1 # config 2 server: 3 send-client-subnet: 1.2.3.4 4 max-client-subnet-ipv4: 17 5 module-config: "subnetcache iterator" 6 qname-minimisation: no 7 minimal-responses: yes 8 target-fetch-policy: "0 0 0 0 0" 9 10 stub-zone: 11 name: "." 12 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 13 CONFIG_END 14 15 SCENARIO_BEGIN Test subnet with no edns subnet from server multiple times 16 ; Multiple queries are sent to a server that does not reply with the 17 ; edns-subnet option. 18 19 ; K.ROOT-SERVERS.NET. 20 RANGE_BEGIN 0 100 21 ADDRESS 193.0.14.129 22 ENTRY_BEGIN 23 MATCH opcode qtype qname 24 ADJUST copy_id 25 REPLY QR NOERROR 26 SECTION QUESTION 27 . IN NS 28 SECTION ANSWER 29 . IN NS K.ROOT-SERVERS.NET. 30 SECTION ADDITIONAL 31 K.ROOT-SERVERS.NET. IN A 193.0.14.129 32 ENTRY_END 33 34 ENTRY_BEGIN 35 MATCH opcode subdomain 36 ADJUST copy_id copy_query 37 REPLY QR NOERROR 38 SECTION QUESTION 39 com. IN NS 40 SECTION AUTHORITY 41 com. IN NS a.gtld-servers.net. 42 SECTION ADDITIONAL 43 a.gtld-servers.net. IN A 192.5.6.30 44 ENTRY_END 45 RANGE_END 46 47 ; a.gtld-servers.net. 48 RANGE_BEGIN 0 100 49 ADDRESS 192.5.6.30 50 51 ENTRY_BEGIN 52 MATCH opcode subdomain 53 ADJUST copy_id copy_query 54 REPLY QR NOERROR 55 SECTION QUESTION 56 example.com. IN NS 57 SECTION AUTHORITY 58 example.com. IN NS ns.example.com. 59 SECTION ADDITIONAL 60 ns.example.com. IN A 1.2.3.4 61 ENTRY_END 62 RANGE_END 63 64 ; ns.example.com. 65 RANGE_BEGIN 50 52 66 ADDRESS 1.2.3.4 67 68 ENTRY_BEGIN 69 MATCH opcode qtype qname 70 ADJUST copy_id 71 REPLY QR AA NOERROR 72 SECTION QUESTION 73 example.com. IN NS 74 SECTION ANSWER 75 example.com. IN NS ns.example.com. 76 ENTRY_END 77 78 ENTRY_BEGIN 79 MATCH opcode qtype qname 80 ADJUST copy_id 81 REPLY QR AA NOERROR 82 SECTION QUESTION 83 ns.example.com. IN A 84 SECTION ANSWER 85 ns.example.com. IN A 1.2.3.4 86 ENTRY_END 87 88 ENTRY_BEGIN 89 MATCH opcode qtype qname 90 ADJUST copy_id 91 REPLY QR AA NOERROR 92 SECTION QUESTION 93 ns.example.com. IN AAAA 94 SECTION ANSWER 95 SECTION AUTHORITY 96 example.com. IN SOA ns.example.com. host.example.com. 4 86400 3600 86400 3600 97 ENTRY_END 98 99 ENTRY_BEGIN 100 MATCH opcode qtype qname ednsdata 101 ADJUST copy_id 102 REPLY QR AA NOERROR 103 SECTION QUESTION 104 www.example.com. IN A 105 SECTION ANSWER 106 SECTION ADDITIONAL 107 ; Match this subnet option 108 HEX_EDNSDATA_BEGIN 109 ; client is 127.0.0.1 110 00 08 ; OPC 111 00 07 ; option length 112 00 01 ; Family 113 11 00 ; source mask, scopemask 114 7f 00 00 ; address 115 HEX_EDNSDATA_END 116 ; This is the response, without the subnet option 117 HEX_ANSWER_BEGIN; 118 00 00 84 00 00 01 00 01 ; ID 0 QR AA NOERROR 119 00 00 00 01 03 77 77 77 ; www.example.com A (DO) 120 07 65 78 61 6d 70 6c 65 121 03 63 6f 6d 00 00 01 00 122 01 123 C0 0C 00 01 00 01 00 00 0E 10 ; www.example.com. A IN 3600 124 00 04 0A 14 1E 2C ; rdata 10.20.30.44 125 00 00 29 10 00 00 00 126 80 00 00 00 127 HEX_ANSWER_END 128 ENTRY_END 129 130 ENTRY_BEGIN 131 MATCH opcode qtype qname ednsdata 132 ADJUST copy_id 133 REPLY QR AA NOERROR 134 SECTION QUESTION 135 www.example.com. IN A 136 SECTION ANSWER 137 SECTION ADDITIONAL 138 ; Match this subnet option 139 HEX_EDNSDATA_BEGIN 140 ; client is 127.2.0.1 141 00 08 ; OPC 142 00 07 ; option length 143 00 01 ; Family 144 11 00 ; source mask, scopemask 145 7f 02 00 ; address 146 HEX_EDNSDATA_END 147 ; This is the response, without the subnet option 148 HEX_ANSWER_BEGIN; 149 00 00 84 00 00 01 00 01 ; ID 0 QR AA NOERROR 150 00 00 00 01 03 77 77 77 ; www.example.com A (DO) 151 07 65 78 61 6d 70 6c 65 152 03 63 6f 6d 00 00 01 00 153 01 154 C0 0C 00 01 00 01 00 00 0E 10 ; www.example.com. A IN 3600 155 00 04 0A 14 1E 2C ; rdata 10.20.30.44 156 00 00 29 10 00 00 00 157 80 00 00 00 158 HEX_ANSWER_END 159 ENTRY_END 160 161 ENTRY_BEGIN 162 MATCH opcode qtype qname ednsdata 163 ADJUST copy_id 164 REPLY QR AA NOERROR 165 SECTION QUESTION 166 www.example.com. IN A 167 SECTION ANSWER 168 SECTION ADDITIONAL 169 ; Match this subnet option 170 HEX_EDNSDATA_BEGIN 171 ; client is 127.3.0.1 172 00 08 ; OPC 173 00 07 ; option length 174 00 01 ; Family 175 11 00 ; source mask, scopemask 176 7f 03 00 ; address 177 HEX_EDNSDATA_END 178 ; This is the response, without the subnet option 179 HEX_ANSWER_BEGIN; 180 00 00 84 00 00 01 00 01 ; ID 0 QR AA NOERROR 181 00 00 00 01 03 77 77 77 ; www.example.com A (DO) 182 07 65 78 61 6d 70 6c 65 183 03 63 6f 6d 00 00 01 00 184 01 185 C0 0C 00 01 00 01 00 00 0E 10 ; www.example.com. A IN 3600 186 00 04 0A 14 1E 2C ; rdata 10.20.30.44 187 00 00 29 10 00 00 00 188 80 00 00 00 189 HEX_ANSWER_END 190 ENTRY_END 191 192 ; The answer for a query without subnet 193 ;ENTRY_BEGIN 194 ;MATCH opcode qtype qname 195 ;ADJUST copy_id 196 ;REPLY QR AA NOERROR 197 ;SECTION QUESTION 198 ;www.example.com. IN A 199 ;SECTION ANSWER 200 ;www.example.com. IN A 10.20.30.40 201 ;ENTRY_END 202 RANGE_END 203 204 ; ns.example.com. 205 RANGE_BEGIN 53 57 206 ADDRESS 1.2.3.4 207 ; The answer for a query without subnet 208 ENTRY_BEGIN 209 MATCH opcode qtype qname 210 ADJUST copy_id 211 REPLY QR AA NOERROR 212 SECTION QUESTION 213 www.example.com. IN A 214 SECTION ANSWER 215 www.example.com. IN A 10.20.30.40 216 ENTRY_END 217 RANGE_END 218 219 STEP 10 QUERY 220 ENTRY_BEGIN 221 HEX_ANSWER_BEGIN; 222 00 00 01 00 00 01 00 00 ; ID 0 223 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 224 07 65 78 61 6d 70 6c 65 225 03 63 6f 6d 00 00 01 00 226 01 00 00 29 10 00 00 00 227 80 00 00 0b 228 229 00 08 00 07 ; OPC, optlen 230 00 01 11 00 ; ip4, scope 17, source 0 231 7f 00 00 ; 127.0.0.0/17 232 HEX_ANSWER_END 233 ENTRY_END 234 235 STEP 20 QUERY 236 ENTRY_BEGIN 237 HEX_ANSWER_BEGIN; 238 00 00 01 00 00 01 00 00 ; ID 0 239 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 240 07 65 78 61 6d 70 6c 65 241 03 63 6f 6d 00 00 01 00 242 01 00 00 29 10 00 00 00 243 80 00 00 0b 244 245 00 08 00 07 ; OPC, optlen 246 00 01 11 00 ; ip4, scope 17, source 0 247 7f 02 00 ; 127.2.0.0/17 248 HEX_ANSWER_END 249 ENTRY_END 250 251 STEP 30 QUERY 252 ENTRY_BEGIN 253 HEX_ANSWER_BEGIN; 254 00 00 01 00 00 01 00 00 ; ID 0 255 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 256 07 65 78 61 6d 70 6c 65 257 03 63 6f 6d 00 00 01 00 258 01 00 00 29 10 00 00 00 259 80 00 00 0b 260 261 00 08 00 07 ; OPC, optlen 262 00 01 11 00 ; ip4, scope 17, source 0 263 7f 03 00 ; 127.3.0.0/17 264 HEX_ANSWER_END 265 ENTRY_END 266 267 ; recursion happens here. 268 ; The upstream server RANGE starts responding at STEP 50. 269 STEP 50 TRAFFIC 270 271 ; The upstream server now responds for the nonsubnet response. 272 STEP 55 TRAFFIC 273 274 STEP 60 CHECK_ANSWER 275 ENTRY_BEGIN 276 MATCH all ednsdata 277 REPLY QR RD RA DO NOERROR 278 SECTION QUESTION 279 www.example.com. IN A 280 SECTION ANSWER 281 www.example.com. IN A 10.20.30.40 282 ;www.example.com. IN A 10.20.30.44 283 SECTION ADDITIONAL 284 ; HEX_EDNSDATA_BEGIN 285 ; ; client is 127.3.0.1 286 ; 00 08 ; OPC 287 ; 00 07 ; option length 288 ; 00 01 ; Family 289 ; 11 00 ; source mask, scopemask 290 ; 7f 03 00 ; address 291 ; HEX_EDNSDATA_END 292 ENTRY_END 293 294 STEP 70 CHECK_ANSWER 295 ENTRY_BEGIN 296 MATCH all ednsdata 297 REPLY QR RD RA DO NOERROR 298 SECTION QUESTION 299 www.example.com. IN A 300 SECTION ANSWER 301 www.example.com. IN A 10.20.30.40 302 ;www.example.com. IN A 10.20.30.44 303 SECTION ADDITIONAL 304 ; HEX_EDNSDATA_BEGIN 305 ; ; client is 127.2.0.1 306 ; 00 08 ; OPC 307 ; 00 07 ; option length 308 ; 00 01 ; Family 309 ; 11 00 ; source mask, scopemask 310 ; 7f 02 00 ; address 311 ; HEX_EDNSDATA_END 312 ENTRY_END 313 314 STEP 80 CHECK_ANSWER 315 ENTRY_BEGIN 316 MATCH all ednsdata 317 REPLY QR RD RA DO NOERROR 318 SECTION QUESTION 319 www.example.com. IN A 320 SECTION ANSWER 321 www.example.com. IN A 10.20.30.40 322 ;www.example.com. IN A 10.20.30.44 323 SECTION ADDITIONAL 324 ; HEX_EDNSDATA_BEGIN 325 ; ; client is 127.0.0.1 326 ; 00 08 ; OPC 327 ; 00 07 ; option length 328 ; 00 01 ; Family 329 ; 11 00 ; source mask, scopemask 330 ; 7f 00 00 ; address 331 ; HEX_EDNSDATA_END 332 ENTRY_END 333 334 SCENARIO_END 335
Indexes created Mon Jun 01 00:24:59 UTC 2026