Home | History | Annotate | Line # | Download | only in testdata
iter_privaddr.rpl revision 1.1 
      1 ; config options
      2 server:
      3 	target-fetch-policy: "0 0 0 0 0"
      4 
      5 	private-address: 10.0.0.0/8
      6 	private-address: 172.16.0.0/12
      7 	private-address: 192.168.0.0/16
      8 	private-address: 169.254.0.0/16
      9 	private-address: fd00::/8
     10 	private-address: fe80::/10
     11 
     12 	private-domain: "example.net"
     13 
     14 stub-zone:
     15 	name: "."
     16 	stub-addr: 193.0.14.129 	# K.ROOT-SERVERS.NET.
     17 
     18 CONFIG_END
     19 
     20 SCENARIO_BEGIN Test iterator scrubber with private addresses.
     21 
     22 ; K.ROOT-SERVERS.NET.
     23 RANGE_BEGIN 0 100
     24 	ADDRESS 193.0.14.129 
     25 ENTRY_BEGIN
     26 MATCH opcode qtype qname
     27 ADJUST copy_id
     28 REPLY QR NOERROR
     29 SECTION QUESTION
     30 . IN NS
     31 SECTION ANSWER
     32 . IN NS	K.ROOT-SERVERS.NET.
     33 SECTION ADDITIONAL
     34 K.ROOT-SERVERS.NET.	IN	A	193.0.14.129
     35 ENTRY_END
     36 
     37 ENTRY_BEGIN
     38 MATCH opcode subdomain
     39 ADJUST copy_id copy_query
     40 REPLY QR NOERROR
     41 SECTION QUESTION
     42 com. IN A
     43 SECTION AUTHORITY
     44 com.	IN NS	a.gtld-servers.net.
     45 SECTION ADDITIONAL
     46 a.gtld-servers.net.	IN 	A	192.5.6.30
     47 ENTRY_END
     48 
     49 ; root server authoritative for example.net too.
     50 ENTRY_BEGIN
     51 MATCH opcode qtype qname
     52 ADJUST copy_id
     53 REPLY QR NOERROR
     54 SECTION QUESTION
     55 mail.example.net. IN A
     56 SECTION ANSWER
     57 mail.example.net. IN A 10.20.30.40
     58 ENTRY_END
     59 RANGE_END
     60 
     61 ; a.gtld-servers.net.
     62 RANGE_BEGIN 0 100
     63 	ADDRESS 192.5.6.30
     64 ENTRY_BEGIN
     65 MATCH opcode qtype qname
     66 ADJUST copy_id
     67 REPLY QR NOERROR
     68 SECTION QUESTION
     69 com. IN NS
     70 SECTION ANSWER
     71 com.	IN NS	a.gtld-servers.net.
     72 SECTION ADDITIONAL
     73 a.gtld-servers.net.	IN 	A	192.5.6.30
     74 ENTRY_END
     75 
     76 ENTRY_BEGIN
     77 MATCH opcode subdomain
     78 ADJUST copy_id copy_query
     79 REPLY QR NOERROR
     80 SECTION QUESTION
     81 example.com. IN A
     82 SECTION AUTHORITY
     83 example.com.	IN NS	ns.example.com.
     84 SECTION ADDITIONAL
     85 ns.example.com.		IN 	A	1.2.3.4
     86 ENTRY_END
     87 RANGE_END
     88 
     89 ; ns.example.com.
     90 RANGE_BEGIN 0 100
     91 	ADDRESS 1.2.3.4
     92 ENTRY_BEGIN
     93 MATCH opcode qtype qname
     94 ADJUST copy_id
     95 REPLY QR NOERROR
     96 SECTION QUESTION
     97 example.com. IN NS
     98 SECTION ANSWER
     99 example.com.	IN NS	ns.example.com.
    100 SECTION ADDITIONAL
    101 ns.example.com.		IN 	A	1.2.3.4
    102 ENTRY_END
    103 
    104 ENTRY_BEGIN
    105 MATCH opcode qtype qname
    106 ADJUST copy_id
    107 REPLY QR NOERROR
    108 SECTION QUESTION
    109 ns.example.com. IN A
    110 SECTION ANSWER
    111 ns.example.com.		IN 	A	1.2.3.4
    112 SECTION AUTHORITY
    113 example.com.	IN NS	ns.example.com.
    114 ENTRY_END
    115 
    116 ENTRY_BEGIN
    117 MATCH opcode qtype qname
    118 ADJUST copy_id
    119 REPLY QR NOERROR
    120 SECTION QUESTION
    121 ns.example.com. IN AAAA
    122 SECTION ANSWER
    123 ENTRY_END
    124 
    125 ENTRY_BEGIN
    126 MATCH opcode qtype qname
    127 ADJUST copy_id
    128 REPLY QR NOERROR
    129 SECTION QUESTION
    130 www.example.com. IN A
    131 SECTION ANSWER
    132 www.example.com. IN A	192.20.30.40
    133 SECTION AUTHORITY
    134 example.com.	IN NS	ns.example.com.
    135 SECTION ADDITIONAL
    136 ns.example.com.		IN 	A	1.2.3.4
    137 ENTRY_END
    138 
    139 ENTRY_BEGIN
    140 MATCH opcode qtype qname
    141 ADJUST copy_id
    142 REPLY QR NOERROR
    143 SECTION QUESTION
    144 mail.example.com. IN AAAA
    145 SECTION ANSWER
    146 mail.example.com. IN AAAA fe80::15
    147 SECTION AUTHORITY
    148 example.com.	IN NS	ns.example.com.
    149 SECTION ADDITIONAL
    150 ns.example.com.		IN 	A	1.2.3.4
    151 ENTRY_END
    152 
    153 ENTRY_BEGIN
    154 MATCH opcode qtype qname
    155 ADJUST copy_id
    156 REPLY QR NOERROR
    157 SECTION QUESTION
    158 foo.example.com. IN A
    159 SECTION ANSWER
    160 foo.example.com. IN A	10.20.30.40
    161 SECTION AUTHORITY
    162 example.com.	IN NS	ns.example.com.
    163 SECTION ADDITIONAL
    164 ns.example.com.		IN 	A	1.2.3.4
    165 ENTRY_END
    166 
    167 ENTRY_BEGIN
    168 MATCH opcode qtype qname
    169 ADJUST copy_id
    170 REPLY QR NOERROR
    171 SECTION QUESTION
    172 toss.example.com. IN A
    173 SECTION ANSWER
    174 toss.example.com. IN A	10.20.30.40
    175 toss.example.com. IN A	1.2.3.4
    176 toss.example.com. IN A	10.20.30.41
    177 SECTION AUTHORITY
    178 example.com.	IN NS	ns.example.com.
    179 SECTION ADDITIONAL
    180 ns.example.com.		IN 	A	1.2.3.4
    181 ENTRY_END
    182 RANGE_END
    183 
    184 ; public address is not scrubbed
    185 STEP 1 QUERY
    186 ENTRY_BEGIN
    187 REPLY RD
    188 SECTION QUESTION
    189 www.example.com. IN A
    190 ENTRY_END
    191 
    192 ; recursion happens here.
    193 STEP 2 CHECK_ANSWER
    194 ENTRY_BEGIN
    195 MATCH all
    196 REPLY QR RD RA NOERROR
    197 SECTION QUESTION
    198 www.example.com. IN A
    199 SECTION ANSWER
    200 www.example.com. IN A	192.20.30.40
    201 SECTION AUTHORITY
    202 example.com.	IN NS	ns.example.com.
    203 SECTION ADDITIONAL
    204 ns.example.com.		IN 	A	1.2.3.4
    205 ENTRY_END
    206 
    207 ; IPv4 address is scrubbed
    208 STEP 3 QUERY
    209 ENTRY_BEGIN
    210 REPLY RD
    211 SECTION QUESTION
    212 foo.example.com. IN A
    213 ENTRY_END
    214 
    215 ; recursion happens here.
    216 STEP 10 CHECK_ANSWER
    217 ENTRY_BEGIN
    218 MATCH all
    219 REPLY QR RD RA SERVFAIL
    220 SECTION QUESTION
    221 foo.example.com. IN A
    222 SECTION ANSWER
    223 ; scrubbed away
    224 ;foo.example.com. IN A	10.20.30.40
    225 ENTRY_END
    226 
    227 ; IPv6 address is scrubbed
    228 STEP 20 QUERY
    229 ENTRY_BEGIN
    230 REPLY RD
    231 SECTION QUESTION
    232 mail.example.com. IN AAAA
    233 ENTRY_END
    234 
    235 STEP 30 CHECK_ANSWER
    236 ENTRY_BEGIN
    237 MATCH all
    238 REPLY QR RD RA SERVFAIL
    239 SECTION QUESTION
    240 mail.example.com. IN AAAA
    241 SECTION ANSWER
    242 ENTRY_END
    243 
    244 ; allowed domain is not scrubbed.
    245 STEP 40 QUERY
    246 ENTRY_BEGIN
    247 REPLY RD
    248 SECTION QUESTION
    249 mail.example.net. IN A
    250 ENTRY_END
    251 
    252 STEP 50 CHECK_ANSWER
    253 ENTRY_BEGIN
    254 MATCH all
    255 REPLY QR RD RA NOERROR
    256 SECTION QUESTION
    257 mail.example.net. IN A
    258 SECTION ANSWER
    259 mail.example.net. IN A 10.20.30.40
    260 ENTRY_END
    261 
    262 ; rest of RRset intact, only 10/8 tossed away.
    263 STEP 60 QUERY
    264 ENTRY_BEGIN
    265 REPLY RD
    266 SECTION QUESTION
    267 toss.example.com. IN A
    268 ENTRY_END
    269 
    270 STEP 70 CHECK_ANSWER
    271 ENTRY_BEGIN
    272 MATCH all
    273 REPLY QR RD RA NOERROR
    274 SECTION QUESTION
    275 toss.example.com. IN A
    276 SECTION ANSWER
    277 ; toss.example.com. IN A	10.20.30.40
    278 toss.example.com. IN A	1.2.3.4
    279 SECTION AUTHORITY
    280 example.com.	IN NS	ns.example.com.
    281 SECTION ADDITIONAL
    282 ns.example.com.		IN 	A	1.2.3.4
    283 ENTRY_END
    284 
    285 SCENARIO_END
    286