1 ; Test subnet option in combination with dnssec
2 ; Client asks for subnet data
5 trust-anchor: "example.com. 3600 IN DS 2854 3 1 46e4ffc6e9a4793b488954bd3f0cc6af0dfb201b"
6 val-override-date: "20070916134226"
7 trust-anchor-signaling: no
8 target-fetch-policy: "0 0 0 0 0"
9 send-client-subnet: 1.2.3.4
10 max-client-subnet-ipv4: 17
11 module-config: "subnetcache validator iterator"
15 qname-minimisation: "no"
20 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET.
23 SCENARIO_BEGIN Test validator with positive response
29 MATCH opcode qtype qname ednsdata
35 . IN NS K.ROOT-SERVERS.NET.
38 ;; we expect to receive empty
40 K.ROOT-SERVERS.NET. IN A 193.0.14.129
44 MATCH opcode qtype qname
50 com. IN NS a.gtld-servers.net.
52 a.gtld-servers.net. IN A 192.5.6.30
60 MATCH opcode qtype qname ednsdata
66 com. IN NS a.gtld-servers.net.
69 ;; we expect to receive empty
71 a.gtld-servers.net. IN A 192.5.6.30
75 MATCH opcode qtype qname
81 example.com. IN NS ns.example.com.
83 ns.example.com. IN A 1.2.3.4
91 MATCH opcode qtype qname ednsdata
97 example.com. IN NS ns.example.com.
98 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
101 ;; we expect to receive empty
103 ns.example.com. IN A 1.2.3.4
104 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
107 ; response to DNSKEY priming query
109 MATCH opcode qtype qname ednsdata
113 example.com. IN DNSKEY
115 example.com. 3600 IN DNSKEY 256 3 3 ALXLUsWqUrY3JYER3T4TBJII s70j+sDS/UT2QRp61SE7S3E EXopNXoFE73JLRmvpi/UrOO/Vz4Se 6wXv/CYCKjGw06U4WRgR YXcpEhJROyNapmdIKSx hOzfLVE1gqA0PweZR8d tY3aNQSRn3sPpwJr6Mi /PqQKAMMrZ9ckJpf1+b QMOOvxgzz2U1GS18b3y ZKcgTMEaJzd/GZYzi/B N2DzQ0MsrSwYXfsNLFO Bbs8PJMW4LYIxeeOe6rUgkWOF 7CC9Dh/dduQ1QrsJhmZAEFfd6ByYV+ ;{id = 2854 (zsk), size = 1688b}
116 example.com. 3600 IN RRSIG DNSKEY 3 2 3600 20070926134802 20070829134802 2854 example.com. MCwCFG1yhRNtTEa3Eno2zhVVuy2EJX3wAhQeLyUp6+UXcpC5qGNu9tkrTEgPUg== ;{id = 2854}
118 example.com. IN NS ns.example.com.
119 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
122 ;; we expect to receive empty
124 ns.example.com. IN A 1.2.3.4
125 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926135752 20070829135752 2854 example.com. MC0CFQCMSWxVehgOQLoYclB9PIAbNP229AIUeH0vNNGJhjnZiqgIOKvs1EhzqAo= ;{id = 2854}
128 ; response to query of interest
130 MATCH opcode qtype qname ednsdata
134 www.example.com. IN A
136 www.example.com. IN A 10.20.30.40
137 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}
139 example.com. IN NS ns.example.com.
140 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
143 ; client is 127.0.0.1
145 00 07 ; option length
147 11 00 ; source mask, scopemask
150 ns.example.com. IN A 1.2.3.4
151 www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
158 00 00 01 00 00 01 00 00 ;ID 0
159 00 00 00 01 03 77 77 77 ; www.example.com A? (DO)
160 07 65 78 61 6d 70 6c 65
161 03 63 6f 6d 00 00 01 00
162 01 00 00 29 10 00 00 00
165 00 08 00 07 ; OPC, optlen
166 00 01 11 00 ; ip4, scope 17, source 0
167 7f 00 00 ;127.0.0.0/17
173 ; recursion happens here.
177 REPLY QR RD RA AD NOERROR
179 www.example.com. IN A
181 www.example.com. IN A 10.20.30.40
182 www.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFC99iE9K5y2WNgI0gFvBWaTi9wm6AhUAoUqOpDtG5Zct+Qr9F3mSdnbc6V4= ;{id = 2854}
184 example.com. IN NS ns.example.com.
185 example.com. 3600 IN RRSIG NS 3 2 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCN+qHdJxoI/2tNKwsb08pra/G7aAIUAWA5sDdJTbrXA1/3OaesGBAO3sI= ;{id = 2854}
188 ; client is 127.0.0.1
190 00 07 ; option length
192 11 00 ; source mask, scopemask
195 ns.example.com. IN A 1.2.3.4
196 ns.example.com. 3600 IN RRSIG A 3 3 3600 20070926134150 20070829134150 2854 example.com. MC0CFQCQMyTjn7WWwpwAR1LlVeLpRgZGuQIUCcJDEkwAuzytTDRlYK7nIMwH1CM= ;{id = 2854}