1; Copyright (C) Internet Systems Consortium, Inc. ("ISC") 2; 3; SPDX-License-Identifier: MPL-2.0 4; 5; This Source Code Form is subject to the terms of the Mozilla Public 6; License, v. 2.0. If a copy of the MPL was not distributed with this 7; file, you can obtain one at https://mozilla.org/MPL/2.0/. 8; 9; See the COPYRIGHT file distributed with this work for additional 10; information regarding copyright ownership. 11 12$TTL 300 ; 5 minutes 13@ IN SOA mname1. . ( 14 2000042407 ; serial 15 20 ; refresh (20 seconds) 16 20 ; retry (20 seconds) 17 1814400 ; expire (3 weeks) 18 3600 ; minimum (1 hour) 19 ) 20 NS ns2 21 NS ns3 22ns2 A 10.53.0.2 23ns3 A 10.53.0.3 24 25a A 10.0.0.1 26b A 10.0.0.2 27d A 10.0.0.4 28 29; Used for testing ANY queries 30foo TXT "testing" 31foo A 10.0.1.0 32 33bad-cname CNAME a 34bad-dname DNAME @ 35 36; Used for testing CNAME queries 37cname1 CNAME cname1-target 38cname1-target TXT "testing cname" 39 40cname2 CNAME cname2-target 41cname2-target TXT "testing cname" 42 43; Used for testing DNAME queries 44dname1 DNAME dname1-target 45foo.dname1-target TXT "testing dname" 46 47dname2 DNAME dname2-target 48foo.dname2-target TXT "testing dname" 49 50; A secure subdomain 51secure NS ns3.secure 52ns3.secure A 10.53.0.3 53 54; An insecure subdomain 55insecure NS ns.insecure 56ns.insecure A 10.53.0.3 57 58; A second insecure subdomain 59insecure2 NS ns.insecure2 60ns.insecure2 A 10.53.0.3 61 62; A secure subdomain we're going to inject bogus data into 63bogus NS ns.bogus 64ns.bogus A 10.53.0.3 65 66; A subdomain with a corrupt DS 67badds NS ns.badds 68ns.badds A 10.53.0.3 69 70; A dynamic secure subdomain 71dynamic NS dynamic 72dynamic A 10.53.0.3 73 74; A insecure subdomain 75mustbesecure NS ns.mustbesecure 76ns.mustbesecure A 10.53.0.3 77 78; A subdomain with expired signatures 79expired NS ns.expired 80ns.expired A 10.53.0.3 81 82; A rfc2535 signed zone w/ CNAME 83rfc2535 NS ns.rfc2535 84ns.rfc2535 A 10.53.0.3 85 86z A 10.0.0.26 87 88keyless NS ns.keyless 89ns.keyless A 10.53.0.3 90 91nsec3 NS ns.nsec3 92ns.nsec3 A 10.53.0.3 93 94optout NS ns.optout 95ns.optout A 10.53.0.3 96 97nsec3-unknown NS ns.nsec3-unknown 98ns.nsec3-unknown A 10.53.0.3 99 100optout-unknown NS ns.optout-unknown 101ns.optout-unknown A 10.53.0.3 102 103dnskey-unknown NS ns.dnskey-unknown 104ns.dnskey-unknown A 10.53.0.3 105 106dnskey-unsupported NS ns.dnskey-unsupported 107ns.dnskey-unsupported A 10.53.0.3 108 109dnskey-nsec3-unknown NS ns.dnskey-nsec3-unknown 110ns.dnskey-nsec3-unknown A 10.53.0.3 111 112multiple NS ns.multiple 113ns.multiple A 10.53.0.3 114 115*.wild A 10.0.0.27 116 117rsasha256 NS ns.rsasha256 118ns.rsasha256 A 10.53.0.3 119 120rsasha512 NS ns.rsasha512 121ns.rsasha512 A 10.53.0.3 122 123kskonly NS ns.kskonly 124ns.kskonly A 10.53.0.3 125 126update-nsec3 NS ns.update-nsec3 127ns.update-nsec3 A 10.53.0.3 128 129auto-nsec NS ns.auto-nsec 130ns.auto-nsec A 10.53.0.3 131 132auto-nsec3 NS ns.auto-nsec3 133ns.auto-nsec3 A 10.53.0.3 134 135 136below-cname CNAME some.where.else. 137 138insecure.below-cname NS ns.insecure.below-cname 139ns.insecure.below-cname A 10.53.0.3 140 141secure.below-cname NS ns.secure.below-cname 142ns.secure.below-cname A 10.53.0.3 143 144ttlpatch NS ns.ttlpatch 145ns.ttlpatch A 10.53.0.3 146 147split-dnssec NS ns.split-dnssec 148ns.split-dnssec A 10.53.0.3 149 150split-smart NS ns.split-smart 151ns.split-smart A 10.53.0.3 152 153upper NS ns.upper 154ns.upper A 10.53.0.3 155 156LOWER NS NS.LOWER 157NS.LOWER A 10.53.0.3 158 159expiring NS ns.expiring 160ns.expiring A 10.53.0.3 161 162future NS ns.future 163ns.future A 10.53.0.3 164 165managed-future NS ns.managed-future 166ns.managed-future A 10.53.0.3 167 168revkey NS ns.revkey 169ns.revkey A 10.53.0.3 170 171dname-at-apex-nsec3 NS ns3 172