val_qds_badanc.rpl revision 1.1.1.3
1; config options 2; The island of trust is at example.com 3server: 4 trust-anchor: "sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3" 5 val-override-date: "20070916134226" 6 target-fetch-policy: "0 0 0 0 0" 7 qname-minimisation: "no" 8 fake-sha1: yes 9 10stub-zone: 11 name: "." 12 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 13CONFIG_END 14 15SCENARIO_BEGIN Test validator with DS query and a bad anchor 16; The anchor is the wrong side of the zone cut; no parent anchor. 17 18; K.ROOT-SERVERS.NET. 19RANGE_BEGIN 0 100 20 ADDRESS 193.0.14.129 21ENTRY_BEGIN 22MATCH opcode qtype qname 23ADJUST copy_id 24REPLY QR NOERROR 25SECTION QUESTION 26. IN NS 27SECTION ANSWER 28. IN NS K.ROOT-SERVERS.NET. 29SECTION ADDITIONAL 30K.ROOT-SERVERS.NET. IN A 193.0.14.129 31ENTRY_END 32 33ENTRY_BEGIN 34MATCH opcode qtype qname 35ADJUST copy_id 36REPLY QR NOERROR 37SECTION QUESTION 38sub.example.com. IN DS 39SECTION AUTHORITY 40com. IN NS a.gtld-servers.net. 41SECTION ADDITIONAL 42a.gtld-servers.net. IN A 192.5.6.30 43ENTRY_END 44RANGE_END 45 46; a.gtld-servers.net. 47RANGE_BEGIN 0 100 48 ADDRESS 192.5.6.30 49ENTRY_BEGIN 50MATCH opcode qtype qname 51ADJUST copy_id 52REPLY QR NOERROR 53SECTION QUESTION 54com. IN NS 55SECTION ANSWER 56com. IN NS a.gtld-servers.net. 57SECTION ADDITIONAL 58a.gtld-servers.net. IN A 192.5.6.30 59ENTRY_END 60 61ENTRY_BEGIN 62MATCH opcode qtype qname 63ADJUST copy_id 64REPLY QR NOERROR 65SECTION QUESTION 66sub.example.com. IN DS 67SECTION AUTHORITY 68example.com. IN NS ns.example.com. 69SECTION ADDITIONAL 70ns.example.com. IN A 1.2.3.4 71ENTRY_END 72RANGE_END 73 74; ns.example.com. 75RANGE_BEGIN 0 100 76 ADDRESS 1.2.3.4 77ENTRY_BEGIN 78MATCH opcode qtype qname 79ADJUST copy_id 80REPLY QR NOERROR 81SECTION QUESTION 82example.com. IN NS 83SECTION ANSWER 84example.com. IN NS ns.example.com. 85example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 86SECTION ADDITIONAL 87ns.example.com. IN A 1.2.3.4 88ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 89ENTRY_END 90 91; response to DNSKEY priming query 92ENTRY_BEGIN 93MATCH opcode qtype qname 94ADJUST copy_id 95REPLY QR NOERROR 96SECTION QUESTION 97example.com. IN DNSKEY 98SECTION ANSWER 99example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b} 100example.com. 3600 IN RRSIG DNSKEY DSA 2 3600 20070926134150 20070829134150 2854 example.com. MCwCFBQRtlR4BEv9ohi+PGFjp+AHsJuHAhRCvz0shggvnvI88DFnBDCczHUcVA== ;{id = 2854} 101SECTION AUTHORITY 102example.com. IN NS ns.example.com. 103example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 104SECTION ADDITIONAL 105ns.example.com. IN A 1.2.3.4 106ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 107ENTRY_END 108 109; response for delegation to sub.example.com. 110ENTRY_BEGIN 111MATCH opcode qtype qname 112ADJUST copy_id 113REPLY QR NOERROR 114SECTION QUESTION 115www.sub.example.com. IN A 116SECTION ANSWER 117SECTION AUTHORITY 118sub.example.com. IN NS ns.sub.example.com. 119sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 120sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 121SECTION ADDITIONAL 122ns.sub.example.com. IN A 1.2.3.6 123ENTRY_END 124 125; response for delegation to sub.example.com. 126ENTRY_BEGIN 127MATCH opcode qtype qname 128ADJUST copy_id 129REPLY QR NOERROR 130SECTION QUESTION 131sub.example.com. IN DNSKEY 132SECTION ANSWER 133SECTION AUTHORITY 134sub.example.com. IN NS ns.sub.example.com. 135sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 136sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 137SECTION ADDITIONAL 138ns.sub.example.com. IN A 1.2.3.6 139ENTRY_END 140 141; response to DS query 142ENTRY_BEGIN 143MATCH opcode qtype qname 144ADJUST copy_id 145REPLY QR NOERROR 146SECTION QUESTION 147sub.example.com. IN DS 148SECTION ANSWER 149sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 150sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 151SECTION AUTHORITY 152example.com. IN NS ns.example.com. 153example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 154SECTION ADDITIONAL 155ns.example.com. IN A 1.2.3.4 156ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 157ENTRY_END 158RANGE_END 159 160; ns.sub.example.com. 161RANGE_BEGIN 0 100 162 ADDRESS 1.2.3.6 163 164; response to DNSKEY priming query 165; sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 166ENTRY_BEGIN 167MATCH opcode qtype qname 168ADJUST copy_id 169REPLY QR NOERROR 170SECTION QUESTION 171sub.example.com. IN DNSKEY 172SECTION ANSWER 173sub.example.com. 3600 IN DNSKEY 256 3 5 AQPQ41chR9DEHt/aIzIFAqanbDlRflJoRs5yz1jFsoRIT7dWf0r+PeDuewdxkszNH6wnU4QL8pfKFRh5PIYVBLK3 ;{id = 30899 (zsk), size = 512b} 174sub.example.com. 3600 IN RRSIG DNSKEY 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. uNGp99iznjD7oOX02XnQbDnbg75UwBHRvZSKYUorTKvPUnCWMHKdRsQ+mf+Fx3GZ+Fz9BVjoCmQqpnfgXLEYqw== ;{id = 30899} 175SECTION AUTHORITY 176sub.example.com. IN NS ns.sub.example.com. 177sub.example.com. 3600 IN RRSIG NS 5 3 3600 20070926134150 20070829134150 30899 sub.example.com. wcpHeBILHfo8C9uxMhcW03gcURZeUffiKdSTb50ZjzTHgMNhRyMfpcvSpXEd9548A9UTmWKeLZChfr5Z/glONw== ;{id = 30899} 178SECTION ADDITIONAL 179ns.sub.example.com. IN A 1.2.3.6 180ns.sub.example.com. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. UF7shD/gt1FOp2UHgLTNbPzVykklSXFMEtJ1xD+Hholwf/PIzd7zoaIttIYibNa4fUXCqMg22H9P7MRhfmFe6g== ;{id = 30899} 181ENTRY_END 182 183; response to query of interest 184ENTRY_BEGIN 185MATCH opcode qtype qname 186ADJUST copy_id 187REPLY QR NOERROR 188SECTION QUESTION 189www.sub.example.com. IN A 190SECTION ANSWER 191www.sub.example.com. IN A 11.11.11.11 192www.sub.example.com. 3600 IN RRSIG A 5 4 3600 20070926134150 20070829134150 30899 sub.example.com. 0DqqRfRtm7VSEQ4mmBbzrKRqQAay3JAE8DPDGmjtokrrjN9F1G/HxozDV7bjdIh2EChlQea8FPwf/GepJMUVxg== ;{id = 30899} 193SECTION AUTHORITY 194SECTION ADDITIONAL 195ENTRY_END 196RANGE_END 197 198STEP 1 QUERY 199ENTRY_BEGIN 200REPLY RD DO 201SECTION QUESTION 202sub.example.com. IN DS 203ENTRY_END 204 205; recursion happens here. 206STEP 10 CHECK_ANSWER 207ENTRY_BEGIN 208MATCH all 209REPLY QR RD RA DO NOERROR 210SECTION QUESTION 211sub.example.com. IN DS 212SECTION ANSWER 213sub.example.com. 3600 IN DS 30899 RSASHA1 1 f7ed618f24d5e5202927e1d27bc2e84a141cb4b3 214sub.example.com. 3600 IN RRSIG DS 3 3 3600 20070926134150 20070829134150 2854 example.com. MCwCFCW3ix0GD4BSvNLWIbROCJt5DAW9AhRt/kg9kBKJ20UBUdumrBUHqnskdA== ;{id = 2854} 215SECTION AUTHORITY 216example.com. IN NS ns.example.com. 217example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854} 218SECTION ADDITIONAL 219ns.example.com. IN A 1.2.3.4 220ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854} 221ENTRY_END 222 223SCENARIO_END 224