1 ; Test subnet option in combination with dnssec
2 ; Client asks for subnet data
5 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
6 val-override-date: "20070916134226"
7 target-fetch-policy: "0 0 0 0 0"
8 send-client-subnet: 1.2.3.4
9 max-client-subnet-ipv4: 17
10 module-config: "subnetcache validator iterator"
15 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
18 SCENARIO_BEGIN Test validator with positive response
24 MATCH opcode qtype qname ednsdata
30 . IN NS K.ROOT-SERVERS.NET.
33 ;; we expect to receive empty
35 K.ROOT-SERVERS.NET. IN A 193.0.14.129
39 MATCH opcode qtype qname
45 com. IN NS a.gtld-servers.net.
47 a.gtld-servers.net. IN A 192.5.6.30
55 MATCH opcode qtype qname ednsdata
61 com. IN NS a.gtld-servers.net.
64 ;; we expect to receive empty
66 a.gtld-servers.net. IN A 192.5.6.30
70 MATCH opcode qtype qname
76 example.com. IN NS ns.example.com.
78 ns.example.com. IN A 1.2.3.4
86 MATCH opcode qtype qname ednsdata
92 example.com. IN NS ns.example.com.
93 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
96 ;; we expect to receive empty
98 ns.example.com. IN A 1.2.3.4
99 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
102 ; response to DNSKEY priming query
104 MATCH opcode qtype qname ednsdata
108 example.com. IN DNSKEY
110 example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
111 example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
113 example.com. IN NS ns.example.com.
114 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
117 ;; we expect to receive empty
119 ns.example.com. IN A 1.2.3.4
120 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
123 ; response to query of interest
125 MATCH opcode qtype qname ednsdata
129 www.example.com. IN A
131 www.example.com. IN A 10.20.30.40
132 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
134 example.com. IN NS ns.example.com.
135 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
138 ; client is 127.0.0.1
140 00 07 ; option length
142 11 00 ; source mask, scopemask
145 ns.example.com. IN A 1.2.3.4
146 www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
153 00 00 01 00 00 01 00 00 ;ID 0
154 00 00 00 01 03 77 77 77 ; www.example.com A? (DO)
155 07 65 78 61 6d 70 6c 65
156 03 63 6f 6d 00 00 01 00
157 01 00 00 29 10 00 00 00
160 00 08 00 07 ; OPC, optlen
161 00 01 11 00 ; ip4, scope 17, source 0
162 7f 00 00 ;127.0.0.0/17
168 ; recursion happens here.
172 REPLY QR RD RA AD NOERROR
174 www.example.com. IN A
176 www.example.com. IN A 10.20.30.40
177 www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
179 example.com. IN NS ns.example.com.
180 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
183 ; client is 127.0.0.1
185 00 07 ; option length
187 11 00 ; source mask, scopemask
190 ns.example.com. IN A 1.2.3.4
191 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}