tests.sh revision 1.1.1.9
1 #!/bin/sh 2 # 3 # Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4 # 5 # This Source Code Form is subject to the terms of the Mozilla Public 6 # License, v. 2.0. If a copy of the MPL was not distributed with this 7 # file, you can obtain one at https://mozilla.org/MPL/2.0/. 8 # 9 # See the COPYRIGHT file distributed with this work for additional 10 # information regarding copyright ownership. 11 12 SYSTEMTESTTOP=.. 13 . $SYSTEMTESTTOP/conf.sh 14 15 RNDCCMD="$RNDC -c ../common/rndc.conf -p ${CONTROLPORT} -s" 16 DIG="$DIG +time=11" 17 18 max_stale_ttl=$(sed -ne 's,^[[:space:]]*max-stale-ttl \([[:digit:]]*\).*,\1,p' $TOP_SRCDIR/bin/named/config.c) 19 stale_answer_ttl=$(sed -ne 's,^[[:space:]]*stale-answer-ttl \([[:digit:]]*\).*,\1,p' $TOP_SRCDIR/bin/named/config.c) 20 21 status=0 22 n=0 23 # 24 # First test server with serve-stale options set. 25 # 26 echo_i "test server with serve-stale options set" 27 28 n=$((n+1)) 29 echo_i "prime cache longttl.example ($n)" 30 ret=0 31 $DIG -p ${PORT} @10.53.0.1 longttl.example TXT > dig.out.test$n 32 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 33 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 34 if [ $ret != 0 ]; then echo_i "failed"; fi 35 status=$((status+ret)) 36 37 n=$((n+1)) 38 echo_i "prime cache data.example ($n)" 39 ret=0 40 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n 41 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 42 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 43 if [ $ret != 0 ]; then echo_i "failed"; fi 44 status=$((status+ret)) 45 46 n=$((n+1)) 47 echo_i "prime cache othertype.example ($n)" 48 ret=0 49 $DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n 50 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 51 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 52 if [ $ret != 0 ]; then echo_i "failed"; fi 53 status=$((status+ret)) 54 55 n=$((n+1)) 56 echo_i "prime cache nodata.example ($n)" 57 ret=0 58 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$n 59 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 60 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 61 if [ $ret != 0 ]; then echo_i "failed"; fi 62 status=$((status+ret)) 63 64 n=$((n+1)) 65 echo_i "prime cache nxdomain.example ($n)" 66 ret=0 67 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$n 68 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 69 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 70 if [ $ret != 0 ]; then echo_i "failed"; fi 71 status=$((status+ret)) 72 73 n=$((n+1)) 74 echo_i "verify prime cache statistics ($n)" 75 ret=0 76 rm -f ns1/named.stats 77 $RNDCCMD 10.53.0.1 stats > /dev/null 2>&1 78 [ -f ns1/named.stats ] || ret=1 79 cp ns1/named.stats ns1/named.stats.$n 80 # Check first 10 lines of Cache DB statistics. After prime queries, we expect 81 # two active TXT, one active Others, one nxrrset TXT, and one NXDOMAIN. 82 grep -A 10 "++ Cache DB RRsets ++" ns1/named.stats.$n > ns1/named.stats.$n.cachedb || ret=1 83 grep "1 Others" ns1/named.stats.$n.cachedb > /dev/null || ret=1 84 grep "2 TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 85 grep "1 !TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 86 grep "1 NXDOMAIN" ns1/named.stats.$n.cachedb > /dev/null || ret=1 87 if [ $ret != 0 ]; then echo_i "failed"; fi 88 status=$((status+ret)) 89 90 n=$((n+1)) 91 echo_i "disable responses from authoritative server ($n)" 92 ret=0 93 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 94 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 95 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 96 if [ $ret != 0 ]; then echo_i "failed"; fi 97 status=$((status+ret)) 98 99 n=$((n+1)) 100 echo_i "check 'rndc serve-stale status' ($n)" 101 ret=0 102 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 103 grep '_default: on (stale-answer-ttl=4 max-stale-ttl=3600 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 104 if [ $ret != 0 ]; then echo_i "failed"; fi 105 status=$((status+ret)) 106 107 sleep 2 108 109 echo_i "sending queries for tests $((n+1))-$((n+4))..." 110 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) & 111 $DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$((n+2)) & 112 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$((n+3)) & 113 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$((n+4)) 114 115 wait 116 117 n=$((n+1)) 118 echo_i "check stale data.example ($n)" 119 ret=0 120 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 121 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 122 grep "data\.example\..*4.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 123 if [ $ret != 0 ]; then echo_i "failed"; fi 124 status=$((status+ret)) 125 126 # Run rndc dumpdb, test whether the stale data has correct comment printed. 127 # The max-stale-ttl is 3600 seconds, so the comment should say the data is 128 # stale for somewhere between 3500-3599 seconds. 129 echo_i "check rndc dump stale data.example ($n)" 130 rndc_dumpdb ns1 || ret=1 131 awk '/; stale/ { x=$0; getline; print x, $0}' ns1/named_dump.db.test$n | 132 grep "; stale (will be retained for 35.. more seconds) data\.example.*A text record with a 2 second ttl" > /dev/null 2>&1 || ret=1 133 # Also make sure the not expired data does not have a stale comment. 134 awk '/; answer/ { x=$0; getline; print x, $0}' ns1/named_dump.db.test$n | 135 grep "; answer longttl\.example.*A text record with a 600 second ttl" > /dev/null 2>&1 || ret=1 136 if [ $ret != 0 ]; then echo_i "failed"; fi 137 status=$((status+ret)) 138 139 n=$((n+1)) 140 echo_i "check stale othertype.example ($n)" 141 ret=0 142 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 143 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 144 grep "othertype\.example\..*4.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 145 if [ $ret != 0 ]; then echo_i "failed"; fi 146 status=$((status+ret)) 147 148 n=$((n+1)) 149 echo_i "check stale nodata.example ($n)" 150 ret=0 151 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 152 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 153 grep "example\..*4.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 154 if [ $ret != 0 ]; then echo_i "failed"; fi 155 status=$((status+ret)) 156 157 n=$((n+1)) 158 echo_i "check stale nxdomain.example ($n)" 159 ret=0 160 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 161 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 162 grep "example\..*4.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 163 if [ $ret != 0 ]; then echo_i "failed"; fi 164 status=$((status+ret)) 165 166 n=$((n+1)) 167 echo_i "verify stale cache statistics ($n)" 168 ret=0 169 rm -f ns1/named.stats 170 $RNDCCMD 10.53.0.1 stats > /dev/null 2>&1 171 [ -f ns1/named.stats ] || ret=1 172 cp ns1/named.stats ns1/named.stats.$n 173 # Check first 10 lines of Cache DB statistics. After serve-stale queries, we 174 # expect one active TXT RRset, one stale TXT, one stale nxrrset TXT, and one 175 # stale NXDOMAIN. 176 grep -A 10 "++ Cache DB RRsets ++" ns1/named.stats.$n > ns1/named.stats.$n.cachedb || ret=1 177 grep "1 TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 178 grep "1 #Others" ns1/named.stats.$n.cachedb > /dev/null || ret=1 179 grep "1 #TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 180 grep "1 #!TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 181 grep "1 #NXDOMAIN" ns1/named.stats.$n.cachedb > /dev/null || ret=1 182 status=$((status+ret)) 183 if [ $ret != 0 ]; then echo_i "failed"; fi 184 185 # Test stale-refresh-time when serve-stale is enabled via configuration. 186 # Steps for testing stale-refresh-time option (default). 187 # 1. Prime cache data.example txt 188 # 2. Disable responses from authoritative server. 189 # 3. Sleep for TTL duration so rrset TTL expires (2 sec) 190 # 4. Query data.example 191 # 5. Check if response come from stale rrset (4 sec TTL) 192 # 6. Enable responses from authoritative server. 193 # 7. Query data.example 194 # 8. Check if response come from stale rrset, since the query 195 # is within stale-refresh-time window. 196 n=$((n+1)) 197 echo_i "check 'rndc serve-stale status' ($n)" 198 ret=0 199 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 200 grep '_default: on (stale-answer-ttl=4 max-stale-ttl=3600 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 201 if [ $ret != 0 ]; then echo_i "failed"; fi 202 status=$((status+ret)) 203 204 # Step 1-3 done above. 205 206 # Step 4. 207 n=$((n+1)) 208 echo_i "sending query for test ($n)" 209 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n 210 211 # Step 5. 212 echo_i "check stale data.example (stale-refresh-time) ($n)" 213 ret=0 214 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 215 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 216 grep "data\.example\..*4.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 217 if [ $ret != 0 ]; then echo_i "failed"; fi 218 status=$((status+ret)) 219 220 # Step 6. 221 n=$((n+1)) 222 echo_i "enable responses from authoritative server ($n)" 223 ret=0 224 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 225 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 226 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 227 if [ $ret != 0 ]; then echo_i "failed"; fi 228 status=$((status+ret)) 229 230 # Step 7. 231 echo_i "sending query for test $((n+1))" 232 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) 233 234 # Step 8. 235 n=$((n+1)) 236 echo_i "check stale data.example comes from cache (stale-refresh-time) ($n)" 237 ret=0 238 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 239 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 240 grep "data\.example\..*4.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 241 if [ $ret != 0 ]; then echo_i "failed"; fi 242 status=$((status+ret)) 243 244 # 245 # Test disabling serve-stale via rndc. 246 # 247 n=$((n+1)) 248 echo_i "disable responses from authoritative server ($n)" 249 ret=0 250 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 251 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 252 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 253 if [ $ret != 0 ]; then echo_i "failed"; fi 254 status=$((status+ret)) 255 256 n=$((n+1)) 257 echo_i "running 'rndc serve-stale off' ($n)" 258 ret=0 259 $RNDCCMD 10.53.0.1 serve-stale off || ret=1 260 if [ $ret != 0 ]; then echo_i "failed"; fi 261 status=$((status+ret)) 262 263 n=$((n+1)) 264 echo_i "check 'rndc serve-stale status' ($n)" 265 ret=0 266 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 267 grep '_default: off (rndc) (stale-answer-ttl=4 max-stale-ttl=3600 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 268 if [ $ret != 0 ]; then echo_i "failed"; fi 269 status=$((status+ret)) 270 271 echo_i "sending queries for tests $((n+1))-$((n+4))..." 272 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) & 273 $DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$((n+2)) & 274 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$((n+3)) & 275 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$((n+4)) 276 277 wait 278 279 n=$((n+1)) 280 echo_i "check stale data.example (serve-stale off) ($n)" 281 ret=0 282 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 283 if [ $ret != 0 ]; then echo_i "failed"; fi 284 status=$((status+ret)) 285 286 n=$((n+1)) 287 echo_i "check stale othertype.example (serve-stale off) ($n)" 288 ret=0 289 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 290 if [ $ret != 0 ]; then echo_i "failed"; fi 291 status=$((status+ret)) 292 293 n=$((n+1)) 294 echo_i "check stale nodata.example (serve-stale off) ($n)" 295 ret=0 296 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 297 if [ $ret != 0 ]; then echo_i "failed"; fi 298 status=$((status+ret)) 299 300 n=$((n+1)) 301 echo_i "check stale nxdomain.example (serve-stale off) ($n)" 302 ret=0 303 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 304 if [ $ret != 0 ]; then echo_i "failed"; fi 305 status=$((status+ret)) 306 307 # 308 # Test enabling serve-stale via rndc. 309 # 310 n=$((n+1)) 311 echo_i "running 'rndc serve-stale on' ($n)" 312 ret=0 313 $RNDCCMD 10.53.0.1 serve-stale on || ret=1 314 if [ $ret != 0 ]; then echo_i "failed"; fi 315 status=$((status+ret)) 316 317 n=$((n+1)) 318 echo_i "check 'rndc serve-stale status' ($n)" 319 ret=0 320 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 321 grep '_default: on (rndc) (stale-answer-ttl=4 max-stale-ttl=3600 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 322 if [ $ret != 0 ]; then echo_i "failed"; fi 323 status=$((status+ret)) 324 325 echo_i "sending queries for tests $((n+1))-$((n+4))..." 326 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) & 327 $DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$((n+2)) & 328 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$((n+3)) & 329 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$((n+4)) 330 331 wait 332 333 n=$((n+1)) 334 echo_i "check stale data.example (serve-stale on) ($n)" 335 ret=0 336 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 337 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 338 grep "data\.example\..*4.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 339 if [ $ret != 0 ]; then echo_i "failed"; fi 340 status=$((status+ret)) 341 342 n=$((n+1)) 343 echo_i "check stale othertype.example (serve-stale on) ($n)" 344 ret=0 345 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 346 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 347 grep "othertype\.example\..*4.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 348 if [ $ret != 0 ]; then echo_i "failed"; fi 349 status=$((status+ret)) 350 351 n=$((n+1)) 352 echo_i "check stale nodata.example (serve-stale on) ($n)" 353 ret=0 354 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 355 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 356 grep "example\..*4.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 357 if [ $ret != 0 ]; then echo_i "failed"; fi 358 status=$((status+ret)) 359 360 n=$((n+1)) 361 echo_i "check stale nxdomain.example (serve-stale on) ($n)" 362 ret=0 363 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 364 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 365 grep "example\..*4.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 366 if [ $ret != 0 ]; then echo_i "failed"; fi 367 status=$((status+ret)) 368 369 n=$((n+1)) 370 echo_i "running 'rndc serve-stale off' ($n)" 371 ret=0 372 $RNDCCMD 10.53.0.1 serve-stale off || ret=1 373 if [ $ret != 0 ]; then echo_i "failed"; fi 374 status=$((status+ret)) 375 376 n=$((n+1)) 377 echo_i "running 'rndc serve-stale reset' ($n)" 378 ret=0 379 $RNDCCMD 10.53.0.1 serve-stale reset || ret=1 380 if [ $ret != 0 ]; then echo_i "failed"; fi 381 status=$((status+ret)) 382 383 n=$((n+1)) 384 echo_i "check 'rndc serve-stale status' ($n)" 385 ret=0 386 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 387 grep '_default: on (stale-answer-ttl=4 max-stale-ttl=3600 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 388 if [ $ret != 0 ]; then echo_i "failed"; fi 389 status=$((status+ret)) 390 391 echo_i "sending queries for tests $((n+1))-$((n+4))..." 392 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) & 393 $DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$((n+2)) & 394 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$((n+3)) & 395 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$((n+4)) 396 397 wait 398 399 n=$((n+1)) 400 echo_i "check stale data.example (serve-stale reset) ($n)" 401 ret=0 402 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 403 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 404 grep "data\.example\..*4.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 405 if [ $ret != 0 ]; then echo_i "failed"; fi 406 status=$((status+ret)) 407 408 n=$((n+1)) 409 echo_i "check stale othertype.example (serve-stale reset) ($n)" 410 ret=0 411 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 412 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 413 grep "othertype.example\..*4.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 414 if [ $ret != 0 ]; then echo_i "failed"; fi 415 status=$((status+ret)) 416 417 n=$((n+1)) 418 echo_i "check stale nodata.example (serve-stale reset) ($n)" 419 ret=0 420 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 421 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 422 grep "example\..*4.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 423 if [ $ret != 0 ]; then echo_i "failed"; fi 424 status=$((status+ret)) 425 426 n=$((n+1)) 427 echo_i "check stale nxdomain.example (serve-stale reset) ($n)" 428 ret=0 429 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 430 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 431 grep "example\..*4.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 432 if [ $ret != 0 ]; then echo_i "failed"; fi 433 status=$((status+ret)) 434 435 n=$((n+1)) 436 echo_i "running 'rndc serve-stale off' ($n)" 437 ret=0 438 $RNDCCMD 10.53.0.1 serve-stale off || ret=1 439 if [ $ret != 0 ]; then echo_i "failed"; fi 440 status=$((status+ret)) 441 442 n=$((n+1)) 443 echo_i "check 'rndc serve-stale status' ($n)" 444 ret=0 445 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 446 grep '_default: off (rndc) (stale-answer-ttl=4 max-stale-ttl=3600 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 447 if [ $ret != 0 ]; then echo_i "failed"; fi 448 status=$((status+ret)) 449 450 # 451 # Update named.conf. 452 # Test server with low max-stale-ttl. 453 # 454 echo_i "test server with serve-stale options set, low max-stale-ttl" 455 456 n=$((n+1)) 457 echo_i "updating ns1/named.conf ($n)" 458 ret=0 459 copy_setports ns1/named2.conf.in ns1/named.conf 460 if [ $ret != 0 ]; then echo_i "failed"; fi 461 status=$((status+ret)) 462 463 n=$((n+1)) 464 echo_i "running 'rndc reload' ($n)" 465 ret=0 466 rndc_reload ns1 10.53.0.1 467 if [ $ret != 0 ]; then echo_i "failed"; fi 468 status=$((status+ret)) 469 470 n=$((n+1)) 471 echo_i "check 'rndc serve-stale status' ($n)" 472 ret=0 473 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 474 grep '_default: off (rndc) (stale-answer-ttl=3 max-stale-ttl=20 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 475 if [ $ret != 0 ]; then echo_i "failed"; fi 476 status=$((status+ret)) 477 478 n=$((n+1)) 479 echo_i "flush cache, re-enable serve-stale and query again ($n)" 480 ret=0 481 $RNDCCMD 10.53.0.1 flushtree example > rndc.out.test$n.1 2>&1 || ret=1 482 $RNDCCMD 10.53.0.1 serve-stale on > rndc.out.test$n.2 2>&1 || ret=1 483 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n 484 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 485 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 486 if [ $ret != 0 ]; then echo_i "failed"; fi 487 status=$((status+ret)) 488 489 n=$((n+1)) 490 echo_i "check 'rndc serve-stale status' ($n)" 491 ret=0 492 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 493 grep '_default: on (rndc) (stale-answer-ttl=3 max-stale-ttl=20 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 494 if [ $ret != 0 ]; then echo_i "failed"; fi 495 status=$((status+ret)) 496 497 n=$((n+1)) 498 echo_i "enable responses from authoritative server ($n)" 499 ret=0 500 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 501 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 502 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 503 if [ $ret != 0 ]; then echo_i "failed"; fi 504 status=$((status+ret)) 505 506 n=$((n+1)) 507 echo_i "prime cache longttl.example (low max-stale-ttl) ($n)" 508 ret=0 509 $DIG -p ${PORT} @10.53.0.1 longttl.example TXT > dig.out.test$n 510 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 511 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 512 if [ $ret != 0 ]; then echo_i "failed"; fi 513 status=$((status+ret)) 514 515 n=$((n+1)) 516 echo_i "prime cache data.example (low max-stale-ttl) ($n)" 517 ret=0 518 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n 519 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 520 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 521 if [ $ret != 0 ]; then echo_i "failed"; fi 522 status=$((status+ret)) 523 524 n=$((n+1)) 525 echo_i "prime cache othertype.example (low max-stale-ttl) ($n)" 526 ret=0 527 $DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n 528 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 529 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 530 if [ $ret != 0 ]; then echo_i "failed"; fi 531 status=$((status+ret)) 532 533 n=$((n+1)) 534 echo_i "prime cache nodata.example (low max-stale-ttl) ($n)" 535 ret=0 536 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$n 537 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 538 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 539 if [ $ret != 0 ]; then echo_i "failed"; fi 540 status=$((status+ret)) 541 542 n=$((n+1)) 543 echo_i "prime cache nxdomain.example (low max-stale-ttl) ($n)" 544 ret=0 545 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$n 546 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 547 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 548 if [ $ret != 0 ]; then echo_i "failed"; fi 549 status=$((status+ret)) 550 551 # Keep track of time so we can access these RRset later, when we expect them 552 # to become ancient. 553 t1=`$PERL -e 'print time()'` 554 555 n=$((n+1)) 556 echo_i "verify prime cache statistics (low max-stale-ttl) ($n)" 557 ret=0 558 rm -f ns1/named.stats 559 $RNDCCMD 10.53.0.1 stats > /dev/null 2>&1 560 [ -f ns1/named.stats ] || ret=1 561 cp ns1/named.stats ns1/named.stats.$n 562 # Check first 10 lines of Cache DB statistics. After prime queries, we expect 563 # two active TXT RRsets, one active Others, one nxrrset TXT, and one NXDOMAIN. 564 grep -A 10 "++ Cache DB RRsets ++" ns1/named.stats.$n > ns1/named.stats.$n.cachedb || ret=1 565 grep "2 TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 566 grep "1 Others" ns1/named.stats.$n.cachedb > /dev/null || ret=1 567 grep "1 !TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 568 grep "1 NXDOMAIN" ns1/named.stats.$n.cachedb > /dev/null || ret=1 569 status=$((status+ret)) 570 if [ $ret != 0 ]; then echo_i "failed"; fi 571 572 n=$((n+1)) 573 echo_i "disable responses from authoritative server ($n)" 574 ret=0 575 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 576 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 577 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 578 if [ $ret != 0 ]; then echo_i "failed"; fi 579 status=$((status+ret)) 580 581 sleep 2 582 583 echo_i "sending queries for tests $((n+1))-$((n+4))..." 584 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) & 585 $DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$((n+2)) & 586 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$((n+3)) & 587 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$((n+4)) 588 589 wait 590 591 n=$((n+1)) 592 echo_i "check stale data.example (low max-stale-ttl) ($n)" 593 ret=0 594 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 595 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 596 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 597 if [ $ret != 0 ]; then echo_i "failed"; fi 598 status=$((status+ret)) 599 600 n=$((n+1)) 601 echo_i "check stale othertype.example (low max-stale-ttl) ($n)" 602 ret=0 603 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 604 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 605 grep "othertype\.example\..*3.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 606 if [ $ret != 0 ]; then echo_i "failed"; fi 607 status=$((status+ret)) 608 609 n=$((n+1)) 610 echo_i "check stale nodata.example (low max-stale-ttl) ($n)" 611 ret=0 612 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 613 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 614 grep "example\..*3.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 615 if [ $ret != 0 ]; then echo_i "failed"; fi 616 status=$((status+ret)) 617 618 n=$((n+1)) 619 echo_i "check stale nxdomain.example (low max-stale-ttl) ($n)" 620 ret=0 621 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 622 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 623 grep "example\..*3.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 624 if [ $ret != 0 ]; then echo_i "failed"; fi 625 status=$((status+ret)) 626 627 n=$((n+1)) 628 echo_i "verify stale cache statistics (low max-stale-ttl) ($n)" 629 ret=0 630 rm -f ns1/named.stats 631 $RNDCCMD 10.53.0.1 stats > /dev/null 2>&1 632 [ -f ns1/named.stats ] || ret=1 633 cp ns1/named.stats ns1/named.stats.$n 634 # Check first 10 lines of Cache DB statistics. After serve-stale queries, we 635 # expect one active TXT RRset, one stale TXT, one stale nxrrset TXT, and one 636 # stale NXDOMAIN. 637 grep -A 10 "++ Cache DB RRsets ++" ns1/named.stats.$n > ns1/named.stats.$n.cachedb || ret=1 638 grep "1 TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 639 grep "1 #TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 640 grep "1 #Others" ns1/named.stats.$n.cachedb > /dev/null || ret=1 641 grep "1 #!TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 642 grep "1 #NXDOMAIN" ns1/named.stats.$n.cachedb > /dev/null || ret=1 643 644 status=$((status+ret)) 645 if [ $ret != 0 ]; then echo_i "failed"; fi 646 647 # Retrieve max-stale-ttl value. 648 interval_to_ancient=`grep 'max-stale-ttl' ns1/named2.conf.in | awk '{ print $2 }' | tr -d ';'` 649 # We add 2 seconds to it since this is the ttl value of the records being 650 # tested. 651 interval_to_ancient=$((interval_to_ancient + 2)) 652 t2=`$PERL -e 'print time()'` 653 elapsed=$((t2 - t1)) 654 655 # If elapsed time so far is less than max-stale-ttl + 2 seconds, then we sleep 656 # enough to ensure that we'll ask for ancient RRsets in the next queries. 657 if [ $elapsed -lt $interval_to_ancient ]; then 658 sleep $((interval_to_ancient - elapsed)) 659 fi 660 661 echo_i "sending queries for tests $((n+1))-$((n+4))..." 662 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) & 663 $DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$((n+2)) & 664 $DIG -p ${PORT} @10.53.0.1 nodata.example TXT > dig.out.test$((n+3)) & 665 $DIG -p ${PORT} @10.53.0.1 nxdomain.example TXT > dig.out.test$((n+4)) 666 667 wait 668 669 n=$((n+1)) 670 echo_i "check ancient data.example (low max-stale-ttl) ($n)" 671 ret=0 672 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 673 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 674 if [ $ret != 0 ]; then echo_i "failed"; fi 675 status=$((status+ret)) 676 677 n=$((n+1)) 678 echo_i "check ancient othertype.example (low max-stale-ttl) ($n)" 679 ret=0 680 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 681 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 682 if [ $ret != 0 ]; then echo_i "failed"; fi 683 status=$((status+ret)) 684 685 n=$((n+1)) 686 echo_i "check ancient nodata.example (low max-stale-ttl) ($n)" 687 ret=0 688 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 689 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 690 if [ $ret != 0 ]; then echo_i "failed"; fi 691 status=$((status+ret)) 692 693 n=$((n+1)) 694 echo_i "check ancient nxdomain.example (low max-stale-ttl) ($n)" 695 ret=0 696 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 697 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 698 if [ $ret != 0 ]; then echo_i "failed"; fi 699 status=$((status+ret)) 700 701 # Test stale-refresh-time when serve-stale is enabled via rndc. 702 # Steps for testing stale-refresh-time option (default). 703 # 1. Prime cache data.example txt 704 # 2. Disable responses from authoritative server. 705 # 3. Sleep for TTL duration so rrset TTL expires (2 sec) 706 # 4. Query data.example 707 # 5. Check if response come from stale rrset (3 sec TTL) 708 # 6. Enable responses from authoritative server. 709 # 7. Query data.example 710 # 8. Check if response come from stale rrset, since the query 711 # is within stale-refresh-time window. 712 n=$((n+1)) 713 echo_i "flush cache, enable responses from authoritative server ($n)" 714 ret=0 715 $RNDCCMD 10.53.0.1 flushtree example > rndc.out.test$n.1 2>&1 || ret=1 716 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 717 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 718 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 719 if [ $ret != 0 ]; then echo_i "failed"; fi 720 status=$((status+ret)) 721 722 n=$((n+1)) 723 echo_i "check 'rndc serve-stale status' ($n)" 724 ret=0 725 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 726 grep '_default: on (rndc) (stale-answer-ttl=3 max-stale-ttl=20 stale-refresh-time=30)' rndc.out.test$n > /dev/null || ret=1 727 if [ $ret != 0 ]; then echo_i "failed"; fi 728 status=$((status+ret)) 729 730 # Step 1. 731 n=$((n+1)) 732 echo_i "prime cache data.example (stale-refresh-time rndc) ($n)" 733 ret=0 734 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n 735 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 736 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 737 grep "data\.example\..*2.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 738 if [ $ret != 0 ]; then echo_i "failed"; fi 739 status=$((status+ret)) 740 741 # Step 2. 742 n=$((n+1)) 743 echo_i "disable responses from authoritative server ($n)" 744 ret=0 745 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 746 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 747 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 748 if [ $ret != 0 ]; then echo_i "failed"; fi 749 status=$((status+ret)) 750 751 # Step 3. 752 sleep 2 753 754 # Step 4. 755 n=$((n+1)) 756 echo_i "sending query for test ($n)" 757 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n 758 759 # Step 5. 760 echo_i "check stale data.example (stale-refresh-time rndc) ($n)" 761 ret=0 762 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 763 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 764 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 765 if [ $ret != 0 ]; then echo_i "failed"; fi 766 status=$((status+ret)) 767 768 # Step 6. 769 n=$((n+1)) 770 echo_i "enable responses from authoritative server ($n)" 771 ret=0 772 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 773 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 774 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 775 if [ $ret != 0 ]; then echo_i "failed"; fi 776 status=$((status+ret)) 777 778 # Step 7. 779 echo_i "sending query for test $((n+1))" 780 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) 781 782 # Step 8. 783 n=$((n+1)) 784 echo_i "check stale data.example comes from cache (stale-refresh-time rndc) ($n)" 785 ret=0 786 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 787 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 788 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 789 if [ $ret != 0 ]; then echo_i "failed"; fi 790 status=$((status+ret)) 791 792 # Steps for testing stale-refresh-time option (disabled). 793 # 1. Prime cache data.example txt 794 # 2. Disable responses from authoritative server. 795 # 3. Sleep for TTL duration so rrset TTL expires (2 sec) 796 # 4. Query data.example 797 # 5. Check if response come from stale rrset (3 sec TTL) 798 # 6. Enable responses from authoritative server. 799 # 7. Query data.example 800 # 8. Check if response come from stale rrset, since the query 801 # is within stale-refresh-time window. 802 n=$((n+1)) 803 echo_i "updating ns1/named.conf ($n)" 804 ret=0 805 copy_setports ns1/named3.conf.in ns1/named.conf 806 if [ $ret != 0 ]; then echo_i "failed"; fi 807 status=$((status+ret)) 808 809 n=$((n+1)) 810 echo_i "running 'rndc reload' ($n)" 811 ret=0 812 rndc_reload ns1 10.53.0.1 813 if [ $ret != 0 ]; then echo_i "failed"; fi 814 status=$((status+ret)) 815 816 n=$((n+1)) 817 echo_i "check 'rndc serve-stale status' ($n)" 818 ret=0 819 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 820 grep '_default: on (rndc) (stale-answer-ttl=3 max-stale-ttl=20 stale-refresh-time=0)' rndc.out.test$n > /dev/null || ret=1 821 if [ $ret != 0 ]; then echo_i "failed"; fi 822 status=$((status+ret)) 823 824 n=$((n+1)) 825 echo_i "flush cache, enable responses from authoritative server ($n)" 826 ret=0 827 $RNDCCMD 10.53.0.1 flushtree example > rndc.out.test$n.1 2>&1 || ret=1 828 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 829 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 830 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 831 if [ $ret != 0 ]; then echo_i "failed"; fi 832 status=$((status+ret)) 833 834 # Step 1. 835 n=$((n+1)) 836 echo_i "prime cache data.example (stale-refresh-time disabled) ($n)" 837 ret=0 838 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n 839 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 840 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 841 grep "data\.example\..*2.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 842 if [ $ret != 0 ]; then echo_i "failed"; fi 843 status=$((status+ret)) 844 845 # Step 2. 846 n=$((n+1)) 847 echo_i "disable responses from authoritative server ($n)" 848 ret=0 849 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 850 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 851 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 852 if [ $ret != 0 ]; then echo_i "failed"; fi 853 status=$((status+ret)) 854 855 # Step 3. 856 sleep 2 857 858 # Step 4. 859 n=$((n+1)) 860 echo_i "sending query for test ($n)" 861 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$n 862 863 # Step 5. 864 echo_i "check stale data.example (stale-refresh-time disabled) ($n)" 865 ret=0 866 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 867 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 868 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 869 if [ $ret != 0 ]; then echo_i "failed"; fi 870 status=$((status+ret)) 871 872 # Step 6. 873 n=$((n+1)) 874 echo_i "enable responses from authoritative server ($n)" 875 ret=0 876 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 877 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 878 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 879 if [ $ret != 0 ]; then echo_i "failed"; fi 880 status=$((status+ret)) 881 882 # Step 7. 883 echo_i "sending query for test $((n+1))" 884 $DIG -p ${PORT} @10.53.0.1 data.example TXT > dig.out.test$((n+1)) 885 886 # Step 8. 887 n=$((n+1)) 888 echo_i "check data.example comes from authoritative (stale-refresh-time disabled) ($n)" 889 ret=0 890 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 891 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 892 grep "data\.example\..*2.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 893 if [ $ret != 0 ]; then echo_i "failed"; fi 894 status=$((status+ret)) 895 896 # 897 # Now test server with no serve-stale options set. 898 # 899 echo_i "test server with no serve-stale options set" 900 901 n=$((n+1)) 902 echo_i "enable responses from authoritative server ($n)" 903 ret=0 904 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 905 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 906 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 907 if [ $ret != 0 ]; then echo_i "failed"; fi 908 status=$((status+ret)) 909 910 n=$((n+1)) 911 echo_i "prime cache longttl.example (max-stale-ttl default) ($n)" 912 ret=0 913 $DIG -p ${PORT} @10.53.0.3 longttl.example TXT > dig.out.test$n 914 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 915 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 916 if [ $ret != 0 ]; then echo_i "failed"; fi 917 status=$((status+ret)) 918 919 n=$((n+1)) 920 echo_i "prime cache data.example (max-stale-ttl default) ($n)" 921 ret=0 922 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 923 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 924 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 925 grep "data\.example\..*2.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 926 if [ $ret != 0 ]; then echo_i "failed"; fi 927 status=$((status+ret)) 928 929 n=$((n+1)) 930 echo_i "prime cache othertype.example (max-stale-ttl default) ($n)" 931 ret=0 932 $DIG -p ${PORT} @10.53.0.3 othertype.example CAA > dig.out.test$n 933 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 934 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 935 grep "othertype\.example\..*2.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 936 if [ $ret != 0 ]; then echo_i "failed"; fi 937 status=$((status+ret)) 938 939 n=$((n+1)) 940 echo_i "prime cache nodata.example (max-stale-ttl default) ($n)" 941 ret=0 942 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$n 943 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 944 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 945 grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 946 if [ $ret != 0 ]; then echo_i "failed"; fi 947 status=$((status+ret)) 948 949 n=$((n+1)) 950 echo_i "prime cache nxdomain.example (max-stale-ttl default) ($n)" 951 ret=0 952 $DIG -p ${PORT} @10.53.0.3 nxdomain.example TXT > dig.out.test$n 953 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 954 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 955 grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 956 if [ $ret != 0 ]; then echo_i "failed"; fi 957 status=$((status+ret)) 958 959 n=$((n+1)) 960 echo_i "verify prime cache statistics (max-stale-ttl default) ($n)" 961 ret=0 962 rm -f ns3/named.stats 963 $RNDCCMD 10.53.0.3 stats > /dev/null 2>&1 964 [ -f ns3/named.stats ] || ret=1 965 cp ns3/named.stats ns3/named.stats.$n 966 # Check first 10 lines of Cache DB statistics. After prime queries, we expect 967 # two active TXT RRsets, one active Others, one nxrrset TXT, and one NXDOMAIN. 968 grep -A 10 "++ Cache DB RRsets ++" ns3/named.stats.$n > ns3/named.stats.$n.cachedb || ret=1 969 grep "2 TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 970 grep "1 Others" ns3/named.stats.$n.cachedb > /dev/null || ret=1 971 grep "1 !TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 972 grep "1 NXDOMAIN" ns3/named.stats.$n.cachedb > /dev/null || ret=1 973 status=$((status+ret)) 974 if [ $ret != 0 ]; then echo_i "failed"; fi 975 976 n=$((n+1)) 977 echo_i "disable responses from authoritative server ($n)" 978 ret=0 979 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 980 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 981 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 982 if [ $ret != 0 ]; then echo_i "failed"; fi 983 status=$((status+ret)) 984 985 n=$((n+1)) 986 echo_i "check 'rndc serve-stale status' ($n)" 987 ret=0 988 $RNDCCMD 10.53.0.3 serve-stale status > rndc.out.test$n 2>&1 || ret=1 989 grep "_default: off (stale-answer-ttl=$stale_answer_ttl max-stale-ttl=$max_stale_ttl stale-refresh-time=30)" rndc.out.test$n > /dev/null || ret=1 990 if [ $ret != 0 ]; then echo_i "failed"; fi 991 status=$((status+ret)) 992 993 sleep 2 994 995 echo_i "sending queries for tests $((n+1))-$((n+4))..." 996 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$((n+1)) & 997 $DIG -p ${PORT} @10.53.0.3 othertype.example CAA > dig.out.test$((n+2)) & 998 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$((n+3)) & 999 $DIG -p ${PORT} @10.53.0.3 nxdomain.example TXT > dig.out.test$((n+4)) 1000 1001 wait 1002 1003 n=$((n+1)) 1004 echo_i "check fail of data.example (max-stale-ttl default) ($n)" 1005 ret=0 1006 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1007 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1008 if [ $ret != 0 ]; then echo_i "failed"; fi 1009 status=$((status+ret)) 1010 1011 n=$((n+1)) 1012 echo_i "check fail of othertype.example (max-stale-ttl default) ($n)" 1013 ret=0 1014 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1015 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1016 if [ $ret != 0 ]; then echo_i "failed"; fi 1017 status=$((status+ret)) 1018 1019 n=$((n+1)) 1020 echo_i "check fail of nodata.example (max-stale-ttl default) ($n)" 1021 ret=0 1022 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1023 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1024 if [ $ret != 0 ]; then echo_i "failed"; fi 1025 status=$((status+ret)) 1026 1027 n=$((n+1)) 1028 echo_i "check fail of nxdomain.example (max-stale-ttl default) ($n)" 1029 ret=0 1030 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1031 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1032 if [ $ret != 0 ]; then echo_i "failed"; fi 1033 status=$((status+ret)) 1034 1035 n=$((n+1)) 1036 echo_i "verify stale cache statistics (max-stale-ttl default) ($n)" 1037 ret=0 1038 rm -f ns3/named.stats 1039 $RNDCCMD 10.53.0.3 stats > /dev/null 2>&1 1040 [ -f ns3/named.stats ] || ret=1 1041 cp ns3/named.stats ns3/named.stats.$n 1042 # Check first 10 lines of Cache DB statistics. After last queries, we expect 1043 # one active TXT RRset, one stale TXT, one stale nxrrset TXT, and one stale 1044 # NXDOMAIN. 1045 grep -A 10 "++ Cache DB RRsets ++" ns3/named.stats.$n > ns3/named.stats.$n.cachedb || ret=1 1046 grep "1 TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 1047 grep "1 #TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 1048 grep "1 #Others" ns3/named.stats.$n.cachedb > /dev/null || ret=1 1049 grep "1 #!TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 1050 grep "1 #NXDOMAIN" ns3/named.stats.$n.cachedb > /dev/null || ret=1 1051 1052 status=$((status+ret)) 1053 if [ $ret != 0 ]; then echo_i "failed"; fi 1054 1055 n=$((n+1)) 1056 echo_i "check 'rndc serve-stale on' ($n)" 1057 ret=0 1058 $RNDCCMD 10.53.0.3 serve-stale on > rndc.out.test$n 2>&1 || ret=1 1059 if [ $ret != 0 ]; then echo_i "failed"; fi 1060 status=$((status+ret)) 1061 1062 n=$((n+1)) 1063 echo_i "check 'rndc serve-stale status' ($n)" 1064 ret=0 1065 $RNDCCMD 10.53.0.3 serve-stale status > rndc.out.test$n 2>&1 || ret=1 1066 grep "_default: on (rndc) (stale-answer-ttl=$stale_answer_ttl max-stale-ttl=$max_stale_ttl stale-refresh-time=30)" rndc.out.test$n > /dev/null || ret=1 1067 if [ $ret != 0 ]; then echo_i "failed"; fi 1068 status=$((status+ret)) 1069 1070 sleep 2 1071 1072 # Check that if we don't have stale data for a domain name, we will 1073 # not answer anything until the resolver query timeout. 1074 n=$((n+1)) 1075 echo_i "check notincache.example times out (max-stale-ttl default) ($n)" 1076 ret=0 1077 $DIG -p ${PORT} +tries=1 +timeout=3 @10.53.0.3 notfound.example TXT > dig.out.test$n 2>&1 1078 grep "connection timed out" dig.out.test$n > /dev/null || ret=1 1079 if [ $ret != 0 ]; then echo_i "failed"; fi 1080 status=$((status+ret)) 1081 1082 echo_i "sending queries for tests $((n+1))-$((n+4))..." 1083 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$((n+1)) & 1084 $DIG -p ${PORT} @10.53.0.3 othertype.example CAA > dig.out.test$((n+2)) & 1085 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$((n+3)) & 1086 $DIG -p ${PORT} @10.53.0.3 nxdomain.example TXT > dig.out.test$((n+4)) & 1087 $DIG -p ${PORT} @10.53.0.3 notfound.example TXT > dig.out.test$((n+5)) 1088 1089 wait 1090 1091 n=$((n+1)) 1092 echo_i "check data.example (max-stale-ttl default) ($n)" 1093 ret=0 1094 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1095 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1096 grep "data\.example\..*30.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1097 if [ $ret != 0 ]; then echo_i "failed"; fi 1098 status=$((status+ret)) 1099 1100 n=$((n+1)) 1101 echo_i "check othertype.example (max-stale-ttl default) ($n)" 1102 ret=0 1103 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1104 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1105 grep "example\..*30.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 1106 if [ $ret != 0 ]; then echo_i "failed"; fi 1107 status=$((status+ret)) 1108 1109 n=$((n+1)) 1110 echo_i "check nodata.example (max-stale-ttl default) ($n)" 1111 ret=0 1112 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1113 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1114 grep "example\..*30.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 1115 if [ $ret != 0 ]; then echo_i "failed"; fi 1116 status=$((status+ret)) 1117 1118 n=$((n+1)) 1119 echo_i "check nxdomain.example (max-stale-ttl default) ($n)" 1120 ret=0 1121 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 1122 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1123 grep "example\..*30.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 1124 if [ $ret != 0 ]; then echo_i "failed"; fi 1125 status=$((status+ret)) 1126 1127 # The notfound.example check is different than nxdomain.example because 1128 # we didn't send a prime query to add notfound.example to the cache. 1129 n=$((n+1)) 1130 echo_i "check notfound.example (max-stale-ttl default) ($n)" 1131 ret=0 1132 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1133 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1134 if [ $ret != 0 ]; then echo_i "failed"; fi 1135 status=$((status+ret)) 1136 1137 # 1138 # Now test server with serve-stale answers disabled. 1139 # 1140 echo_i "test server with serve-stale disabled" 1141 1142 n=$((n+1)) 1143 echo_i "enable responses from authoritative server ($n)" 1144 ret=0 1145 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 1146 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1147 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 1148 if [ $ret != 0 ]; then echo_i "failed"; fi 1149 status=$((status+ret)) 1150 1151 n=$((n+1)) 1152 echo_i "prime cache longttl.example (serve-stale answers disabled) ($n)" 1153 ret=0 1154 $DIG -p ${PORT} @10.53.0.4 longttl.example TXT > dig.out.test$n 1155 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1156 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1157 if [ $ret != 0 ]; then echo_i "failed"; fi 1158 status=$((status+ret)) 1159 1160 n=$((n+1)) 1161 echo_i "prime cache data.example (serve-stale answers disabled) ($n)" 1162 ret=0 1163 $DIG -p ${PORT} @10.53.0.4 data.example TXT > dig.out.test$n 1164 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1165 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1166 grep "data\.example\..*2.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1167 if [ $ret != 0 ]; then echo_i "failed"; fi 1168 status=$((status+ret)) 1169 1170 n=$((n+1)) 1171 echo_i "prime cache othertype.example (serve-stale answers disabled) ($n)" 1172 ret=0 1173 $DIG -p ${PORT} @10.53.0.4 othertype.example CAA > dig.out.test$n 1174 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1175 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1176 grep "othertype\.example\..*2.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 1177 if [ $ret != 0 ]; then echo_i "failed"; fi 1178 status=$((status+ret)) 1179 1180 n=$((n+1)) 1181 echo_i "prime cache nodata.example (serve-stale answers disabled) ($n)" 1182 ret=0 1183 $DIG -p ${PORT} @10.53.0.4 nodata.example TXT > dig.out.test$n 1184 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1185 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1186 grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 1187 if [ $ret != 0 ]; then echo_i "failed"; fi 1188 status=$((status+ret)) 1189 1190 n=$((n+1)) 1191 echo_i "prime cache nxdomain.example (serve-stale answers disabled) ($n)" 1192 ret=0 1193 $DIG -p ${PORT} @10.53.0.4 nxdomain.example TXT > dig.out.test$n 1194 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 1195 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1196 grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 1197 if [ $ret != 0 ]; then echo_i "failed"; fi 1198 status=$((status+ret)) 1199 1200 n=$((n+1)) 1201 echo_i "verify prime cache statistics (serve-stale answers disabled) ($n)" 1202 ret=0 1203 rm -f ns4/named.stats 1204 $RNDCCMD 10.53.0.4 stats > /dev/null 2>&1 1205 [ -f ns4/named.stats ] || ret=1 1206 cp ns4/named.stats ns4/named.stats.$n 1207 # Check first 10 lines of Cache DB statistics. After prime queries, we expect 1208 # two active TXT RRsets, one active Others, one nxrrset TXT, and one NXDOMAIN. 1209 grep -A 10 "++ Cache DB RRsets ++" ns4/named.stats.$n > ns4/named.stats.$n.cachedb || ret=1 1210 grep "2 TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1211 grep "1 Others" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1212 grep "1 !TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1213 grep "1 NXDOMAIN" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1214 status=$((status+ret)) 1215 if [ $ret != 0 ]; then echo_i "failed"; fi 1216 1217 n=$((n+1)) 1218 echo_i "disable responses from authoritative server ($n)" 1219 ret=0 1220 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 1221 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1222 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 1223 if [ $ret != 0 ]; then echo_i "failed"; fi 1224 status=$((status+ret)) 1225 1226 n=$((n+1)) 1227 echo_i "check 'rndc serve-stale status' ($n)" 1228 ret=0 1229 $RNDCCMD 10.53.0.4 serve-stale status > rndc.out.test$n 2>&1 || ret=1 1230 grep "_default: off (stale-answer-ttl=$stale_answer_ttl max-stale-ttl=$max_stale_ttl stale-refresh-time=30)" rndc.out.test$n > /dev/null || ret=1 1231 if [ $ret != 0 ]; then echo_i "failed"; fi 1232 status=$((status+ret)) 1233 1234 sleep 2 1235 1236 echo_i "sending queries for tests $((n+1))-$((n+4))..." 1237 $DIG -p ${PORT} @10.53.0.4 data.example TXT > dig.out.test$((n+1)) & 1238 $DIG -p ${PORT} @10.53.0.4 othertype.example CAA > dig.out.test$((n+2)) & 1239 $DIG -p ${PORT} @10.53.0.4 nodata.example TXT > dig.out.test$((n+3)) & 1240 $DIG -p ${PORT} @10.53.0.4 nxdomain.example TXT > dig.out.test$((n+4)) 1241 1242 wait 1243 1244 n=$((n+1)) 1245 echo_i "check fail of data.example (serve-stale answers disabled) ($n)" 1246 ret=0 1247 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1248 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1249 if [ $ret != 0 ]; then echo_i "failed"; fi 1250 status=$((status+ret)) 1251 1252 n=$((n+1)) 1253 echo_i "check fail of othertype.example (serve-stale answers disabled) ($n)" 1254 ret=0 1255 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1256 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1257 if [ $ret != 0 ]; then echo_i "failed"; fi 1258 status=$((status+ret)) 1259 1260 n=$((n+1)) 1261 echo_i "check fail of nodata.example (serve-stale answers disabled) ($n)" 1262 ret=0 1263 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1264 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1265 if [ $ret != 0 ]; then echo_i "failed"; fi 1266 status=$((status+ret)) 1267 1268 n=$((n+1)) 1269 echo_i "check fail of nxdomain.example (serve-stale answers disabled) ($n)" 1270 ret=0 1271 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1272 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1273 if [ $ret != 0 ]; then echo_i "failed"; fi 1274 status=$((status+ret)) 1275 1276 n=$((n+1)) 1277 echo_i "verify stale cache statistics (serve-stale answers disabled) ($n)" 1278 ret=0 1279 rm -f ns4/named.stats 1280 $RNDCCMD 10.53.0.4 stats > /dev/null 2>&1 1281 [ -f ns4/named.stats ] || ret=1 1282 cp ns4/named.stats ns4/named.stats.$n 1283 # Check first 10 lines of Cache DB statistics. After last queries, we expect 1284 # one active TXT RRset, one stale TXT, one stale nxrrset TXT, and one stale 1285 # NXDOMAIN. 1286 grep -A 10 "++ Cache DB RRsets ++" ns4/named.stats.$n > ns4/named.stats.$n.cachedb || ret=1 1287 grep "1 TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1288 grep "1 #TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1289 grep "1 #Others" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1290 grep "1 #!TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1291 grep "1 #NXDOMAIN" ns4/named.stats.$n.cachedb > /dev/null || ret=1 1292 status=$((status+ret)) 1293 if [ $ret != 0 ]; then echo_i "failed"; fi 1294 1295 # Dump the cache. 1296 n=$((n+1)) 1297 echo_i "dump the cache (serve-stale answers disabled) ($n)" 1298 ret=0 1299 rndc_dumpdb ns4 -cache || ret=1 1300 if [ $ret != 0 ]; then echo_i "failed"; fi 1301 status=$((status+ret)) 1302 1303 echo_i "stop ns4" 1304 $PERL $SYSTEMTESTTOP/stop.pl --use-rndc --port ${CONTROLPORT} serve-stale ns4 1305 1306 # Load the cache as if it was five minutes (RBTDB_VIRTUAL) older. Since 1307 # max-stale-ttl defaults to a week, we need to adjust the date by one week and 1308 # five minutes. 1309 LASTWEEK=`TZ=UTC perl -e 'my $now = time(); 1310 my $oneWeekAgo = $now - 604800; 1311 my $fiveMinutesAgo = $oneWeekAgo - 300; 1312 my ($s, $m, $h, $d, $mo, $y) = (localtime($fiveMinutesAgo))[0, 1, 2, 3, 4, 5]; 1313 printf("%04d%02d%02d%02d%02d%02d", $y+1900, $mo+1, $d, $h, $m, $s);'` 1314 1315 echo_i "mock the cache date to $LASTWEEK (serve-stale answers disabled) ($n)" 1316 ret=0 1317 sed -E "s/DATE [0-9]{14}/DATE $LASTWEEK/g" ns4/named_dump.db.test$n > ns4/named_dump.db.out || ret=1 1318 cp ns4/named_dump.db.out ns4/named_dump.db 1319 if [ $ret != 0 ]; then echo_i "failed"; fi 1320 status=$((status+ret)) 1321 1322 echo_i "start ns4" 1323 $PERL $SYSTEMTESTTOP/start.pl --noclean --restart --port ${PORT} serve-stale ns4 1324 1325 n=$((n+1)) 1326 echo_i "verify ancient cache statistics (serve-stale answers disabled) ($n)" 1327 ret=0 1328 rm -f ns4/named.stats 1329 $RNDCCMD 10.53.0.4 stats #> /dev/null 2>&1 1330 [ -f ns4/named.stats ] || ret=1 1331 cp ns4/named.stats ns4/named.stats.$n 1332 # Check first 10 lines of Cache DB statistics. After last queries, we expect 1333 # everything to be removed or scheduled to be removed. 1334 grep -A 10 "++ Cache DB RRsets ++" ns4/named.stats.$n > ns4/named.stats.$n.cachedb || ret=1 1335 grep "#TXT" ns4/named.stats.$n.cachedb > /dev/null && ret=1 1336 grep "#Others" ns4/named.stats.$n.cachedb > /dev/null && ret=1 1337 grep "#!TXT" ns4/named.stats.$n.cachedb > /dev/null && ret=1 1338 grep "#NXDOMAIN" ns4/named.stats.$n.cachedb > /dev/null && ret=1 1339 status=$((status+ret)) 1340 if [ $ret != 0 ]; then echo_i "failed"; fi 1341 1342 # 1343 # Test the server with stale-cache disabled. 1344 # 1345 echo_i "test server with serve-stale cache disabled" 1346 1347 n=$((n+1)) 1348 echo_i "enable responses from authoritative server ($n)" 1349 ret=0 1350 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 1351 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1352 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 1353 if [ $ret != 0 ]; then echo_i "failed"; fi 1354 status=$((status+ret)) 1355 1356 n=$((n+1)) 1357 echo_i "prime cache longttl.example (serve-stale cache disabled) ($n)" 1358 ret=0 1359 $DIG -p ${PORT} @10.53.0.5 longttl.example TXT > dig.out.test$n 1360 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1361 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1362 if [ $ret != 0 ]; then echo_i "failed"; fi 1363 status=$((status+ret)) 1364 1365 n=$((n+1)) 1366 echo_i "prime cache data.example (serve-stale cache disabled) ($n)" 1367 ret=0 1368 $DIG -p ${PORT} @10.53.0.5 data.example TXT > dig.out.test$n 1369 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1370 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1371 grep "data\.example\..*2.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1372 if [ $ret != 0 ]; then echo_i "failed"; fi 1373 status=$((status+ret)) 1374 1375 n=$((n+1)) 1376 echo_i "prime cache othertype.example (serve-stale cache disabled) ($n)" 1377 ret=0 1378 $DIG -p ${PORT} @10.53.0.5 othertype.example CAA > dig.out.test$n 1379 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1380 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1381 grep "othertype\.example\..*2.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 1382 if [ $ret != 0 ]; then echo_i "failed"; fi 1383 status=$((status+ret)) 1384 1385 n=$((n+1)) 1386 echo_i "prime cache nodata.example (serve-stale cache disabled) ($n)" 1387 ret=0 1388 $DIG -p ${PORT} @10.53.0.5 nodata.example TXT > dig.out.test$n 1389 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1390 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1391 grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 1392 if [ $ret != 0 ]; then echo_i "failed"; fi 1393 status=$((status+ret)) 1394 1395 n=$((n+1)) 1396 echo_i "prime cache nxdomain.example (serve-stale cache disabled) ($n)" 1397 ret=0 1398 $DIG -p ${PORT} @10.53.0.5 nxdomain.example TXT > dig.out.test$n 1399 grep "status: NXDOMAIN" dig.out.test$n > /dev/null || ret=1 1400 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1401 grep "example\..*2.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 1402 if [ $ret != 0 ]; then echo_i "failed"; fi 1403 status=$((status+ret)) 1404 1405 n=$((n+1)) 1406 echo_i "verify prime cache statistics (serve-stale cache disabled) ($n)" 1407 ret=0 1408 rm -f ns5/named.stats 1409 $RNDCCMD 10.53.0.5 stats > /dev/null 2>&1 1410 [ -f ns5/named.stats ] || ret=1 1411 cp ns5/named.stats ns5/named.stats.$n 1412 # Check first 10 lines of Cache DB statistics. After serve-stale queries, 1413 # we expect two active TXT RRsets, one active Others, one nxrrset TXT, and 1414 # one NXDOMAIN. 1415 grep -A 10 "++ Cache DB RRsets ++" ns5/named.stats.$n > ns5/named.stats.$n.cachedb || ret=1 1416 grep "2 TXT" ns5/named.stats.$n.cachedb > /dev/null || ret=1 1417 grep "1 Others" ns5/named.stats.$n.cachedb > /dev/null || ret=1 1418 grep "1 !TXT" ns5/named.stats.$n.cachedb > /dev/null || ret=1 1419 grep "1 NXDOMAIN" ns5/named.stats.$n.cachedb > /dev/null || ret=1 1420 status=$((status+ret)) 1421 if [ $ret != 0 ]; then echo_i "failed"; fi 1422 1423 n=$((n+1)) 1424 echo_i "disable responses from authoritative server ($n)" 1425 ret=0 1426 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 1427 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1428 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 1429 if [ $ret != 0 ]; then echo_i "failed"; fi 1430 status=$((status+ret)) 1431 1432 n=$((n+1)) 1433 echo_i "check 'rndc serve-stale status' ($n)" 1434 ret=0 1435 $RNDCCMD 10.53.0.5 serve-stale status > rndc.out.test$n 2>&1 || ret=1 1436 grep "_default: off (not-cached)" rndc.out.test$n > /dev/null || ret=1 1437 if [ $ret != 0 ]; then echo_i "failed"; fi 1438 status=$((status+ret)) 1439 1440 sleep 2 1441 1442 echo_i "sending queries for tests $((n+1))-$((n+4))..." 1443 $DIG -p ${PORT} @10.53.0.5 data.example TXT > dig.out.test$((n+1)) & 1444 $DIG -p ${PORT} @10.53.0.5 othertype.example CAA > dig.out.test$((n+2)) & 1445 $DIG -p ${PORT} @10.53.0.5 nodata.example TXT > dig.out.test$((n+3)) & 1446 $DIG -p ${PORT} @10.53.0.5 nxdomain.example TXT > dig.out.test$((n+4)) 1447 1448 wait 1449 1450 n=$((n+1)) 1451 echo_i "check fail of data.example (serve-stale cache disabled) ($n)" 1452 ret=0 1453 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1454 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1455 if [ $ret != 0 ]; then echo_i "failed"; fi 1456 status=$((status+ret)) 1457 1458 n=$((n+1)) 1459 echo_i "check fail of othertype.example (serve-stale cache disabled) ($n)" 1460 ret=0 1461 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1462 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1463 if [ $ret != 0 ]; then echo_i "failed"; fi 1464 status=$((status+ret)) 1465 1466 n=$((n+1)) 1467 echo_i "check fail of nodata.example (serve-stale cache disabled) ($n)" 1468 ret=0 1469 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1470 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1471 if [ $ret != 0 ]; then echo_i "failed"; fi 1472 status=$((status+ret)) 1473 1474 n=$((n+1)) 1475 echo_i "check fail of nxdomain.example (serve-stale cache disabled) ($n)" 1476 ret=0 1477 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 1478 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1479 if [ $ret != 0 ]; then echo_i "failed"; fi 1480 status=$((status+ret)) 1481 1482 n=$((n+1)) 1483 echo_i "verify stale cache statistics (serve-stale cache disabled) ($n)" 1484 ret=0 1485 rm -f ns5/named.stats 1486 $RNDCCMD 10.53.0.5 stats > /dev/null 2>&1 1487 [ -f ns5/named.stats ] || ret=1 1488 cp ns5/named.stats ns5/named.stats.$n 1489 # Check first 10 lines of Cache DB statistics. After serve-stale queries, 1490 # we expect one active TXT (longttl) and the rest to be expired from cache, 1491 # but since we keep everything for 5 minutes (RBTDB_VIRTUAL) in the cache 1492 # after expiry, they still show up in the stats. 1493 grep -A 10 "++ Cache DB RRsets ++" ns5/named.stats.$n > ns5/named.stats.$n.cachedb || ret=1 1494 grep -F "1 Others" ns5/named.stats.$n.cachedb > /dev/null || ret=1 1495 grep -F "2 TXT" ns5/named.stats.$n.cachedb > /dev/null || ret=1 1496 grep -F "1 !TXT" ns5/named.stats.$n.cachedb > /dev/null || ret=1 1497 grep -F "1 NXDOMAIN" ns5/named.stats.$n.cachedb > /dev/null || ret=1 1498 status=$((status+ret)) 1499 if [ $ret != 0 ]; then echo_i "failed"; fi 1500 1501 # Dump the cache. 1502 n=$((n+1)) 1503 echo_i "dump the cache (serve-stale cache disabled) ($n)" 1504 ret=0 1505 rndc_dumpdb ns5 || ret=1 1506 if [ $ret != 0 ]; then echo_i "failed"; fi 1507 status=$((status+ret)) 1508 # Check that expired records are not dumped. 1509 ret=0 1510 grep "; expired since .* (awaiting cleanup)" ns5/named_dump.db.test$n && ret=1 1511 if [ $ret != 0 ]; then echo_i "failed"; fi 1512 status=$((status+ret)) 1513 1514 # Dump the cache including expired entries. 1515 n=$((n+1)) 1516 echo_i "dump the cache including expired entries (serve-stale cache disabled) ($n)" 1517 ret=0 1518 rndc_dumpdb ns5 -expired || ret=1 1519 if [ $ret != 0 ]; then echo_i "failed"; fi 1520 status=$((status+ret)) 1521 1522 # Check that expired records are dumped. 1523 echo_i "check rndc dump expired data.example ($n)" 1524 ret=0 1525 awk '/; expired/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n | 1526 grep "; expired since .* (awaiting cleanup) data\.example\..*A text record with a 2 second ttl" > /dev/null 2>&1 || ret=1 1527 awk '/; expired/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n | 1528 grep "; expired since .* (awaiting cleanup) nodata\.example\." > /dev/null 2>&1 || ret=1 1529 awk '/; expired/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n | 1530 grep "; expired since .* (awaiting cleanup) nxdomain\.example\." > /dev/null 2>&1 || ret=1 1531 awk '/; expired/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n | 1532 grep "; expired since .* (awaiting cleanup) othertype\.example\." > /dev/null 2>&1 || ret=1 1533 # Also make sure the not expired data does not have an expired comment. 1534 awk '/; answer/ { x=$0; getline; print x, $0}' ns5/named_dump.db.test$n | 1535 grep "; answer longttl\.example.*A text record with a 600 second ttl" > /dev/null 2>&1 || ret=1 1536 if [ $ret != 0 ]; then echo_i "failed"; fi 1537 status=$((status+ret)) 1538 1539 echo_i "stop ns5" 1540 $PERL ../stop.pl --use-rndc --port ${CONTROLPORT} serve-stale ns5 1541 1542 # Load the cache as if it was five minutes (RBTDB_VIRTUAL) older. 1543 cp ns5/named_dump.db.test$n ns5/named_dump.db 1544 FIVEMINUTESAGO=`TZ=UTC perl -e 'my $now = time(); 1545 my $fiveMinutesAgo = 300; 1546 my ($s, $m, $h, $d, $mo, $y) = (localtime($fiveMinutesAgo))[0, 1, 2, 3, 4, 5]; 1547 printf("%04d%02d%02d%02d%02d%02d", $y+1900, $mo+1, $d, $h, $m, $s);'` 1548 1549 n=$((n+1)) 1550 echo_i "mock the cache date to $FIVEMINUTESAGO (serve-stale cache disabled) ($n)" 1551 ret=0 1552 sed -E "s/DATE [0-9]{14}/DATE $FIVEMINUTESAGO/g" ns5/named_dump.db > ns5/named_dump.db.out || ret=1 1553 cp ns5/named_dump.db.out ns5/named_dump.db 1554 if [ $ret != 0 ]; then echo_i "failed"; fi 1555 status=$((status+ret)) 1556 1557 echo_i "start ns5" 1558 start_server --noclean --restart --port ${PORT} serve-stale ns5 1559 1560 n=$((n+1)) 1561 echo_i "verify ancient cache statistics (serve-stale cache disabled) ($n)" 1562 ret=0 1563 rm -f ns5/named.stats 1564 $RNDCCMD 10.53.0.5 stats #> /dev/null 2>&1 1565 [ -f ns5/named.stats ] || ret=1 1566 cp ns5/named.stats ns5/named.stats.$n 1567 # Check first 10 lines of Cache DB statistics. After last queries, we expect 1568 # everything to be removed or scheduled to be removed. 1569 grep -A 10 "++ Cache DB RRsets ++" ns5/named.stats.$n > ns5/named.stats.$n.cachedb || ret=1 1570 grep -F "#TXT" ns5/named.stats.$n.cachedb > /dev/null && ret=1 1571 grep -F "#Others" ns5/named.stats.$n.cachedb > /dev/null && ret=1 1572 grep -F "#!TXT" ns5/named.stats.$n.cachedb > /dev/null && ret=1 1573 grep -F "#NXDOMAIN" ns5/named.stats.$n.cachedb > /dev/null && ret=1 1574 status=$((status+ret)) 1575 if [ $ret != 0 ]; then echo_i "failed"; fi 1576 1577 ################################################ 1578 # Test for stale-answer-client-timeout (1.8s). # 1579 ################################################ 1580 echo_i "test stale-answer-client-timeout (1.8)" 1581 1582 n=$((n+1)) 1583 echo_i "updating ns3/named.conf ($n)" 1584 ret=0 1585 copy_setports ns3/named2.conf.in ns3/named.conf 1586 if [ $ret != 0 ]; then echo_i "failed"; fi 1587 status=$((status+ret)) 1588 1589 echo_i "restart ns3" 1590 $PERL ../stop.pl --use-rndc --port ${CONTROLPORT} serve-stale ns3 1591 start_server --noclean --restart --port ${PORT} serve-stale ns3 1592 1593 n=$((n+1)) 1594 echo_i "check 'rndc serve-stale status' ($n)" 1595 ret=0 1596 $RNDCCMD 10.53.0.3 serve-stale status > rndc.out.test$n 2>&1 || ret=1 1597 grep '_default: on (stale-answer-ttl=3 max-stale-ttl=3600 stale-refresh-time=0)' rndc.out.test$n > /dev/null || ret=1 1598 if [ $ret != 0 ]; then echo_i "failed"; fi 1599 status=$((status+ret)) 1600 1601 n=$((n+1)) 1602 echo_i "enable responses from authoritative server ($n)" 1603 ret=0 1604 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 1605 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1606 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 1607 if [ $ret != 0 ]; then echo_i "failed"; fi 1608 status=$((status+ret)) 1609 1610 n=$((n+1)) 1611 echo_i "prime cache data.example (stale-answer-client-timeout)" 1612 ret=0 1613 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1614 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1615 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1616 if [ $ret != 0 ]; then echo_i "failed"; fi 1617 status=$((status+ret)) 1618 1619 n=$((n+1)) 1620 echo_i "prime cache nodata.example (stale-answer-client-timeout)" 1621 ret=0 1622 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$n 1623 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1624 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1625 if [ $ret != 0 ]; then echo_i "failed"; fi 1626 status=$((status+ret)) 1627 1628 n=$((n+1)) 1629 echo_i "disable responses from authoritative server ($n)" 1630 ret=0 1631 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 1632 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1633 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 1634 if [ $ret != 0 ]; then echo_i "failed"; fi 1635 status=$((status+ret)) 1636 1637 # Allow RRset to become stale. 1638 sleep 2 1639 1640 echo_i "sending queries for tests $((n+1))-$((n+2))..." 1641 $DIG -p ${PORT} +tries=1 +timeout=10 @10.53.0.3 data.example TXT > dig.out.test$((n+1)) & 1642 $DIG -p ${PORT} +tries=1 +timeout=10 @10.53.0.3 nodata.example TXT > dig.out.test$((n+2)) 1643 wait 1644 1645 # We configured a long value of 30 seconds for resolver-query-timeout. 1646 # That should give us enough time to receive an stale answer from cache 1647 # after stale-answer-client-timeout timer of 1.8 sec triggers. 1648 n=$((n+1)) 1649 echo_i "check stale data.example comes from cache (default stale-answer-client-timeout) ($n)" 1650 nextpart ns3/named.run > /dev/null 1651 t1=`$PERL -e 'print time()'` 1652 t2=`$PERL -e 'print time()'` 1653 wait_for_log 5 "data.example client timeout, stale answer used" ns3/named.run || ret=1 1654 ret=0 1655 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1656 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1657 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1658 # Default stale-answer-client-timeout is 1.8s, we allow some extra time 1659 # just in case other tests are taking too much cpu. 1660 [ $((t2 - t1)) -le 10 ] || { echo_i "query took $((t2 - t1))s to resolve."; ret=1; } 1661 if [ $ret != 0 ]; then echo_i "failed"; fi 1662 status=$((status+ret)) 1663 1664 n=$((n+1)) 1665 echo_i "check stale nodata.example comes from cache (default stale-answer-client-timeout) ($n)" 1666 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1667 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1668 grep "example\..*3.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 1669 if [ $ret != 0 ]; then echo_i "failed"; fi 1670 status=$((status+ret)) 1671 1672 ############################################# 1673 # Test for stale-answer-client-timeout off. # 1674 ############################################# 1675 echo_i "test stale-answer-client-timeout (off)" 1676 1677 n=$((n+1)) 1678 echo_i "updating ns3/named.conf ($n)" 1679 ret=0 1680 copy_setports ns3/named3.conf.in ns3/named.conf 1681 if [ $ret != 0 ]; then echo_i "failed"; fi 1682 status=$((status+ret)) 1683 1684 n=$((n+1)) 1685 echo_i "running 'rndc reload' ($n)" 1686 ret=0 1687 rndc_reload ns3 10.53.0.3 1688 if [ $ret != 0 ]; then echo_i "failed"; fi 1689 status=$((status+ret)) 1690 1691 # Send a query, auth server is disabled, we will enable it after a while in 1692 # order to receive an answer before resolver-query-timeout expires. Since 1693 # stale-answer-client-timeout is disabled we must receive an answer from 1694 # authoritative server. 1695 echo_i "sending query for test $((n+2))" 1696 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$((n+2)) & 1697 sleep 3 1698 1699 n=$((n+1)) 1700 echo_i "enable responses from authoritative server ($n)" 1701 ret=0 1702 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 1703 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1704 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 1705 if [ $ret != 0 ]; then echo_i "failed"; fi 1706 status=$((status+ret)) 1707 1708 # Wait until dig is done. 1709 wait 1710 1711 n=$((n+1)) 1712 echo_i "check data.example comes from authoritative server (stale-answer-client-timeout off) ($n)" 1713 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1714 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1715 grep "data\.example\..*[12].*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1716 if [ $ret != 0 ]; then echo_i "failed"; fi 1717 status=$((status+ret)) 1718 1719 ############################################# 1720 # Test for stale-answer-client-timeout 0. # 1721 ############################################# 1722 echo_i "test stale-answer-client-timeout (0)" 1723 1724 n=$((n+1)) 1725 echo_i "updating ns3/named.conf ($n)" 1726 ret=0 1727 copy_setports ns3/named4.conf.in ns3/named.conf 1728 if [ $ret != 0 ]; then echo_i "failed"; fi 1729 status=$((status+ret)) 1730 1731 echo_i "restart ns3" 1732 $PERL ../stop.pl --use-rndc --port ${CONTROLPORT} serve-stale ns3 1733 start_server --noclean --restart --port ${PORT} serve-stale ns3 1734 1735 n=$((n+1)) 1736 echo_i "prime cache data.example (stale-answer-client-timeout 0)" 1737 ret=0 1738 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1739 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1740 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1741 if [ $ret != 0 ]; then echo_i "failed"; fi 1742 status=$((status+ret)) 1743 1744 n=$((n+1)) 1745 echo_i "prime cache nodata.example (stale-answer-client-timeout 0)" 1746 ret=0 1747 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$n 1748 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1749 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1750 if [ $ret != 0 ]; then echo_i "failed"; fi 1751 status=$((status+ret)) 1752 1753 n=$((n+1)) 1754 echo_i "disable responses from authoritative server ($n)" 1755 ret=0 1756 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 1757 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1758 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 1759 if [ $ret != 0 ]; then echo_i "failed"; fi 1760 status=$((status+ret)) 1761 1762 # Allow RRset to become stale. 1763 sleep 2 1764 1765 n=$((n+1)) 1766 ret=0 1767 echo_i "check stale nodata.example comes from cache (stale-answer-client-timeout 0) ($n)" 1768 nextpart ns3/named.run > /dev/null 1769 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$n 1770 wait_for_log 5 "nodata.example stale answer used, an attempt to refresh the RRset" ns3/named.run || ret=1 1771 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1772 grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 1773 grep "example\..*3.*IN.*SOA" dig.out.test$n > /dev/null || ret=1 1774 if [ $ret != 0 ]; then echo_i "failed"; fi 1775 status=$((status+ret)) 1776 1777 n=$((n+1)) 1778 ret=0 1779 echo_i "check stale data.example comes from cache (stale-answer-client-timeout 0) ($n)" 1780 nextpart ns3/named.run > /dev/null 1781 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1782 wait_for_log 5 "data.example stale answer used, an attempt to refresh the RRset" ns3/named.run || ret=1 1783 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1784 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1785 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1786 if [ $ret != 0 ]; then echo_i "failed"; fi 1787 status=$((status+ret)) 1788 1789 n=$((n+1)) 1790 echo_i "enable responses from authoritative server ($n)" 1791 ret=0 1792 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 1793 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1794 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 1795 if [ $ret != 0 ]; then echo_i "failed"; fi 1796 status=$((status+ret)) 1797 1798 wait_for_rrset_refresh() { 1799 nextpart ns3/named.run | grep 'data.example.*2.*TXT.*"A text record with a 2 second ttl"' > /dev/null && return 0 1800 return 1 1801 } 1802 1803 # This test ensures that after we get stale data due to 1804 # stale-answer-client-timeout 0, enabling the authoritative server will allow 1805 # the RRset to be updated. 1806 n=$((n+1)) 1807 ret=0 1808 echo_i "check stale data.example was refreshed (stale-answer-client-timeout 0) ($n)" 1809 retry_quiet 10 wait_for_rrset_refresh || ret=1 1810 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1811 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1812 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1813 grep "data\.example\..*[12].*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1814 if [ $ret != 0 ]; then echo_i "failed"; fi 1815 status=$((status+ret)) 1816 1817 wait_for_nodata_refresh() { 1818 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$n 1819 grep "status: NOERROR" dig.out.test$n > /dev/null || return 1 1820 grep "ANSWER: 0," dig.out.test$n > /dev/null || return 1 1821 grep "example\..*[12].*IN.*SOA" dig.out.test$n > /dev/null || return 1 1822 return 0 1823 } 1824 1825 n=$((n+1)) 1826 ret=0 1827 echo_i "check stale nodata.example was refreshed (stale-answer-client-timeout 0) ($n)" 1828 retry_quiet 10 wait_for_nodata_refresh || ret=1 1829 if [ $ret != 0 ]; then echo_i "failed"; fi 1830 status=$((status+ret)) 1831 1832 #################################################################### 1833 # Test for stale-answer-client-timeout 0 and stale-refresh-time 4. # 1834 #################################################################### 1835 echo_i "test stale-answer-client-timeout (0) and stale-refresh-time (4)" 1836 1837 n=$((n+1)) 1838 echo_i "updating ns3/named.conf ($n)" 1839 ret=0 1840 copy_setports ns3/named5.conf.in ns3/named.conf 1841 if [ $ret != 0 ]; then echo_i "failed"; fi 1842 status=$((status+ret)) 1843 1844 n=$((n+1)) 1845 echo_i "running 'rndc reload' ($n)" 1846 ret=0 1847 rndc_reload ns3 10.53.0.3 1848 if [ $ret != 0 ]; then echo_i "failed"; fi 1849 status=$((status+ret)) 1850 1851 n=$((n+1)) 1852 echo_i "flush cache, enable responses from authoritative server ($n)" 1853 ret=0 1854 $RNDCCMD 10.53.0.3 flushtree example > rndc.out.test$n.1 2>&1 || ret=1 1855 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 1856 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1857 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 1858 if [ $ret != 0 ]; then echo_i "failed"; fi 1859 status=$((status+ret)) 1860 1861 n=$((n+1)) 1862 echo_i "prime cache data.example (stale-answer-client-timeout 0, stale-refresh-time 4) ($n)" 1863 ret=0 1864 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1865 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1866 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1867 grep "data\.example\..*2.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1868 if [ $ret != 0 ]; then echo_i "failed"; fi 1869 status=$((status+ret)) 1870 1871 # Allow RRset to become stale. 1872 sleep 2 1873 1874 n=$((n+1)) 1875 echo_i "disable responses from authoritative server ($n)" 1876 ret=0 1877 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 1878 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1879 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 1880 if [ $ret != 0 ]; then echo_i "failed"; fi 1881 status=$((status+ret)) 1882 1883 n=$((n+1)) 1884 ret=0 1885 echo_i "check stale data.example comes from cache (stale-answer-client-timeout 0 stale-refresh-time 4) ($n)" 1886 nextpart ns3/named.run > /dev/null 1887 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1888 wait_for_log 5 "data.example stale answer used, an attempt to refresh the RRset" ns3/named.run || ret=1 1889 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1890 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1891 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1892 if [ $ret != 0 ]; then echo_i "failed"; fi 1893 status=$((status+ret)) 1894 1895 n=$((n+1)) 1896 echo_i "enable responses from authoritative server ($n)" 1897 ret=0 1898 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 1899 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1900 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 1901 if [ $ret != 0 ]; then echo_i "failed"; fi 1902 status=$((status+ret)) 1903 1904 # This test ensures that after we get stale data due to 1905 # stale-answer-client-timeout 0, enabling the authoritative server will allow 1906 # the RRset to be updated. 1907 n=$((n+1)) 1908 ret=0 1909 echo_i "check stale data.example was refreshed (stale-answer-client-timeout 0 stale-refresh-time 4) ($n)" 1910 retry_quiet 10 wait_for_rrset_refresh || ret=1 1911 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1912 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1913 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1914 grep "data\.example\..*[12].*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1915 if [ $ret != 0 ]; then echo_i "failed"; fi 1916 status=$((status+ret)) 1917 1918 # Allow RRset to become stale. 1919 sleep 2 1920 1921 n=$((n+1)) 1922 echo_i "disable responses from authoritative server ($n)" 1923 ret=0 1924 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 1925 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1926 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 1927 if [ $ret != 0 ]; then echo_i "failed"; fi 1928 status=$((status+ret)) 1929 1930 n=$((n+1)) 1931 ret=0 1932 echo_i "check stale data.example comes from cache (stale-answer-client-timeout 0 stale-refresh-time 4) ($n)" 1933 nextpart ns3/named.run > /dev/null 1934 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1935 wait_for_log 5 "data.example stale answer used, an attempt to refresh the RRset" ns3/named.run || ret=1 1936 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1937 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1938 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1939 if [ $ret != 0 ]; then echo_i "failed"; fi 1940 status=$((status+ret)) 1941 1942 # Allow stale-refresh-time to be activated. 1943 n=$((n+1)) 1944 ret=0 1945 echo_i "wait until resolver query times out, activating stale-refresh-time" 1946 wait_for_log 15 "data.example resolver failure, stale answer used" ns3/named.run || ret=1 1947 if [ $ret != 0 ]; then echo_i "failed"; fi 1948 status=$((status+ret)) 1949 1950 n=$((n+1)) 1951 ret=0 1952 echo_i "check stale data.example comes from cache within stale-refresh-time (stale-answer-client-timeout 0 stale-refresh-time 4) ($n)" 1953 nextpart ns3/named.run > /dev/null 1954 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1955 wait_for_log 5 "data.example query within stale refresh time" ns3/named.run || ret=1 1956 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1957 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1958 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1959 if [ $ret != 0 ]; then echo_i "failed"; fi 1960 status=$((status+ret)) 1961 1962 n=$((n+1)) 1963 echo_i "enable responses from authoritative server ($n)" 1964 ret=0 1965 $DIG -p ${PORT} @10.53.0.2 txt enable > dig.out.test$n 1966 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1967 grep "TXT.\"1\"" dig.out.test$n > /dev/null || ret=1 1968 if [ $ret != 0 ]; then echo_i "failed"; fi 1969 status=$((status+ret)) 1970 1971 # We give BIND some time to ensure that after we enable authoritative server, 1972 # this RRset is still not refreshed because it was hit during 1973 # stale-refresh-time window. 1974 sleep 1 1975 1976 n=$((n+1)) 1977 ret=0 1978 echo_i "check stale data.example was not refreshed (stale-answer-client-timeout 0 stale-refresh-time 4) ($n)" 1979 nextpart ns3/named.run > /dev/null 1980 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1981 wait_for_log 5 "data.example query within stale refresh time" ns3/named.run || ret=1 1982 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1983 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1984 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1985 if [ $ret != 0 ]; then echo_i "failed"; fi 1986 status=$((status+ret)) 1987 1988 # After the refresh-time-window, the RRset will be refreshed. 1989 sleep 4 1990 1991 n=$((n+1)) 1992 ret=0 1993 echo_i "check stale data.example comes from cache (stale-answer-client-timeout 0 stale-refresh-time 4) ($n)" 1994 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 1995 wait_for_log 5 "data.example stale answer used, an attempt to refresh the RRset" ns3/named.run || ret=1 1996 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 1997 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 1998 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 1999 if [ $ret != 0 ]; then echo_i "failed"; fi 2000 status=$((status+ret)) 2001 2002 n=$((n+1)) 2003 ret=0 2004 echo_i "check stale data.example was refreshed (stale-answer-client-timeout 0 stale-refresh-time 4) ($n)" 2005 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 2006 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 2007 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 2008 grep "data\.example\..*[12].*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 2009 if [ $ret != 0 ]; then echo_i "failed"; fi 2010 status=$((status+ret)) 2011 2012 #################################################################### 2013 # Test serve-stale's interaction with fetch limits (cache only) # 2014 ################################################################# 2015 echo_i "test serve-stale's interaction with fetch-limits (cache only)" 2016 2017 # We update the named configuration to enable fetch-limits. The fetch-limits 2018 # are set to 1, which is ridiciously low, but that is because for this test we 2019 # want to reach the fetch-limits. 2020 n=$((n+1)) 2021 echo_i "updating ns3/named.conf ($n)" 2022 ret=0 2023 copy_setports ns3/named6.conf.in ns3/named.conf 2024 if [ $ret != 0 ]; then echo_i "failed"; fi 2025 status=$((status+ret)) 2026 2027 n=$((n+1)) 2028 echo_i "running 'rndc reload' ($n)" 2029 ret=0 2030 rndc_reload ns3 10.53.0.3 2031 if [ $ret != 0 ]; then echo_i "failed"; fi 2032 status=$((status+ret)) 2033 2034 # Disable responses from authoritative server. If we can't resolve the example 2035 # zone, fetch limits will be reached. 2036 n=$((n+1)) 2037 echo_i "disable responses from authoritative server ($n)" 2038 ret=0 2039 $DIG -p ${PORT} @10.53.0.2 txt disable > dig.out.test$n 2040 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 2041 grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 2042 if [ $ret != 0 ]; then echo_i "failed"; fi 2043 status=$((status+ret)) 2044 2045 # Allow RRset to become stale. 2046 sleep 2 2047 2048 # Turn on serve-stale. 2049 n=$((n+1)) 2050 echo_i "running 'rndc serve-stale on' ($n)" 2051 ret=0 2052 $RNDCCMD 10.53.0.3 serve-stale on || ret=1 2053 if [ $ret != 0 ]; then echo_i "failed"; fi 2054 status=$((status+ret)) 2055 2056 n=$((n+1)) 2057 echo_i "check 'rndc serve-stale status' ($n)" 2058 ret=0 2059 $RNDCCMD 10.53.0.3 serve-stale status > rndc.out.test$n 2>&1 || ret=1 2060 grep '_default: on (rndc) (stale-answer-ttl=3 max-stale-ttl=3600 stale-refresh-time=4)' rndc.out.test$n > /dev/null || ret=1 2061 if [ $ret != 0 ]; then echo_i "failed"; fi 2062 status=$((status+ret)) 2063 2064 # Hit the fetch-limits. We burst the name server with a small batch of queries. 2065 # Only 2 queries are required to hit the fetch-limits. The first query will 2066 # start to resolve, the second one hit the fetch-limits. 2067 burst() { 2068 num=${1} 2069 rm -f burst.input.$$ 2070 while [ $num -gt 0 ]; do 2071 num=`expr $num - 1` 2072 echo "fetch${num}.example A" >> burst.input.$$ 2073 done 2074 $PERL ../ditch.pl -p ${PORT} -s 10.53.0.3 burst.input.$$ 2075 rm -f burst.input.$$ 2076 } 2077 2078 wait_for_fetchlimits() { 2079 burst 2 2080 # We expect a query for nx.example to fail because fetch-limits for 2081 # the domain 'example.' (and everything below) has been reached. 2082 $DIG -p ${PORT} +tries=1 +timeout=1 @10.53.0.3 nx.example > dig.out.test$n 2083 grep "status: SERVFAIL" dig.out.test$n > /dev/null || return 1 2084 } 2085 2086 n=$((n+1)) 2087 echo_i "hit fetch limits ($n)" 2088 ret=0 2089 retry_quiet 10 wait_for_fetchlimits || ret=1 2090 if [ $ret != 0 ]; then echo_i "failed"; fi 2091 status=$((status+ret)) 2092 2093 # Expect stale data now (because fetch-limits for the domain 'example.' (and 2094 # everything below) has been reached. But we have a stale RRset for 2095 # 'data.example/TXT' that can be used. 2096 n=$((n+1)) 2097 ret=0 2098 echo_i "check stale data.example comes from cache (fetch-limits) ($n)" 2099 nextpart ns3/named.run > /dev/null 2100 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 2101 wait_for_log 5 "data.example resolver failure, stale answer used" ns3/named.run || ret=1 2102 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 2103 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 2104 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 2105 if [ $ret != 0 ]; then echo_i "failed"; fi 2106 status=$((status+ret)) 2107 2108 # The previous query should not have started the stale-refresh-time window. 2109 n=$((n+1)) 2110 ret=0 2111 echo_i "check stale data.example comes from cache again (fetch-limits) ($n)" 2112 nextpart ns3/named.run > /dev/null 2113 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$n 2114 wait_for_log 5 "data.example resolver failure, stale answer used" ns3/named.run || ret=1 2115 grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 2116 grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 2117 grep "data\.example\..*3.*IN.*TXT.*A text record with a 2 second ttl" dig.out.test$n > /dev/null || ret=1 2118 if [ $ret != 0 ]; then echo_i "failed"; fi 2119 status=$((status+ret)) 2120 2121 ######################################################################## 2122 # Test serve-stale's interaction with fetch limits (dual-mode) # 2123 ######################################################################## 2124 echo_i "test serve-stale's interaction with fetch limits (dual-mode)" 2125 2126 # Update named configuration so that ns3 becomes a recursive resolver which is 2127 # also a secondary server for the root zone. 2128 n=$((n+1)) 2129 echo_i "updating ns3/named.conf ($n)" 2130 ret=0 2131 copy_setports ns3/named7.conf.in ns3/named.conf 2132 if [ $ret != 0 ]; then echo_i "failed"; fi 2133 status=$((status+ret)) 2134 2135 n=$((n+1)) 2136 echo_i "running 'rndc reload' ($n)" 2137 ret=0 2138 rndc_reload ns3 10.53.0.3 2139 if [ $ret != 0 ]; then echo_i "failed"; fi 2140 status=$((status+ret)) 2141 2142 # Flush the cache to ensure the example/NS RRset cached during previous tests 2143 # does not override the authoritative delegation found in the root zone. 2144 n=$((n+1)) 2145 echo_i "flush cache ($n)" 2146 ret=0 2147 $RNDCCMD 10.53.0.3 flush > rndc.out.test$n 2>&1 || ret=1 2148 if [ $ret != 0 ]; then echo_i "failed"; fi 2149 status=$((status+ret)) 2150 2151 # Query name server with low fetch limits. The authoritative server (ans2) is 2152 # not responding. Sending queries for multiple names in the 'example' zone 2153 # in parallel causes the fetch limit for that zone (set to 1) to be 2154 # reached. This should not trigger a crash. 2155 echo_i "sending queries for tests $((n+1))-$((n+4))..." 2156 $DIG -p ${PORT} @10.53.0.3 data.example TXT > dig.out.test$((n+1)) & 2157 $DIG -p ${PORT} @10.53.0.3 othertype.example CAA > dig.out.test$((n+2)) & 2158 $DIG -p ${PORT} @10.53.0.3 nodata.example TXT > dig.out.test$((n+3)) & 2159 $DIG -p ${PORT} @10.53.0.3 nxdomain.example TXT > dig.out.test$((n+4)) 2160 2161 wait 2162 2163 # Expect SERVFAIL for the entries not in cache. 2164 n=$((n+1)) 2165 echo_i "check stale data.example (fetch-limits dual-mode) ($n)" 2166 ret=0 2167 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 2168 if [ $ret != 0 ]; then echo_i "failed"; fi 2169 status=$((status+ret)) 2170 2171 n=$((n+1)) 2172 echo_i "check stale othertype.example (fetch-limits dual-mode) ($n)" 2173 ret=0 2174 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 2175 if [ $ret != 0 ]; then echo_i "failed"; fi 2176 status=$((status+ret)) 2177 2178 n=$((n+1)) 2179 echo_i "check stale nodata.example (fetch-limits dual-mode) ($n)" 2180 ret=0 2181 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 2182 if [ $ret != 0 ]; then echo_i "failed"; fi 2183 status=$((status+ret)) 2184 2185 n=$((n+1)) 2186 echo_i "check stale nxdomain.example (fetch-limits dual-mode) ($n)" 2187 ret=0 2188 grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 2189 if [ $ret != 0 ]; then echo_i "failed"; fi 2190 status=$((status+ret)) 2191 2192 echo_i "exit status: $status" 2193 [ $status -eq 0 ] || exit 1 2194
Indexes created Tue Mar 31 00:22:50 UTC 2026