1 ; config options 2 ; The island of trust is at example.com 3 server: 4 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b" 5 val-override-date: "20070916134226" 6 target-fetch-policy: "0 0 0 0 0" 7 fake-sha1: yes 8 trust-anchor-signaling: no 9 10 stub-zone: 11 name: "." 12 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 13 CONFIG_END 14 15 SCENARIO_BEGIN Test iterator with DS query and answer reply 16 17 ; K.ROOT-SERVERS.NET. 18 RANGE_BEGIN 0 100 19 ADDRESS 193.0.14.129 20 ENTRY_BEGIN 21 MATCH opcode qtype qname 22 ADJUST copy_id 23 REPLY QR NOERROR 24 SECTION QUESTION 25 . IN NS 26 SECTION ANSWER 27 . IN NS K.ROOT-SERVERS.NET. 28 SECTION ADDITIONAL 29 K.ROOT-SERVERS.NET. IN A 193.0.14.129 30 ENTRY_END 31 32 ENTRY_BEGIN 33 MATCH opcode subdomain 34 ADJUST copy_id copy_query 35 REPLY QR NOERROR 36 SECTION QUESTION 37 com. IN A 38 SECTION AUTHORITY 39 com. IN NS a.gtld-servers.net. 40 SECTION ADDITIONAL 41 a.gtld-servers.net. IN A 192.5.6.30 42 ENTRY_END 43 RANGE_END 44 45 ; a.gtld-servers.net. 46 RANGE_BEGIN 0 100 47 ADDRESS 192.5.6.30 48 ENTRY_BEGIN 49 MATCH opcode qtype qname 50 ADJUST copy_id 51 REPLY QR NOERROR 52 SECTION QUESTION 53 com. IN NS 54 SECTION ANSWER 55 com. IN NS a.gtld-servers.net. 56 SECTION ADDITIONAL 57 a.gtld-servers.net. IN A 192.5.6.30 58 ENTRY_END 59 60 ENTRY_BEGIN 61 MATCH opcode subdomain 62 ADJUST copy_id copy_query 63 REPLY QR NOERROR 64 SECTION QUESTION 65 example.com. IN A 66 SECTION AUTHORITY 67 example.com. IN NS ns.example.com. 68 SECTION ADDITIONAL 69 ns.example.com. IN A 1.2.3.4 70 ENTRY_END 71 RANGE_END 72 73 ; ns.example.com. 74 RANGE_BEGIN 0 100 75 ADDRESS 1.2.3.4 76 ENTRY_BEGIN 77 MATCH opcode qtype qname 78 ADJUST copy_id 79 REPLY QR NOERROR 80 SECTION QUESTION 81 example.com. IN NS 82 SECTION ANSWER 83 example.com. IN NS ns.example.com. 84 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 85 SECTION ADDITIONAL 86 ns.example.com. IN A 1.2.3.4 87 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 88 ENTRY_END 89 90 ; response to DNSKEY priming query 91 ENTRY_BEGIN 92 MATCH opcode qtype qname 93 ADJUST copy_id 94 REPLY QR NOERROR 95 SECTION QUESTION 96 example.com. IN DNSKEY 97 SECTION ANSWER 98 example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 99 example.com. 3600 IN RRSIG DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854} 100 SECTION AUTHORITY 101 example.com. IN NS ns.example.com. 102 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 103 SECTION ADDITIONAL 104 ns.example.com. IN A 1.2.3.4 105 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 106 ENTRY_END 107 108 ; DS gets an answer from the authoritative server 109 ; (like NSD 4.1.0 answers it) 110 ENTRY_BEGIN 111 MATCH opcode qtype qname 112 ADJUST copy_id 113 REPLY QR AA NOERROR 114 SECTION QUESTION 115 sub.example.com. IN DS 116 SECTION ANSWER 117 sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 118 sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 119 SECTION AUTHORITY 120 SECTION ADDITIONAL 121 ENTRY_END 122 123 ; response for delegation to sub.example.com. 124 ENTRY_BEGIN 125 MATCH opcode subdomain 126 ADJUST copy_id copy_query 127 REPLY QR NOERROR 128 SECTION QUESTION 129 sub.example.com. IN A 130 SECTION ANSWER 131 SECTION AUTHORITY 132 sub.example.com. IN NS ns.sub.example.com. 133 sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 134 sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 135 SECTION ADDITIONAL 136 ns.sub.example.com. IN A 1.2.3.6 137 ENTRY_END 138 139 RANGE_END 140 141 ; ns.sub.example.com. 142 RANGE_BEGIN 0 100 143 ADDRESS 1.2.3.6 144 ENTRY_BEGIN 145 MATCH opcode qtype qname 146 ADJUST copy_id 147 REPLY QR NOERROR 148 SECTION QUESTION 149 sub.example.com. IN NS 150 SECTION ANSWER 151 sub.example.com. IN NS ns.sub.example.com. 152 sub.example.com. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. wcpHeBILHfo8C9uxMhcW03gcURZeUffiKdSTb50ZjzTHgMNhRyMfpcvSpXEd9548A9UTmWKeLZChfr5Z/glONw== ;{id = 30899} 153 SECTION ADDITIONAL 154 ns.sub.example.com. IN A 1.2.3.6 155 ns.sub.example.com. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. UF7shD/gt1FOp2UHgLTNbPzVykklSXFMEtJ1xD+Hholwf/PIzd7zoaIttIYibNa4fUXCqMg22H9P7MRhfmFe6g== ;{id = 30899} 156 ENTRY_END 157 158 ; response to DNSKEY priming query 159 ; sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 160 ENTRY_BEGIN 161 MATCH opcode qtype qname 162 ADJUST copy_id 163 REPLY QR NOERROR 164 SECTION QUESTION 165 sub.example.com. IN DNSKEY 166 SECTION ANSWER 167 sub.example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} 168 sub.example.com. 3600 IN RRSIG DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. uNGp99iznjD7oOX02XnQbDnbg75UwBHRvZSKYUorTKvPUnCWMHKdRsQ+mf+Fx3GZ+Fz9BVjoCmQqpnfgXLEYqw== ;{id = 30899} 169 SECTION AUTHORITY 170 sub.example.com. IN NS ns.sub.example.com. 171 sub.example.com. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. wcpHeBILHfo8C9uxMhcW03gcURZeUffiKdSTb50ZjzTHgMNhRyMfpcvSpXEd9548A9UTmWKeLZChfr5Z/glONw== ;{id = 30899} 172 SECTION ADDITIONAL 173 ns.sub.example.com. IN A 1.2.3.6 174 ns.sub.example.com. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. UF7shD/gt1FOp2UHgLTNbPzVykklSXFMEtJ1xD+Hholwf/PIzd7zoaIttIYibNa4fUXCqMg22H9P7MRhfmFe6g== ;{id = 30899} 175 ENTRY_END 176 177 ; response to A query 178 ENTRY_BEGIN 179 MATCH opcode qtype qname 180 ADJUST copy_id 181 REPLY QR NOERROR 182 SECTION QUESTION 183 www.sub.example.com. IN A 184 SECTION ANSWER 185 www.sub.example.com. IN A 11.11.11.11 186 www.sub.example.com. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. 0DqqRfRtm7VSEQ4mmBbzrKRqQAay3JAE8DPDGmjtokrrjN9F1G/HxozDV7bjdIh2EChlQea8FPwf/GepJMUVxg== ;{id = 30899} 187 SECTION AUTHORITY 188 SECTION ADDITIONAL 189 ENTRY_END 190 191 ; something for wrong type DS query here 192 ENTRY_BEGIN 193 MATCH opcode qtype qname 194 ADJUST copy_id 195 REPLY QR REFUSED 196 SECTION QUESTION 197 sub.example.com. IN DS 198 SECTION ANSWER 199 SECTION AUTHORITY 200 SECTION ADDITIONAL 201 ENTRY_END 202 RANGE_END 203 204 STEP 1 QUERY 205 ENTRY_BEGIN 206 REPLY RD DO 207 SECTION QUESTION 208 sub.example.com. IN DS 209 ENTRY_END 210 211 ; recursion happens here. 212 STEP 10 CHECK_ANSWER 213 ENTRY_BEGIN 214 MATCH all 215 REPLY QR RD RA AD DO NOERROR 216 SECTION QUESTION 217 sub.example.com. IN DS 218 SECTION ANSWER 219 sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 220 sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 221 SECTION AUTHORITY 222 SECTION ADDITIONAL 223 ENTRY_END 224 225 SCENARIO_END 226
Indexes created Mon Jun 01 00:24:59 UTC 2026