1 ; config options 2 ; fetch all extra targets - we want to trigger a lookup in cache 3 server: 4 target-fetch-policy: "-1 -1 -1 -1 -1" 5 qname-minimisation: "no" 6 access-control: 127.0.0.1 allow_snoop 7 8 stub-zone: 9 name: "." 10 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 11 CONFIG_END 12 13 SCENARIO_BEGIN Test TTL countdown on messages in the cache 14 15 ; K.ROOT-SERVERS.NET. 16 RANGE_BEGIN 0 100 17 ADDRESS 193.0.14.129 18 ENTRY_BEGIN 19 MATCH opcode qtype qname 20 ADJUST copy_id 21 REPLY QR NOERROR 22 SECTION QUESTION 23 . IN NS 24 SECTION ANSWER 25 . IN NS K.ROOT-SERVERS.NET. 26 SECTION ADDITIONAL 27 K.ROOT-SERVERS.NET. IN A 193.0.14.129 28 ENTRY_END 29 30 ENTRY_BEGIN 31 MATCH opcode subdomain 32 ADJUST copy_id copy_query 33 REPLY QR NOERROR 34 SECTION QUESTION 35 com. IN A 36 SECTION AUTHORITY 37 com. IN NS a.gtld-servers.net. 38 SECTION ADDITIONAL 39 a.gtld-servers.net. IN A 192.5.6.30 40 ENTRY_END 41 42 ENTRY_BEGIN 43 MATCH opcode qtype qname 44 ADJUST copy_id 45 REPLY QR AA NOERROR 46 SECTION QUESTION 47 a.gtld-servers.net. IN A 48 SECTION ANSWER 49 a.gtld-servers.net. IN A 192.5.6.30 50 ENTRY_END 51 52 ENTRY_BEGIN 53 MATCH opcode qtype qname 54 ADJUST copy_id 55 REPLY QR AA NOERROR 56 SECTION QUESTION 57 K.ROOT-SERVERS.NET. IN A 58 SECTION ANSWER 59 K.ROOT-SERVERS.NET. IN A 193.0.14.129 60 ENTRY_END 61 62 ENTRY_BEGIN 63 MATCH opcode qtype qname 64 ADJUST copy_id 65 REPLY QR AA NOERROR 66 SECTION QUESTION 67 a.gtld-servers.net. IN AAAA 68 SECTION AUTHORITY 69 . 86400 IN SOA . . 20070304 28800 7200 604800 86400 70 ENTRY_END 71 72 ENTRY_BEGIN 73 MATCH opcode qtype qname 74 ADJUST copy_id 75 REPLY QR AA NOERROR 76 SECTION QUESTION 77 K.ROOT-SERVERS.NET. IN AAAA 78 SECTION AUTHORITY 79 . 86400 IN SOA . . 20070304 28800 7200 604800 86400 80 ENTRY_END 81 82 RANGE_END 83 84 ; a.gtld-servers.net. 85 RANGE_BEGIN 0 100 86 ADDRESS 192.5.6.30 87 ENTRY_BEGIN 88 MATCH opcode qtype qname 89 ADJUST copy_id 90 REPLY QR NOERROR 91 SECTION QUESTION 92 com. IN NS 93 SECTION ANSWER 94 com. IN NS a.gtld-servers.net. 95 SECTION ADDITIONAL 96 a.gtld-servers.net. IN A 192.5.6.30 97 ENTRY_END 98 99 ENTRY_BEGIN 100 MATCH opcode subdomain 101 ADJUST copy_id copy_query 102 REPLY QR NOERROR 103 SECTION QUESTION 104 example.com. IN A 105 SECTION AUTHORITY 106 example.com. IN NS ns.example.com. 107 SECTION ADDITIONAL 108 ns.example.com. IN A 1.2.3.4 109 ENTRY_END 110 111 ENTRY_BEGIN 112 MATCH opcode subdomain 113 ADJUST copy_id copy_query 114 REPLY QR NOERROR 115 SECTION QUESTION 116 foo.com. IN A 117 SECTION AUTHORITY 118 foo.com. IN NS ns.foo.com. 119 ;foo.com. IN NS nx1.example.com. 120 SECTION ADDITIONAL 121 ns.foo.com. IN A 1.2.5.6 122 ENTRY_END 123 RANGE_END 124 125 ; ns.foo.com 126 RANGE_BEGIN 0 100 127 ADDRESS 1.2.5.6 128 129 ENTRY_BEGIN 130 MATCH opcode qtype qname 131 ADJUST copy_id 132 REPLY QR AA NOERROR 133 SECTION QUESTION 134 foo.com. IN NS 135 SECTION ANSWER 136 foo.com. IN NS ns.foo.com. 137 ;foo.com. IN NS nx1.example.com. 138 SECTION ADDITIONAL 139 ns.foo.com. IN A 1.2.5.6 140 ENTRY_END 141 142 ENTRY_BEGIN 143 MATCH opcode qtype qname 144 ADJUST copy_id 145 REPLY QR AA NOERROR 146 SECTION QUESTION 147 www.foo.com. IN A 148 SECTION ANSWER 149 ;www.foo.com. IN A 1.2.5.6 150 www.foo.com. IN CNAME nx1.example.com. 151 ENTRY_END 152 153 ENTRY_BEGIN 154 MATCH opcode qtype qname 155 ADJUST copy_id 156 REPLY QR AA NOERROR 157 SECTION QUESTION 158 ns.foo.com. IN A 159 SECTION ANSWER 160 ns.foo.com. IN A 1.2.5.6 161 ENTRY_END 162 163 ENTRY_BEGIN 164 MATCH opcode qtype qname 165 ADJUST copy_id 166 REPLY QR AA NOERROR 167 SECTION QUESTION 168 ns.foo.com. IN AAAA 169 SECTION AUTHORITY 170 foo.com. IN SOA . . 1 2 3 4 3600 171 ENTRY_END 172 RANGE_END 173 174 ; ns.example.com. --- serial=15 175 RANGE_BEGIN 0 20 176 ADDRESS 1.2.3.4 177 ENTRY_BEGIN 178 MATCH opcode qtype qname 179 ADJUST copy_id 180 REPLY QR NOERROR 181 SECTION QUESTION 182 example.com. IN NS 183 SECTION ANSWER 184 example.com. IN NS ns.example.com. 185 SECTION ADDITIONAL 186 ns.example.com. IN A 1.2.3.4 187 ENTRY_END 188 189 ENTRY_BEGIN 190 MATCH opcode qtype qname 191 ADJUST copy_id 192 REPLY QR AA NOERROR 193 SECTION QUESTION 194 ns.example.com. IN A 195 SECTION ANSWER 196 ns.example.com. IN A 1.2.3.4 197 SECTION AUTHORITY 198 example.com. IN NS ns.example.com. 199 ENTRY_END 200 201 ENTRY_BEGIN 202 MATCH opcode qtype qname 203 ADJUST copy_id 204 REPLY QR NOERROR 205 SECTION QUESTION 206 www.example.com. IN A 207 SECTION ANSWER 208 www.example.com. IN A 10.20.30.40 209 SECTION AUTHORITY 210 example.com. IN NS ns.example.com. 211 SECTION ADDITIONAL 212 ns.example.com. IN A 1.2.3.4 213 ENTRY_END 214 215 ENTRY_BEGIN 216 MATCH opcode qtype qname 217 ADJUST copy_id 218 REPLY QR AA NOERROR 219 SECTION QUESTION 220 ns.example.com. IN AAAA 221 SECTION AUTHORITY 222 example.com. 10 IN SOA . . 15 28800 7200 604800 10 223 ENTRY_END 224 225 ENTRY_BEGIN 226 MATCH opcode qtype qname 227 ADJUST copy_id 228 REPLY QR AA NXDOMAIN 229 SECTION QUESTION 230 nx1.example.com. IN A 231 SECTION ANSWER 232 SECTION AUTHORITY 233 example.com. 10 IN SOA . . 15 28800 7200 604800 10 234 SECTION ADDITIONAL 235 ENTRY_END 236 237 ENTRY_BEGIN 238 MATCH opcode qtype qname 239 ADJUST copy_id 240 REPLY QR AA NXDOMAIN 241 SECTION QUESTION 242 nx2.example.com. IN A 243 SECTION ANSWER 244 SECTION AUTHORITY 245 example.com. 10 IN SOA . . 15 28800 7200 604800 10 246 SECTION ADDITIONAL 247 ENTRY_END 248 249 RANGE_END 250 251 ; ns.example.com. --- serial=17 252 RANGE_BEGIN 20 100 253 ADDRESS 1.2.3.4 254 ENTRY_BEGIN 255 MATCH opcode qtype qname 256 ADJUST copy_id 257 REPLY QR NOERROR 258 SECTION QUESTION 259 example.com. IN NS 260 SECTION ANSWER 261 example.com. IN NS ns.example.com. 262 SECTION ADDITIONAL 263 ns.example.com. IN A 1.2.3.4 264 ENTRY_END 265 266 ENTRY_BEGIN 267 MATCH opcode qtype qname 268 ADJUST copy_id 269 REPLY QR AA NOERROR 270 SECTION QUESTION 271 ns.example.com. IN A 272 SECTION ANSWER 273 ns.example.com. IN A 1.2.3.4 274 SECTION AUTHORITY 275 example.com. IN NS ns.example.com. 276 ENTRY_END 277 278 ENTRY_BEGIN 279 MATCH opcode qtype qname 280 ADJUST copy_id 281 REPLY QR NOERROR 282 SECTION QUESTION 283 www.example.com. IN A 284 SECTION ANSWER 285 www.example.com. IN A 10.20.30.40 286 SECTION AUTHORITY 287 example.com. IN NS ns.example.com. 288 SECTION ADDITIONAL 289 ns.example.com. IN A 1.2.3.4 290 ENTRY_END 291 292 ENTRY_BEGIN 293 MATCH opcode qtype qname 294 ADJUST copy_id 295 REPLY QR AA NOERROR 296 SECTION QUESTION 297 ns.example.com. IN AAAA 298 SECTION AUTHORITY 299 example.com. 10 IN SOA . . 17 28800 7200 604800 10 300 ENTRY_END 301 302 ENTRY_BEGIN 303 MATCH opcode qtype qname 304 ADJUST copy_id 305 REPLY QR AA NXDOMAIN 306 SECTION QUESTION 307 nx1.example.com. IN A 308 SECTION ANSWER 309 SECTION AUTHORITY 310 example.com. 10 IN SOA . . 17 28800 7200 604800 10 311 SECTION ADDITIONAL 312 ENTRY_END 313 314 ENTRY_BEGIN 315 MATCH opcode qtype qname 316 ADJUST copy_id 317 REPLY QR AA NXDOMAIN 318 SECTION QUESTION 319 nx2.example.com. IN A 320 SECTION ANSWER 321 SECTION AUTHORITY 322 example.com. 10 IN SOA . . 17 28800 7200 604800 10 323 SECTION ADDITIONAL 324 ENTRY_END 325 326 RANGE_END 327 328 ; start by passing time ; so we are not at 0 329 STEP 1 TIME_PASSES ELAPSE 10 330 331 ; query for NXDOMAIN 332 STEP 8 QUERY 333 ENTRY_BEGIN 334 REPLY RD CD 335 SECTION QUESTION 336 nx1.example.com. IN A 337 ENTRY_END 338 339 STEP 10 CHECK_ANSWER 340 ENTRY_BEGIN 341 MATCH all ttl 342 REPLY QR RD RA NXDOMAIN CD 343 SECTION QUESTION 344 nx1.example.com. IN A 345 SECTION ANSWER 346 SECTION AUTHORITY 347 example.com. 10 IN SOA . . 15 28800 7200 604800 10 348 SECTION ADDITIONAL 349 ENTRY_END 350 351 ; wait for 5 seconds 352 STEP 20 TIME_PASSES ELAPSE 5 353 354 ; do a lookup for nx1.example.com just to check TTLs... 355 STEP 25 QUERY 356 ENTRY_BEGIN 357 REPLY RD CD 358 SECTION QUESTION 359 nx1.example.com. IN A 360 ENTRY_END 361 STEP 26 CHECK_ANSWER 362 ENTRY_BEGIN 363 MATCH all ttl 364 REPLY QR RD RA NXDOMAIN CD 365 SECTION QUESTION 366 nx1.example.com. IN A 367 SECTION ANSWER 368 SECTION AUTHORITY 369 example.com. 5 IN SOA . . 15 28800 7200 604800 10 370 SECTION ADDITIONAL 371 ENTRY_END 372 373 ; cause a lookup that refreshes the TTL on the SOA record 374 STEP 30 QUERY 375 ENTRY_BEGIN 376 REPLY RD 377 SECTION QUESTION 378 nx2.example.com. IN A 379 ENTRY_END 380 STEP 31 CHECK_ANSWER 381 ENTRY_BEGIN 382 MATCH all ttl 383 REPLY QR RD RA NXDOMAIN 384 SECTION QUESTION 385 nx2.example.com. IN A 386 SECTION ANSWER 387 SECTION AUTHORITY 388 example.com. 10 IN SOA . . 17 28800 7200 604800 10 389 SECTION ADDITIONAL 390 ENTRY_END 391 392 ; do a lookup for nx1.example.com to check TTLs updated 393 STEP 35 QUERY 394 ENTRY_BEGIN 395 REPLY RD CD 396 SECTION QUESTION 397 nx1.example.com. IN A 398 ENTRY_END 399 STEP 36 CHECK_ANSWER 400 ENTRY_BEGIN 401 MATCH all ttl 402 REPLY QR RD RA NXDOMAIN CD 403 SECTION QUESTION 404 nx1.example.com. IN A 405 SECTION ANSWER 406 SECTION AUTHORITY 407 example.com. 10 IN SOA . . 17 28800 7200 604800 10 408 SECTION ADDITIONAL 409 ENTRY_END 410 411 ; cause a lookup for nx1.example.com bypassing the cache. 412 ; with bug; this causes msg ttl for nx1 to be time(NOW)+ttl. 413 ; so 15+5 = 20 414 ; visible in debug log as "msg ttl is %d" 415 STEP 40 QUERY 416 ENTRY_BEGIN 417 REPLY RD 418 SECTION QUESTION 419 www.foo.com. IN A 420 ENTRY_END 421 STEP 41 CHECK_ANSWER 422 ENTRY_BEGIN 423 MATCH all ttl 424 REPLY QR RD RA NXDOMAIN 425 SECTION QUESTION 426 www.foo.com. IN A 427 SECTION ANSWER 428 ;www.foo.com IN A 1.2.5.6 429 www.foo.com IN CNAME nx1.example.com. 430 SECTION AUTHORITY 431 example.com. 10 IN SOA . . 17 28800 7200 604800 10 432 ENTRY_END 433 434 ; now cause lookup from cache by not passing CD flag 435 ; (validator has a look, and stores after iterator cache lookup). 436 STEP 45 QUERY 437 ENTRY_BEGIN 438 REPLY RD 439 SECTION QUESTION 440 nx1.example.com. IN A 441 ENTRY_END 442 STEP 46 CHECK_ANSWER 443 ENTRY_BEGIN 444 MATCH all ttl 445 REPLY QR RD RA NXDOMAIN 446 SECTION QUESTION 447 nx1.example.com. IN A 448 SECTION ANSWER 449 SECTION AUTHORITY 450 example.com. 10 IN SOA . . 17 28800 7200 604800 10 451 SECTION ADDITIONAL 452 ENTRY_END 453 454 ; the message should timeout in 5 seconds, wait 7 455 STEP 50 TIME_PASSES ELAPSE 7 456 457 ; it is still there? (nonRD query) 458 STEP 55 QUERY 459 ENTRY_BEGIN 460 REPLY 461 SECTION QUESTION 462 nx1.example.com. IN A 463 ENTRY_END 464 465 ; this answer is the bug - NXDOMAIN too long in the cache. 466 ;STEP 56 CHECK_ANSWER 467 ;ENTRY_BEGIN 468 ;MATCH all ttl 469 ;REPLY QR RA NXDOMAIN 470 ;SECTION QUESTION 471 ;nx1.example.com. IN A 472 ;SECTION ANSWER 473 ;SECTION AUTHORITY 474 ;example.com. 3 IN SOA . . 17 28800 7200 604800 10 475 ;SECTION ADDITIONAL 476 ;ENTRY_END 477 478 ; Now the correct answer: no such cached query. 479 STEP 56 CHECK_ANSWER 480 ENTRY_BEGIN 481 MATCH all 482 REPLY QR RA NOERROR 483 SECTION QUESTION 484 nx1.example.com. IN A 485 SECTION ANSWER 486 SECTION AUTHORITY 487 example.com. IN NS ns.example.com. 488 SECTION ADDITIONAL 489 ns.example.com. IN A 1.2.3.4 490 ENTRY_END 491 492 SCENARIO_END 493
Indexes created Fri Jun 19 00:25:02 UTC 2026