1; config options 2server: 3 target-fetch-policy: "0 0 0 0 0" 4 minimal-responses: no 5 6stub-zone: 7 name: "." 8 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 9CONFIG_END 10 11SCENARIO_BEGIN Test resolver with a domain sale 12; and the old operator is nasty, keeps running his server with the old data. 13; and lots of lookups keep going towards the domain. 14; eventually, the NS record has to timeout. 15 16; K.ROOT-SERVERS.NET. 17RANGE_BEGIN 0 100 18 ADDRESS 193.0.14.129 19ENTRY_BEGIN 20MATCH opcode qtype qname 21ADJUST copy_id 22REPLY QR NOERROR 23SECTION QUESTION 24. IN NS 25SECTION ANSWER 26. IN NS K.ROOT-SERVERS.NET. 27SECTION ADDITIONAL 28K.ROOT-SERVERS.NET. IN A 193.0.14.129 29ENTRY_END 30 31ENTRY_BEGIN 32MATCH opcode subdomain 33ADJUST copy_id copy_query 34REPLY QR NOERROR 35SECTION QUESTION 36com. IN A 37SECTION AUTHORITY 38com. IN NS a.gtld-servers.net. 39SECTION ADDITIONAL 40a.gtld-servers.net. IN A 192.5.6.30 41ENTRY_END 42RANGE_END 43 44; a.gtld-servers.net. (before sale of domain) 45RANGE_BEGIN 0 20 46 ADDRESS 192.5.6.30 47ENTRY_BEGIN 48MATCH opcode qtype qname 49ADJUST copy_id 50REPLY QR NOERROR 51SECTION QUESTION 52com. IN NS 53SECTION ANSWER 54com. IN NS a.gtld-servers.net. 55SECTION ADDITIONAL 56a.gtld-servers.net. IN A 192.5.6.30 57ENTRY_END 58 59ENTRY_BEGIN 60MATCH opcode subdomain 61ADJUST copy_id copy_query 62REPLY QR NOERROR 63SECTION QUESTION 64example.com. IN A 65SECTION AUTHORITY 66example.com. IN NS ns.example.com. 67SECTION ADDITIONAL 68ns.example.com. IN A 1.2.3.4 69ENTRY_END 70RANGE_END 71 72; a.gtld-servers.net. (after sale of domain) 73RANGE_BEGIN 30 200 74 ADDRESS 192.5.6.30 75ENTRY_BEGIN 76MATCH opcode qtype qname 77ADJUST copy_id 78REPLY QR NOERROR 79SECTION QUESTION 80com. IN NS 81SECTION ANSWER 82com. IN NS a.gtld-servers.net. 83SECTION ADDITIONAL 84a.gtld-servers.net. IN A 192.5.6.30 85ENTRY_END 86 87ENTRY_BEGIN 88MATCH opcode subdomain 89ADJUST copy_id copy_query 90REPLY QR NOERROR 91SECTION QUESTION 92example.com. IN A 93SECTION AUTHORITY 94example.com. IN NS ns.example.com. 95SECTION ADDITIONAL 96ns.example.com. IN A 8.8.8.8 97ENTRY_END 98RANGE_END 99 100; ns.example.com. first owner 101RANGE_BEGIN 0 200 102 ADDRESS 1.2.3.4 103ENTRY_BEGIN 104MATCH opcode qtype qname 105ADJUST copy_id 106REPLY QR AA NOERROR 107SECTION QUESTION 108example.com. IN NS 109SECTION ANSWER 110example.com. IN NS ns.example.com. 111SECTION ADDITIONAL 112ns.example.com. IN A 1.2.3.4 113ENTRY_END 114 115ENTRY_BEGIN 116MATCH opcode qname 117ADJUST copy_id copy_query 118REPLY QR AA NOERROR 119SECTION QUESTION 120www.example.com. IN A 121SECTION ANSWER 122www.example.com. 3600 IN A 10.20.30.40 123SECTION AUTHORITY 124example.com. 3600 IN NS ns.example.com. 125SECTION ADDITIONAL 126ns.example.com. 3600 IN A 1.2.3.4 127ENTRY_END 128 129; nxdomains for any name,type 130; last in RANGE so that it matches everything left over. 131; it includes the NS record. 132ENTRY_BEGIN 133MATCH opcode 134ADJUST copy_id copy_query 135REPLY QR AA NXDOMAIN 136SECTION QUESTION 137www.example.com. IN A 138SECTION ANSWER 139SECTION AUTHORITY 140example.com. 3600 IN SOA a. b. 1 2 3 4 5 141example.com. 3600 IN NS ns.example.com. 142SECTION ADDITIONAL 143ns.example.com. 3600 IN A 1.2.3.4 144ENTRY_END 145RANGE_END 146 147; ns.example.com. new owner 148RANGE_BEGIN 0 200 149 ADDRESS 8.8.8.8 150ENTRY_BEGIN 151MATCH opcode qtype qname 152ADJUST copy_id 153REPLY QR AA NOERROR 154SECTION QUESTION 155example.com. IN NS 156SECTION ANSWER 157example.com. IN NS ns.example.com. 158SECTION ADDITIONAL 159ns.example.com. IN A 8.8.8.8 160ENTRY_END 161 162ENTRY_BEGIN 163MATCH opcode qtype qname 164ADJUST copy_id 165REPLY QR AA NOERROR 166SECTION QUESTION 167www.example.com. IN A 168SECTION ANSWER 169www.example.com. 3600 IN A 88.88.88.88 170SECTION AUTHORITY 171example.com. 3600 IN NS ns.example.com. 172SECTION ADDITIONAL 173ns.example.com. 3600 IN A 8.8.8.8 174ENTRY_END 175RANGE_END 176 177; Fetch the old record from the old owner. 178STEP 1 QUERY 179ENTRY_BEGIN 180REPLY RD 181SECTION QUESTION 182www.example.com. IN A 183ENTRY_END 184; recursion happens here. 185STEP 5 CHECK_ANSWER 186ENTRY_BEGIN 187MATCH all ttl 188REPLY QR RD RA NOERROR 189SECTION QUESTION 190www.example.com. IN A 191SECTION ANSWER 192www.example.com. 3600 IN A 10.20.30.40 193SECTION AUTHORITY 194example.com. 3600 IN NS ns.example.com. 195SECTION ADDITIONAL 196ns.example.com. 3600 IN A 1.2.3.4 197ENTRY_END 198 199; the domain is sold (right at this time). 200; but the information stays in the cache. 201 202; after 1800 secs still the cached answer 203STEP 20 TIME_PASSES ELAPSE 1800 204 205STEP 30 QUERY 206ENTRY_BEGIN 207REPLY RD 208SECTION QUESTION 209www.example.com. IN A 210ENTRY_END 211; recursion happens here. 212STEP 40 CHECK_ANSWER 213ENTRY_BEGIN 214MATCH all ttl 215REPLY QR RD RA NOERROR 216SECTION QUESTION 217www.example.com. IN A 218SECTION ANSWER 219www.example.com. 1800 IN A 10.20.30.40 220SECTION AUTHORITY 221example.com. 1800 IN NS ns.example.com. 222SECTION ADDITIONAL 223ns.example.com. 1800 IN A 1.2.3.4 224ENTRY_END 225 226; and ask another query 227STEP 50 QUERY 228ENTRY_BEGIN 229REPLY RD 230SECTION QUESTION 231nx1.example.com. IN A 232ENTRY_END 233; recursion happens here. 234STEP 60 CHECK_ANSWER 235ENTRY_BEGIN 236MATCH all ttl 237REPLY QR RD RA NXDOMAIN 238SECTION QUESTION 239nx1.example.com. IN A 240SECTION ANSWER 241SECTION AUTHORITY 242; at TTL 5 because TTL is capped at min-ttl of 5 in rdata of SOA 243example.com. 5 IN SOA a. b. 1 2 3 4 5 244;example.com. 1800 IN NS ns.example.com. 245SECTION ADDITIONAL 246;ns.example.com. 1800 IN A 1.2.3.4 247ENTRY_END 248 249; after another 1900 seconds the domain must have timed out. 250STEP 70 TIME_PASSES ELAPSE 1900 251 252; the NS record should have timed out. 253STEP 80 QUERY 254ENTRY_BEGIN 255REPLY RD 256SECTION QUESTION 257www.example.com. IN A 258ENTRY_END 259; recursion happens here. 260STEP 90 CHECK_ANSWER 261ENTRY_BEGIN 262MATCH all ttl 263REPLY QR RD RA NOERROR 264SECTION QUESTION 265www.example.com. IN A 266SECTION ANSWER 267www.example.com. 3600 IN A 88.88.88.88 268SECTION AUTHORITY 269example.com. 3600 IN NS ns.example.com. 270SECTION ADDITIONAL 271ns.example.com. 3600 IN A 8.8.8.8 272ENTRY_END 273 274SCENARIO_END 275