1 ; scope of 0, if the query also had scope of 0, do not answer this 2 ; to everyone, but only for scope 0 queries. Otherwise can answer cached. 3 4 server: 5 target-fetch-policy: "0 0 0 0 0" 6 send-client-subnet: 1.2.3.4 7 module-config: "subnetcache validator iterator" 8 verbosity: 4 9 qname-minimisation: no 10 11 stub-zone: 12 name: "." 13 stub-addr: 193.0.14.129 14 15 stub-zone: 16 name: "example.com" 17 stub-addr: 1.2.3.4 18 CONFIG_END 19 20 SCENARIO_BEGIN Test subnet cache with scope zero queries and responses. 21 22 ; the upstream server. 23 RANGE_BEGIN 0 100 24 ADDRESS 193.0.14.129 25 26 ENTRY_BEGIN 27 MATCH opcode qtype qname ednsdata 28 ADJUST copy_id 29 REPLY QR NOERROR 30 SECTION QUESTION 31 . IN NS 32 SECTION ANSWER 33 . IN NS K.ROOT-SERVERS.NET. 34 SECTION ADDITIONAL 35 HEX_EDNSDATA_BEGIN 36 ;; we expect to receive empty 37 HEX_EDNSDATA_END 38 K.ROOT-SERVERS.NET. IN A 193.0.14.129 39 ENTRY_END 40 RANGE_END 41 42 RANGE_BEGIN 0 11 43 ADDRESS 1.2.3.4 44 ENTRY_BEGIN 45 MATCH opcode qtype qname 46 ADJUST copy_id 47 ;copy_ednsdata_assume_clientsubnet 48 REPLY QR NOERROR 49 SECTION QUESTION 50 www.example.com. IN A 51 SECTION ANSWER 52 www.example.com. IN A 10.20.30.40 53 SECTION AUTHORITY 54 SECTION ADDITIONAL 55 HEX_EDNSDATA_BEGIN 56 ; client is 127.0.0.1 57 00 08 ; OPC 58 00 07 ; option length 59 00 01 ; Family 60 18 11 ; source mask, scopemask 61 7f 00 00 ; address 62 HEX_EDNSDATA_END 63 ENTRY_END 64 RANGE_END 65 66 RANGE_BEGIN 20 31 67 ADDRESS 1.2.3.4 68 ENTRY_BEGIN 69 MATCH opcode qtype qname 70 ADJUST copy_id 71 ;copy_ednsdata_assume_clientsubnet 72 REPLY QR NOERROR 73 SECTION QUESTION 74 www.example.com. IN A 75 SECTION ANSWER 76 www.example.com. IN A 10.20.30.41 77 SECTION AUTHORITY 78 SECTION ADDITIONAL 79 HEX_EDNSDATA_BEGIN 80 ; client is 127.0.0.1 81 00 08 ; OPC 82 00 07 ; option length 83 00 01 ; Family 84 18 11 ; source mask, scopemask 85 7f 01 00 ; address 86 HEX_EDNSDATA_END 87 ENTRY_END 88 RANGE_END 89 90 RANGE_BEGIN 40 51 91 ADDRESS 1.2.3.4 92 ENTRY_BEGIN 93 MATCH opcode qtype qname 94 ADJUST copy_id 95 ;copy_ednsdata_assume_clientsubnet 96 REPLY QR NOERROR 97 SECTION QUESTION 98 www.example.com. IN A 99 SECTION ANSWER 100 www.example.com. IN A 10.20.30.42 101 SECTION AUTHORITY 102 SECTION ADDITIONAL 103 HEX_EDNSDATA_BEGIN 104 00 08 ; OPC 105 00 04 ; option length 106 00 01 ; Family 107 00 00 ; source mask, scopemask 108 ; address 0.0.0.0/0 scope 0 109 HEX_EDNSDATA_END 110 ENTRY_END 111 RANGE_END 112 113 RANGE_BEGIN 120 131 114 ADDRESS 1.2.3.4 115 ENTRY_BEGIN 116 MATCH opcode qtype qname 117 ADJUST copy_id 118 ;copy_ednsdata_assume_clientsubnet 119 REPLY QR NOERROR 120 SECTION QUESTION 121 www.example.com. IN A 122 SECTION ANSWER 123 www.example.com. IN A 10.20.30.43 124 SECTION AUTHORITY 125 SECTION ADDITIONAL 126 HEX_EDNSDATA_BEGIN 127 00 08 ; OPC 128 00 07 ; option length 129 00 01 ; Family 130 18 00 ; source mask, scopemask 131 7f 02 00 ; address 127.2.0.0/24 scope 0 132 HEX_EDNSDATA_END 133 ENTRY_END 134 RANGE_END 135 136 ; query for 127.0.0.0/24 137 STEP 1 QUERY 138 ENTRY_BEGIN 139 HEX_ANSWER_BEGIN 140 00 00 01 00 00 01 00 00 ;ID 0 141 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 142 07 65 78 61 6d 70 6c 65 143 03 63 6f 6d 00 00 01 00 144 01 00 00 29 10 00 00 00 145 80 00 00 0b 146 147 00 08 00 07 ; OPC, optlen 148 00 01 18 00 ; ip4, scope 24, source 0 149 7f 00 00 ;127.0.0.0/24 150 HEX_ANSWER_END 151 ENTRY_END 152 153 ; answer is 10.20.30.40 for 127.0.0.0/24 scope 17 154 STEP 10 CHECK_ANSWER 155 ENTRY_BEGIN 156 MATCH all ednsdata 157 REPLY QR RD RA NOERROR 158 SECTION QUESTION 159 www.example.com. IN A 160 SECTION ANSWER 161 www.example.com. IN A 10.20.30.40 162 SECTION AUTHORITY 163 SECTION ADDITIONAL 164 HEX_EDNSDATA_BEGIN 165 ; client is 127.0.0.1 166 00 08 ; OPC 167 00 07 ; option length 168 00 01 ; Family 169 18 11 ; source mask, scopemask 170 7f 00 00 ; address 171 HEX_EDNSDATA_END 172 ENTRY_END 173 174 ; query for 127.1.0.0/24 175 STEP 20 QUERY 176 ENTRY_BEGIN 177 HEX_ANSWER_BEGIN 178 00 00 01 00 00 01 00 00 ;ID 0 179 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 180 07 65 78 61 6d 70 6c 65 181 03 63 6f 6d 00 00 01 00 182 01 00 00 29 10 00 00 00 183 80 00 00 0b 184 185 00 08 00 07 ; OPC, optlen 186 00 01 18 00 ; ip4, scope 24, source 0 187 7f 01 00 ;127.1.0.0/24 188 HEX_ANSWER_END 189 ENTRY_END 190 191 ; answer is 10.20.30.41 for 127.1.0.0/24 scope 17 192 STEP 30 CHECK_ANSWER 193 ENTRY_BEGIN 194 MATCH all ednsdata 195 REPLY QR RD RA NOERROR 196 SECTION QUESTION 197 www.example.com. IN A 198 SECTION ANSWER 199 www.example.com. IN A 10.20.30.41 200 SECTION AUTHORITY 201 SECTION ADDITIONAL 202 HEX_EDNSDATA_BEGIN 203 ; client is 127.1.0.1 204 00 08 ; OPC 205 00 07 ; option length 206 00 01 ; Family 207 18 11 ; source mask, scopemask 208 7f 01 00 ; address 209 HEX_EDNSDATA_END 210 ENTRY_END 211 212 ; query for 0.0.0.0/0 213 STEP 40 QUERY 214 ENTRY_BEGIN 215 HEX_ANSWER_BEGIN 216 00 00 01 00 00 01 00 00 ;ID 0 217 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 218 07 65 78 61 6d 70 6c 65 219 03 63 6f 6d 00 00 01 00 220 01 00 00 29 10 00 00 00 221 80 00 00 08 222 223 00 08 00 04 ; OPC, optlen 224 00 01 00 00 ; ip4, scope 0, source 0 225 ;0.0.0.0/0 226 HEX_ANSWER_END 227 ENTRY_END 228 229 ; answer is 10.20.30.42 for 0.0.0.0/0 scope 0 230 STEP 50 CHECK_ANSWER 231 ENTRY_BEGIN 232 MATCH all ednsdata 233 REPLY QR RD RA NOERROR 234 SECTION QUESTION 235 www.example.com. IN A 236 SECTION ANSWER 237 www.example.com. IN A 10.20.30.42 238 SECTION AUTHORITY 239 SECTION ADDITIONAL 240 HEX_EDNSDATA_BEGIN 241 00 08 ; OPC 242 00 04 ; option length 243 00 01 ; Family 244 00 00 ; source mask, scopemask 245 ; address 246 HEX_EDNSDATA_END 247 ENTRY_END 248 249 ; query for 127.0.0.0/24, again, it should be in cache. 250 ; and not from the scope 0 answer. 251 STEP 60 QUERY 252 ENTRY_BEGIN 253 HEX_ANSWER_BEGIN 254 00 00 01 00 00 01 00 00 ;ID 0 255 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 256 07 65 78 61 6d 70 6c 65 257 03 63 6f 6d 00 00 01 00 258 01 00 00 29 10 00 00 00 259 80 00 00 0b 260 261 00 08 00 07 ; OPC, optlen 262 00 01 18 00 ; ip4, scope 24, source 0 263 7f 00 00 ;127.0.0.0/24 264 HEX_ANSWER_END 265 ENTRY_END 266 267 ; answer should be 10.20.30.40 for 127.0.0.0/24 scope 17 268 STEP 70 CHECK_ANSWER 269 ENTRY_BEGIN 270 MATCH all ednsdata 271 REPLY QR RD RA NOERROR 272 SECTION QUESTION 273 www.example.com. IN A 274 SECTION ANSWER 275 www.example.com. IN A 10.20.30.40 276 SECTION AUTHORITY 277 SECTION ADDITIONAL 278 HEX_EDNSDATA_BEGIN 279 ; client is 127.0.0.1 280 00 08 ; OPC 281 00 07 ; option length 282 00 01 ; Family 283 18 11 ; source mask, scopemask 284 7f 00 00 ; address 285 HEX_EDNSDATA_END 286 ENTRY_END 287 288 ; query for 127.1.0.0/24, again, it should be in cache. 289 STEP 80 QUERY 290 ENTRY_BEGIN 291 HEX_ANSWER_BEGIN 292 00 00 01 00 00 01 00 00 ;ID 0 293 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 294 07 65 78 61 6d 70 6c 65 295 03 63 6f 6d 00 00 01 00 296 01 00 00 29 10 00 00 00 297 80 00 00 0b 298 299 00 08 00 07 ; OPC, optlen 300 00 01 18 00 ; ip4, scope 24, source 0 301 7f 01 00 ;127.1.0.0/24 302 HEX_ANSWER_END 303 ENTRY_END 304 305 ; answer should be 10.20.30.41 for 127.1.0.0/24 scope 17 306 STEP 90 CHECK_ANSWER 307 ENTRY_BEGIN 308 MATCH all ednsdata 309 REPLY QR RD RA NOERROR 310 SECTION QUESTION 311 www.example.com. IN A 312 SECTION ANSWER 313 www.example.com. IN A 10.20.30.41 314 SECTION AUTHORITY 315 SECTION ADDITIONAL 316 HEX_EDNSDATA_BEGIN 317 ; client is 127.1.0.1 318 00 08 ; OPC 319 00 07 ; option length 320 00 01 ; Family 321 18 11 ; source mask, scopemask 322 7f 01 00 ; address 323 HEX_EDNSDATA_END 324 ENTRY_END 325 326 ; query for 0.0.0.0/0, again. 327 STEP 100 QUERY 328 ENTRY_BEGIN 329 HEX_ANSWER_BEGIN 330 00 00 01 00 00 01 00 00 ;ID 0 331 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 332 07 65 78 61 6d 70 6c 65 333 03 63 6f 6d 00 00 01 00 334 01 00 00 29 10 00 00 00 335 80 00 00 08 336 337 00 08 00 04 ; OPC, optlen 338 00 01 00 00 ; ip4, scope 0, source 0 339 ;0.0.0.0/0 340 HEX_ANSWER_END 341 ENTRY_END 342 343 ; answer should be 10.20.30.42 for 0.0.0.0/0 scope 0 344 STEP 110 CHECK_ANSWER 345 ENTRY_BEGIN 346 MATCH all ednsdata 347 REPLY QR RD RA NOERROR 348 SECTION QUESTION 349 www.example.com. IN A 350 SECTION ANSWER 351 www.example.com. IN A 10.20.30.42 352 SECTION AUTHORITY 353 SECTION ADDITIONAL 354 HEX_EDNSDATA_BEGIN 355 00 08 ; OPC 356 00 04 ; option length 357 00 01 ; Family 358 00 00 ; source mask, scopemask 359 ; address 360 HEX_EDNSDATA_END 361 ENTRY_END 362 363 ; now a query for a /24 that gets an answer for a /0. 364 STEP 120 QUERY 365 ENTRY_BEGIN 366 HEX_ANSWER_BEGIN 367 00 00 01 00 00 01 00 00 ;ID 0 368 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 369 07 65 78 61 6d 70 6c 65 370 03 63 6f 6d 00 00 01 00 371 01 00 00 29 10 00 00 00 372 80 00 00 0b 373 374 00 08 00 07 ; OPC, optlen 375 00 01 18 00 ; ip4, scope 24, source 0 376 7f 02 00 ;127.2.0.0/24 377 HEX_ANSWER_END 378 ENTRY_END 379 380 ; answer should be 10.20.30.43 for 127.2.0.0/24 scope 0 381 STEP 130 CHECK_ANSWER 382 ENTRY_BEGIN 383 MATCH all ednsdata 384 REPLY QR RD RA NOERROR 385 SECTION QUESTION 386 www.example.com. IN A 387 SECTION ANSWER 388 www.example.com. IN A 10.20.30.43 389 SECTION AUTHORITY 390 SECTION ADDITIONAL 391 HEX_EDNSDATA_BEGIN 392 ; client is 127.2.0.1 393 00 08 ; OPC 394 00 07 ; option length 395 00 01 ; Family 396 18 00 ; source mask, scopemask 397 7f 02 00 ; address 398 HEX_EDNSDATA_END 399 ENTRY_END 400 401 ; the scope 0 answer is now used to answer queries from 402 ; query for 127.0.0.0/24 403 STEP 140 QUERY 404 ENTRY_BEGIN 405 HEX_ANSWER_BEGIN 406 00 00 01 00 00 01 00 00 ;ID 0 407 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 408 07 65 78 61 6d 70 6c 65 409 03 63 6f 6d 00 00 01 00 410 01 00 00 29 10 00 00 00 411 80 00 00 0b 412 413 00 08 00 07 ; OPC, optlen 414 00 01 18 00 ; ip4, scope 24, source 0 415 7f 00 00 ;127.0.0.0/24 416 HEX_ANSWER_END 417 ENTRY_END 418 419 STEP 150 CHECK_ANSWER 420 ENTRY_BEGIN 421 MATCH all ednsdata 422 REPLY QR RD RA NOERROR 423 SECTION QUESTION 424 www.example.com. IN A 425 SECTION ANSWER 426 www.example.com. IN A 10.20.30.43 427 SECTION AUTHORITY 428 SECTION ADDITIONAL 429 HEX_EDNSDATA_BEGIN 430 ; client is 127.0.0.1 431 00 08 ; OPC 432 00 07 ; option length 433 00 01 ; Family 434 18 00 ; source mask, scopemask 435 7f 00 00 ; address 436 HEX_EDNSDATA_END 437 ENTRY_END 438 439 SCENARIO_END 440
Indexes created Mon Jun 01 00:24:59 UTC 2026