1 ; config options 2 ; The island of trust is at example.com 3 server: 4 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" 5 val-override-date: "20070916134226" 6 target-fetch-policy: "0 0 0 0 0" 7 fake-sha1: yes 8 trust-anchor-signaling: no 9 10 stub-zone: 11 name: "." 12 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 13 CONFIG_END 14 15 SCENARIO_BEGIN Test iterator with DS query and referral reply 16 17 ; K.ROOT-SERVERS.NET. 18 RANGE_BEGIN 0 100 19 ADDRESS 193.0.14.129 20 ENTRY_BEGIN 21 MATCH opcode qtype qname 22 ADJUST copy_id 23 REPLY QR NOERROR 24 SECTION QUESTION 25 . IN NS 26 SECTION ANSWER 27 . IN NS K.ROOT-SERVERS.NET. 28 SECTION ADDITIONAL 29 K.ROOT-SERVERS.NET. IN A 193.0.14.129 30 ENTRY_END 31 32 ENTRY_BEGIN 33 MATCH opcode subdomain 34 ADJUST copy_id copy_query 35 REPLY QR NOERROR 36 SECTION QUESTION 37 com. IN A 38 SECTION AUTHORITY 39 com. IN NS a.gtld-servers.net. 40 SECTION ADDITIONAL 41 a.gtld-servers.net. IN A 192.5.6.30 42 ENTRY_END 43 RANGE_END 44 45 ; a.gtld-servers.net. 46 RANGE_BEGIN 0 100 47 ADDRESS 192.5.6.30 48 ENTRY_BEGIN 49 MATCH opcode qtype qname 50 ADJUST copy_id 51 REPLY QR NOERROR 52 SECTION QUESTION 53 com. IN NS 54 SECTION ANSWER 55 com. IN NS a.gtld-servers.net. 56 SECTION ADDITIONAL 57 a.gtld-servers.net. IN A 192.5.6.30 58 ENTRY_END 59 60 ENTRY_BEGIN 61 MATCH opcode subdomain 62 ADJUST copy_id copy_query 63 REPLY QR NOERROR 64 SECTION QUESTION 65 example.com. IN A 66 SECTION AUTHORITY 67 example.com. IN NS ns.example.com. 68 SECTION ADDITIONAL 69 ns.example.com. IN A 1.2.3.4 70 ENTRY_END 71 RANGE_END 72 73 ; ns.example.com. 74 RANGE_BEGIN 0 100 75 ADDRESS 1.2.3.4 76 ENTRY_BEGIN 77 MATCH opcode qtype qname 78 ADJUST copy_id 79 REPLY QR NOERROR 80 SECTION QUESTION 81 example.com. IN NS 82 SECTION ANSWER 83 example.com. IN NS ns.example.com. 84 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 85 SECTION ADDITIONAL 86 ns.example.com. IN A 1.2.3.4 87 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 88 ENTRY_END 89 90 ; response to DNSKEY priming query 91 ENTRY_BEGIN 92 MATCH opcode qtype qname 93 ADJUST copy_id 94 REPLY QR NOERROR 95 SECTION QUESTION 96 example.com. IN DNSKEY 97 SECTION ANSWER 98 example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 99 example.com. 3600 IN RRSIG DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854} 100 SECTION AUTHORITY 101 example.com. IN NS ns.example.com. 102 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 103 SECTION ADDITIONAL 104 ns.example.com. IN A 1.2.3.4 105 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 106 ENTRY_END 107 108 ; note, no specific DS answer here, it replies with the referral for 109 ; the type DS query 110 111 ; response for delegation to sub.example.com. 112 ENTRY_BEGIN 113 MATCH opcode subdomain 114 ADJUST copy_id copy_query 115 REPLY QR NOERROR 116 SECTION QUESTION 117 sub.example.com. IN A 118 SECTION ANSWER 119 SECTION AUTHORITY 120 sub.example.com. IN NS ns.sub.example.com. 121 sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 122 sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 123 SECTION ADDITIONAL 124 ns.sub.example.com. IN A 1.2.3.6 125 ENTRY_END 126 127 RANGE_END 128 129 ; ns.sub.example.com. 130 RANGE_BEGIN 0 100 131 ADDRESS 1.2.3.6 132 ENTRY_BEGIN 133 MATCH opcode qtype qname 134 ADJUST copy_id 135 REPLY QR NOERROR 136 SECTION QUESTION 137 sub.example.com. IN NS 138 SECTION ANSWER 139 sub.example.com. IN NS ns.sub.example.com. 140 sub.example.com. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. wcpHeBILHfo8C9uxMhcW03gcURZeUffiKdSTb50ZjzTHgMNhRyMfpcvSpXEd9548A9UTmWKeLZChfr5Z/glONw== ;{id = 30899} 141 SECTION ADDITIONAL 142 ns.sub.example.com. IN A 1.2.3.6 143 ns.sub.example.com. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. UF7shD/gt1FOp2UHgLTNbPzVykklSXFMEtJ1xD+Hholwf/PIzd7zoaIttIYibNa4fUXCqMg22H9P7MRhfmFe6g== ;{id = 30899} 144 ENTRY_END 145 146 ; response to DNSKEY priming query 147 ; sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 148 ENTRY_BEGIN 149 MATCH opcode qtype qname 150 ADJUST copy_id 151 REPLY QR NOERROR 152 SECTION QUESTION 153 sub.example.com. IN DNSKEY 154 SECTION ANSWER 155 sub.example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} 156 sub.example.com. 3600 IN RRSIG DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. uNGp99iznjD7oOX02XnQbDnbg75UwBHRvZSKYUorTKvPUnCWMHKdRsQ+mf+Fx3GZ+Fz9BVjoCmQqpnfgXLEYqw== ;{id = 30899} 157 SECTION AUTHORITY 158 sub.example.com. IN NS ns.sub.example.com. 159 sub.example.com. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. wcpHeBILHfo8C9uxMhcW03gcURZeUffiKdSTb50ZjzTHgMNhRyMfpcvSpXEd9548A9UTmWKeLZChfr5Z/glONw== ;{id = 30899} 160 SECTION ADDITIONAL 161 ns.sub.example.com. IN A 1.2.3.6 162 ns.sub.example.com. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. UF7shD/gt1FOp2UHgLTNbPzVykklSXFMEtJ1xD+Hholwf/PIzd7zoaIttIYibNa4fUXCqMg22H9P7MRhfmFe6g== ;{id = 30899} 163 ENTRY_END 164 165 ; response to A query 166 ENTRY_BEGIN 167 MATCH opcode qtype qname 168 ADJUST copy_id 169 REPLY QR NOERROR 170 SECTION QUESTION 171 www.sub.example.com. IN A 172 SECTION ANSWER 173 www.sub.example.com. IN A 11.11.11.11 174 www.sub.example.com. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. 0DqqRfRtm7VSEQ4mmBbzrKRqQAay3JAE8DPDGmjtokrrjN9F1G/HxozDV7bjdIh2EChlQea8FPwf/GepJMUVxg== ;{id = 30899} 175 SECTION AUTHORITY 176 SECTION ADDITIONAL 177 ENTRY_END 178 179 ; something for wrong type DS query here 180 ENTRY_BEGIN 181 MATCH opcode qtype qname 182 ADJUST copy_id 183 REPLY QR REFUSED 184 SECTION QUESTION 185 sub.example.com. IN DS 186 SECTION ANSWER 187 SECTION AUTHORITY 188 SECTION ADDITIONAL 189 ENTRY_END 190 RANGE_END 191 192 STEP 1 QUERY 193 ENTRY_BEGIN 194 REPLY RD DO 195 SECTION QUESTION 196 sub.example.com. IN DS 197 ENTRY_END 198 199 ; recursion happens here. 200 STEP 10 CHECK_ANSWER 201 ENTRY_BEGIN 202 MATCH all 203 REPLY QR RD RA AD DO NOERROR 204 SECTION QUESTION 205 sub.example.com. IN DS 206 SECTION ANSWER 207 sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 208 sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 209 SECTION AUTHORITY 210 SECTION ADDITIONAL 211 ENTRY_END 212 213 SCENARIO_END 214
Indexes created Mon Jun 01 00:24:59 UTC 2026