the pickup of DNAME from cache wants 4 ; a DNSSEC signed DNAME. 5 server: 6 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" 7 trust-anchor: "example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b}" 8 val-override-date: "20070916134226" 9 target-fetch-policy: "0 0 0 0 0" 10 qname-minimisation: "no" 11 fake-sha1: yes 12 trust-anchor-signaling: no 13 14 stub-zone: 15 name: "." 16 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 17 CONFIG_END 18 19 SCENARIO_BEGIN Test iterator for TTL of synthesized CNAME of a DNAME from cache. 20 21 ; K.ROOT-SERVERS.NET. 22 RANGE_BEGIN 0 100 23 ADDRESS 193.0.14.129 24 ENTRY_BEGIN 25 MATCH opcode qtype qname 26 ADJUST copy_id 27 REPLY QR NOERROR 28 SECTION QUESTION 29 . IN NS 30 SECTION ANSWER 31 . IN NS K.ROOT-SERVERS.NET. 32 SECTION ADDITIONAL 33 K.ROOT-SERVERS.NET. IN A 193.0.14.129 34 ENTRY_END 35 36 ENTRY_BEGIN 37 MATCH opcode subdomain 38 ADJUST copy_id copy_query 39 REPLY QR NOERROR 40 SECTION QUESTION 41 com. IN NS 42 SECTION AUTHORITY 43 com. IN NS a.gtld-servers.net. 44 SECTION ADDITIONAL 45 a.gtld-servers.net. IN A 192.5.6.30 46 ENTRY_END 47 48 ENTRY_BEGIN 49 MATCH opcode subdomain 50 ADJUST copy_id copy_query 51 REPLY QR NOERROR 52 SECTION QUESTION 53 net. IN A 54 SECTION AUTHORITY 55 net. IN NS a.gtld-servers.net. 56 SECTION ADDITIONAL 57 a.gtld-servers.net. IN A 192.5.6.30 58 ENTRY_END 59 RANGE_END 60 61 ; a.gtld-servers.net. 62 RANGE_BEGIN 0 100 63 ADDRESS 192.5.6.30 64 ENTRY_BEGIN 65 MATCH opcode qtype qname 66 ADJUST copy_id 67 REPLY QR NOERROR 68 SECTION QUESTION 69 com. IN NS 70 SECTION ANSWER 71 com. IN NS a.gtld-servers.net. 72 SECTION ADDITIONAL 73 a.gtld-servers.net. IN A 192.5.6.30 74 ENTRY_END 75 76 ENTRY_BEGIN 77 MATCH opcode qtype qname 78 ADJUST copy_id 79 REPLY QR NOERROR 80 SECTION QUESTION 81 net. IN NS 82 SECTION ANSWER 83 net. IN NS a.gtld-servers.net. 84 SECTION ADDITIONAL 85 a.gtld-servers.net. IN A 192.5.6.30 86 ENTRY_END 87 88 ENTRY_BEGIN 89 MATCH opcode subdomain 90 ADJUST copy_id copy_query 91 REPLY QR NOERROR 92 SECTION QUESTION 93 example.com. IN NS 94 SECTION AUTHORITY 95 example.com. IN NS ns.example.com. 96 SECTION ADDITIONAL 97 ns.example.com. IN A 1.2.3.4 98 ENTRY_END 99 100 ENTRY_BEGIN 101 MATCH opcode subdomain 102 ADJUST copy_id copy_query 103 REPLY QR NOERROR 104 SECTION QUESTION 105 example.net. IN A 106 SECTION AUTHORITY 107 example.net. IN NS ns.example.net. 108 SECTION ADDITIONAL 109 ns.example.net. IN A 1.2.3.5 110 ENTRY_END 111 RANGE_END 112 113 ; ns.example.com. 114 RANGE_BEGIN 0 100 115 ADDRESS 1.2.3.4 116 ENTRY_BEGIN 117 MATCH opcode qtype qname 118 ADJUST copy_id 119 REPLY QR NOERROR 120 SECTION QUESTION 121 example.com. IN NS 122 SECTION ANSWER 123 example.com. IN NS ns.example.com. 124 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 125 SECTION ADDITIONAL 126 ns.example.com. IN A 1.2.3.4 127 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 128 ENTRY_END 129 130 ; response to DNSKEY priming query 131 ENTRY_BEGIN 132 MATCH opcode qtype qname 133 ADJUST copy_id 134 REPLY QR NOERROR 135 SECTION QUESTION 136 example.com. IN DNSKEY 137 SECTION ANSWER 138 example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 139 example.com. 3600 IN RRSIG DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854} 140 SECTION AUTHORITY 141 example.com. IN NS ns.example.com. 142 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 143 SECTION ADDITIONAL 144 ns.example.com. IN A 1.2.3.4 145 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 146 ENTRY_END 147 148 ENTRY_BEGIN 149 MATCH opcode qtype qname 150 ADJUST copy_id 151 REPLY QR NOERROR 152 SECTION QUESTION 153 foo.test-dname.example.com. IN A 154 SECTION ANSWER 155 test-dname.example.com. 3600 IN DNAME example.net. 156 test-dname.example.com. 3600 IN RRSIG DNAME 3 3 3600 20070926135752 20070829135752 2854 example.com. ACp31Evt1c6tKzmTh/smAuGFydZ1OO26Qkej/BW4Bw5RFBQiKaY22Z0= 157 foo.test-dname.example.com. 3600 IN CNAME foo.example.net. 158 ENTRY_END 159 RANGE_END 160 161 ; ns.example.net. 162 RANGE_BEGIN 0 100 163 ADDRESS 1.2.3.5 164 ENTRY_BEGIN 165 MATCH opcode qtype qname 166 ADJUST copy_id 167 REPLY QR NOERROR 168 SECTION QUESTION 169 example.net. IN NS 170 SECTION ANSWER 171 example.net. IN NS ns.example.net. 172 example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} 173 SECTION ADDITIONAL 174 ns.example.net. IN A 1.2.3.5 175 ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} 176 ENTRY_END 177 178 ; response to DNSKEY priming query 179 ENTRY_BEGIN 180 MATCH opcode qtype qname 181 ADJUST copy_id 182 REPLY QR NOERROR 183 SECTION QUESTION 184 example.net. IN DNSKEY 185 SECTION ANSWER 186 example.net. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} 187 example.net. 3600 IN RRSIG DNSKEY RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. hiFzlQ8VoYgCuvIsfVuxC3mfJDqsTh0yc6abs5xMx5uEcIjb0dndFQx7INOM+imlzveEN73Hqp4OLFpFhsWLlw== ;{id = 30899} 188 SECTION AUTHORITY 189 example.net. IN NS ns.example.net. 190 example.net. 3600 IN RRSIG NS RSASHA1 2 3600 20070926134150 20070829134150 30899 example.net. E8JX0l4B+cSR5bkHQwOJy1pBmlLMTYCJ8EwfNMU/eCv0YhKwo26rHhn52FGisgv+Nwp7/NbhHqQ+kJgoZC94XA== ;{id = 30899} 191 SECTION ADDITIONAL 192 ns.example.net. IN A 1.2.3.5 193 ns.example.net. 3600 IN RRSIG A RSASHA1 3 3600 20070926134150 20070829134150 30899 example.net. x+tQMC9FhzT7Fcy1pM5NrOC7E8nLd7THPI3C6ie4EwL8PrxllqlR3q/DKB0d/m0qCOPcgN6HFOYURV1s4uAcsw== ;{id = 30899} 194 ENTRY_END 195 196 ENTRY_BEGIN 197 MATCH opcode qtype qname 198 ADJUST copy_id 199 REPLY QR NOERROR 200 SECTION QUESTION 201 foo.example.net. IN A 202 SECTION ANSWER 203 foo.example.net. IN A 11.12.13.15 204 foo.example.net. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.net. X6T6SE9UzxAD/4zKpwGOxEDyE4g7lfYYw3lvw533uwRN8mWTcBvSva0/jjyhrogJcuLO32jPHK6zGb93w2xnuA== 205 SECTION AUTHORITY 206 SECTION ADDITIONAL 207 ENTRY_END 208 209 ENTRY_BEGIN 210 MATCH opcode qtype qname 211 ADJUST copy_id 212 REPLY QR NOERROR 213 SECTION QUESTION 214 foo2.example.net. IN A 215 SECTION ANSWER 216 foo2.example.net. IN A 11.12.13.16 217 foo2.example.net. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.net. BZm+GljD8m9N+pNJN8D+LlSyHqM+InNUe0+heKILR9be+Goqv6SEb7LKtX6+kj3239Y5by7u+/Cuk8kkWistEQ== 218 SECTION AUTHORITY 219 SECTION ADDITIONAL 220 ENTRY_END 221 RANGE_END 222 223 STEP 1 TIME_PASSES ELAPSE 10 224 ; Get DNAME in cache and then pick it up again from cache. 225 STEP 10 QUERY 226 ENTRY_BEGIN 227 REPLY RD DO 228 SECTION QUESTION 229 foo.test-dname.example.com. IN A 230 ENTRY_END 231 232 STEP 20 CHECK_ANSWER 233 ENTRY_BEGIN 234 MATCH all 235 REPLY QR RD RA AD DO NOERROR 236 SECTION QUESTION 237 foo.test-dname.example.com. IN A 238 SECTION ANSWER 239 test-dname.example.com. 3600 IN DNAME example.net. 240 test-dname.example.com. 3600 IN RRSIG DNAME 3 3 3600 20070926135752 20070829135752 2854 example.com. ACp31Evt1c6tKzmTh/smAuGFydZ1OO26Qkej/BW4Bw5RFBQiKaY22Z0= 241 foo.test-dname.example.com. 3600 IN CNAME foo.example.net. 242 foo.example.net. IN A 11.12.13.15 243 foo.example.net. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.net. X6T6SE9UzxAD/4zKpwGOxEDyE4g7lfYYw3lvw533uwRN8mWTcBvSva0/jjyhrogJcuLO32jPHK6zGb93w2xnuA== 244 ENTRY_END 245 246 STEP 30 TIME_PASSES ELAPSE 10 247 248 ; Use DNAME from cache 249 STEP 40 QUERY 250 ENTRY_BEGIN 251 REPLY RD DO 252 SECTION QUESTION 253 foo2.test-dname.example.com. IN A 254 ENTRY_END 255 256 ; Test the TTL on the synthesized CNAME for the DNAME record from cache. 257 STEP 50 CHECK_ANSWER 258 ENTRY_BEGIN 259 MATCH all ttl 260 REPLY QR RD RA AD DO NOERROR 261 SECTION QUESTION 262 foo2.test-dname.example.com. IN A 263 SECTION ANSWER 264 test-dname.example.com. 3590 IN DNAME example.net. 265 test-dname.example.com. 3590 IN RRSIG DNAME 3 3 3600 20070926135752 20070829135752 2854 example.com. ACp31Evt1c6tKzmTh/smAuGFydZ1OO26Qkej/BW4Bw5RFBQiKaY22Z0= 266 foo2.test-dname.example.com. 3590 IN CNAME foo2.example.net. 267 foo2.example.net. 3600 IN A 11.12.13.16 268 foo2.example.net. 3600 IN RRSIG A 5 3 3600 20070926134150 20070829134150 30899 example.net. BZm+GljD8m9N+pNJN8D+LlSyHqM+InNUe0+heKILR9be+Goqv6SEb7LKtX6+kj3239Y5by7u+/Cuk8kkWistEQ== 269 ENTRY_END 270 271 SCENARIO_END 272
Indexes created Tue Jun 02 00:25:15 UTC 2026