Tree @c2ee7321-09a1-4ac6-a786-53e54f2790b2/main (Download .tar.gz)
- ..
- 00-lint.tdir
- 01-doc.tdir
- 02-unittest.tdir
- 03-testbound.tdir
- 04-checkconf.tdir
- 05-asynclook.tdir
- 06-ianaports.tdir
- 07-confroot.tdir
- 08-host-lib.tdir
- 09-unbound-control.tdir
- 10-unbound-anchor.tdir
- auth_axfr.tdir
- auth_https.tdir
- clang-analysis.tdir
- ctrl_itr.tdir
- ctrl_pipe.tdir
- dnscrypt_cert.tdir
- dnscrypt_cert_chacha.tdir
- dnstap.tdir
- dnstap_reconnect.tdir
- dnstap_tcp.tdir
- dnstap_tls.tdir
- dnstap_tls_badcert.tdir
- dnstap_tls_badname.tdir
- dnstap_tls_clientauth.tdir
- dnstap_tls_peername.tdir
- doh_downstream.tdir
- doh_downstream_buffer_size.tdir
- doh_downstream_endpoint.tdir
- doh_downstream_notls.tdir
- doh_downstream_post.tdir
- dynlibmod.tdir
- edns_cache.tdir
- fwd_ancil.tdir
- fwd_bogus.tdir
- fwd_capsid.tdir
- fwd_capsid_fallback.tdir
- fwd_capsid_strip.tdir
- fwd_capsid_white.tdir
- fwd_compress_c00c.tdir
- fwd_edns_bksec.tdir
- fwd_edns_probe.tdir
- fwd_malformed.tdir
- fwd_no_edns.tdir
- fwd_oneport.tdir
- fwd_tcp.tdir
- fwd_tcp_tc.tdir
- fwd_tcp_tc6.tdir
- fwd_three.tdir
- fwd_three_service.tdir
- fwd_ttlexpire.tdir
- fwd_udp.tdir
- fwd_udp_with_tcp_upstream.tdir
- fwd_udptmout.tdir
- fwd_waitudp.tdir
- fwd_zero.tdir
- hostsfileosx.tdir
- http_user_agent.tdir
- local_nodefault.tdir
- local_norec.tdir
- local_nosnoop.tdir
- nss_compile.tdir
- padding.tdir
- pylib.tdir
- pymod.tdir
- pymod_thread.tdir
- ratelimit.tdir
- remote-threaded.tdir
- root_anchor.tdir
- root_hints.tdir
- speed_cache.tdir
- speed_local.tdir
- ssl_req_order.tdir
- ssl_req_timeout.tdir
- stat_timer.tdir
- stat_values.tdir
- stream_ssl.tdir
- stream_tcp.tdir
- stub_udp.tdir
- stub_udp6.tdir
- stub_udp_with_tcp_upstream.tdir
- svcb.tdir
- tcp_conn_limit.tdir
- tcp_idle_timeout.tdir
- tcp_req_order.tdir
- tcp_req_size.tdir
- tcp_req_timeout.tdir
- tcp_reuse.tdir
- tcp_sigpipe.tdir
- tls_reuse.tdir
- zonemd_reload.tdir
- acl.rpl
- auth_nsec3_ent.rpl
- auth_nsec3_wild.rpl
- auth_xfr.rpl
- auth_xfr_host.rpl
- auth_xfr_ixfr.rpl
- auth_xfr_ixfrisaxfr.rpl
- auth_xfr_ixfrmismatch.rpl
- auth_xfr_ixfrnotimpl.rpl
- auth_xfr_notify.rpl
- auth_xfr_probesoa.rpl
- auth_zonefile.rpl
- auth_zonefile_dnssec.rpl
- auth_zonefile_dnssec_fail.rpl
- auth_zonefile_down.rpl
- auth_zonefile_noup.rpl
- auth_zonefile_root.rpl
- auth_zonemd_anchor.rpl
- auth_zonemd_anchor_fail.rpl
- auth_zonemd_chain.rpl
- auth_zonemd_chain_fail.rpl
- auth_zonemd_file.rpl
- auth_zonemd_file_fail.rpl
- auth_zonemd_insecure.rpl
- auth_zonemd_insecure_absent.rpl
- auth_zonemd_insecure_absent_reject.rpl
- auth_zonemd_insecure_fail.rpl
- auth_zonemd_nokey.rpl
- auth_zonemd_permissive_mode.rpl
- auth_zonemd_xfr.rpl
- auth_zonemd_xfr_anchor.rpl
- auth_zonemd_xfr_anchor_fail.rpl
- auth_zonemd_xfr_chain.rpl
- auth_zonemd_xfr_chain_fail.rpl
- auth_zonemd_xfr_chain_keyinxfr.rpl
- auth_zonemd_xfr_fail.rpl
- autotrust_10key.rpl
- autotrust_addpend_2exceed.rpl
- autotrust_addpend_early.rpl
- autotrust_addpend_nosign.rpl
- autotrust_addpend_nosignnew.rpl
- autotrust_addpend_once.rpl
- autotrust_addpend_twice.rpl
- autotrust_init.rpl
- autotrust_init_ds.rpl
- autotrust_init_fail.rpl
- autotrust_init_failsig.rpl
- autotrust_init_legacy.rpl
- autotrust_init_sigs.rpl
- autotrust_init_zsk.rpl
- autotrust_missing.rpl
- autotrust_missing_all.rpl
- autotrust_missing_returns.rpl
- autotrust_probefail.rpl
- autotrust_probefailsig.rpl
- autotrust_revoked_use.rpl
- autotrust_revoked_with_invalid.rpl
- autotrust_revtp.rpl
- autotrust_revtp_read.rpl
- autotrust_revtp_use.rpl
- autotrust_rollalgo.rpl
- autotrust_rollalgo_unknown.rpl
- autotrust_rollover.rpl
- autotrust_valid_use.rpl
- black_data.rpl
- black_dnskey.rpl
- black_ds.rpl
- black_ds_entry.rpl
- black_ent.rpl
- black_key_entry.rpl
- black_prime.rpl
- black_prime_entry.rpl
- chaos_trustanchor.rpl
- common.sh
- dns64_lookup.rpl
- domain_insec_ds.rpl
- edns_attached_once_per_upstream.rpl
- edns_client_string.rpl
- edns_client_string_opcode.rpl
- edns_keepalive.rpl
- fetch_glue.rpl
- fetch_glue_cname.rpl
- fwd.rpl
- fwd_0ttlservfail.rpl
- fwd_any.rpl
- fwd_cached.rpl
- fwd_droptoomany.rpl
- fwd_error.rpl
- fwd_error_retries.rpl
- fwd_jostle.rpl
- fwd_jostle_out.rpl
- fwd_lrudrop.rpl
- fwd_minimal.rpl
- fwd_no_cache.rpl
- fwd_notcached.rpl
- fwd_timeout.rpl
- fwd_two.rpl
- host_file.template
- ipsecmod_bogus_ipseckey.crpl
- ipsecmod_enabled.crpl
- ipsecmod_hook.sh
- ipsecmod_ignore_bogus_ipseckey.crpl
- ipsecmod_max_ttl.crpl
- ipsecmod_strict.crpl
- ipsecmod_whitelist.crpl
- iter_class_any.rpl
- iter_cname_cache.rpl
- iter_cname_double.rpl
- iter_cname_nx.rpl
- iter_cname_qnamecopy.rpl
- iter_cycle.rpl
- iter_cycle_noh.rpl
- iter_dname_insec.rpl
- iter_dname_yx.rpl
- iter_dnsseclame_bug.rpl
- iter_dnsseclame_ds.rpl
- iter_dnsseclame_ds_ok.rpl
- iter_dnsseclame_ta.rpl
- iter_dnsseclame_ta_ok.rpl
- iter_domain_sale.rpl
- iter_domain_sale_nschange.rpl
- iter_donotq127.rpl
- iter_dp_turnsuseless.rpl
- iter_ds_locate_ns.rpl
- iter_ds_locate_ns_cname.rpl
- iter_ds_locate_ns_detach.rpl
- iter_ds_locate_ns_nosoa.rpl
- iter_ds_referral.rpl
- iter_ds_reply.rpl
- iter_emptydp.rpl
- iter_emptydp_for_glue.rpl
- iter_fwdfirst.rpl
- iter_fwdfirstequal.rpl
- iter_fwdstub.rpl
- iter_fwdstubroot.rpl
- iter_got6only.rpl
- iter_hint_lame.rpl
- iter_lame_aaaa.rpl
- iter_lame_noaa.rpl
- iter_lame_nosoa.rpl
- iter_lamescrub.rpl
- iter_mod.rpl
- iter_ns_badip.rpl
- iter_ns_spoof.rpl
- iter_pc_a.rpl
- iter_pc_aaaa.rpl
- iter_pcdiff.rpl
- iter_pcdirect.rpl
- iter_pclame.rpl
- iter_pcname.rpl
- iter_pcnamech.rpl
- iter_pcnamechrec.rpl
- iter_pcnamerec.rpl
- iter_pcttl.rpl
- iter_prefetch.rpl
- iter_prefetch_change.rpl
- iter_prefetch_change2.rpl
- iter_prefetch_childns.rpl
- iter_prefetch_fail.rpl
- iter_prefetch_ns.rpl
- iter_primenoglue.rpl
- iter_privaddr.rpl
- iter_ranoaa_lame.rpl
- iter_reclame_one.rpl
- iter_reclame_two.rpl
- iter_recurse.rpl
- iter_req_qname.rpl
- iter_resolve.rpl
- iter_resolve_minimised.rpl
- iter_resolve_minimised_nx.rpl
- iter_resolve_minimised_refused.rpl
- iter_resolve_minimised_timeout.rpl
- iter_scrub_cname_an.rpl
- iter_scrub_dname_insec.rpl
- iter_scrub_dname_rev.rpl
- iter_scrub_dname_sec.rpl
- iter_scrub_ns.rpl
- iter_scrub_ns_fwd.rpl
- iter_scrub_ns_side.rpl
- iter_soamin.rpl
- iter_stub_leak.rpl
- iter_stub_noroot.rpl
- iter_stubfirst.rpl
- iter_stublastresort.rpl
- iter_timeout_ra_aaaa.rpl
- Kexample.com.+003+02854.ds
- Kexample.com.+003+02854.key
- Kexample.com.+003+02854.private
- Kexample.com.+005+16486.ds
- Kexample.com.+005+16486.key
- Kexample.com.+005+16486.private
- Kexample.com.+005+30899.ds
- Kexample.com.+005+30899.key
- Kexample.com.+005+30899.private
- Kexample.com.+005+55582.ds
- Kexample.com.+005+55582.key
- Kexample.com.+005+55582.private
- Kexample.com.+005+60946.ds
- Kexample.com.+005+60946.key
- Kexample.com.+005+60946.private
- Kexample.com.+007+57024.ds
- Kexample.com.+007+57024.key
- Kexample.com.+007+57024.private
- Kexample.com.+008+01443.ds
- Kexample.com.+008+01443.key
- Kexample.com.+008+01443.private
- Kexample.com.+008+29332.ds
- Kexample.com.+008+29332.key
- Kexample.com.+008+29332.private
- Kexample.com.+008+55566.ds
- Kexample.com.+008+55566.key
- Kexample.com.+008+55566.private
- Kexample.com.+009+48886.ds
- Kexample.com.+009+48886.key
- Kexample.com.+009+48886.private
- Kexample.com.+012+60385.ds
- Kexample.com.+012+60385.key
- Kexample.com.+012+60385.private
- local_acl_override.rpl
- local_acl_taglist.rpl
- local_acl_taglist_action.rpl
- local_cname.rpl
- local_ds.rpl
- local_nodefault.rpl
- local_transparent_sametype.rpl
- local_typetransparent.rpl
- localdata.rpl
- net_signed_servfail.rpl
- nomem_cnametopos.rpl
- nsid_ascii.rpl
- nsid_bogus.rpl
- nsid_hex.rpl
- nsid_not_set.rpl
- refuse_xfr.rpl
- root_key_sentinel.rpl
- rpz_axfr.rpl
- rpz_clientip.rpl
- rpz_ixfr.rpl
- rpz_nsdname.rpl
- rpz_nsip.rpl
- rpz_qname.rpl
- rpz_qname_override.rpl
- rpz_qname_tcponly.rpl
- rpz_respip.rpl
- rpz_respip_override.rpl
- rpz_respip_tcponly.rpl
- rpz_rootwc.rpl
- rpz_signal_nxdomain_ra.rpl
- rrset_rettl.rpl
- rrset_untrusted.rpl
- rrset_updated.rpl
- serve_expired.rpl
- serve_expired_client_timeout.rpl
- serve_expired_reply_ttl.rpl
- serve_expired_servfail.rpl
- serve_expired_ttl.rpl
- serve_expired_ttl_client_timeout.rpl
- serve_expired_zerottl.rpl
- serve_original_ttl.rpl
- stop_nxdomain.rpl
- stop_nxdomain_minimised.rpl
- subnet_cached.crpl
- subnet_derived.crpl
- subnet_format_ip4.crpl
- subnet_max_source.crpl
- subnet_not_whitelisted.crpl
- subnet_val_positive.crpl
- subnet_val_positive_client.crpl
- subnet_without_validator.crpl
- test_ds.sha1
- test_ds.sha384
- test_ldnsrr.1
- test_ldnsrr.2
- test_ldnsrr.3
- test_ldnsrr.4
- test_ldnsrr.5
- test_ldnsrr.c1
- test_ldnsrr.c2
- test_ldnsrr.c3
- test_ldnsrr.c4
- test_ldnsrr.c5
- test_nsec3_hash.1
- test_packets.1
- test_packets.2
- test_packets.3
- test_packets.4
- test_packets.5
- test_packets.6
- test_packets.7
- test_packets.8
- test_packets.9
- test_signatures.1
- test_signatures.2
- test_signatures.3
- test_signatures.4
- test_signatures.5
- test_signatures.6
- test_signatures.7
- test_signatures.8
- test_signatures.9
- test_sigs.ecdsa_p256
- test_sigs.ecdsa_p384
- test_sigs.ed25519
- test_sigs.ed448
- test_sigs.gost
- test_sigs.hinfo
- test_sigs.revoked
- test_sigs.rsasha256
- test_sigs.rsasha256_draft
- test_sigs.rsasha512_draft
- test_sigs.sha1_and_256
- trust_cname_chain.rpl
- ttl_max.rpl
- ttl_min.rpl
- ttl_msg.rpl
- val_adbit.rpl
- val_adcopy.rpl
- val_anchor_nx.rpl
- val_anchor_nx_nosig.rpl
- val_ans_dsent.rpl
- val_ans_nx.rpl
- val_any.rpl
- val_any_cname.rpl
- val_any_dname.rpl
- val_cname_loop1.rpl
- val_cname_loop2.rpl
- val_cname_loop3.rpl
- val_cnameinsectopos.rpl
- val_cnamenx_dblnsec.rpl
- val_cnamenx_rcodenx.rpl
- val_cnameqtype.rpl
- val_cnametocloser.rpl
- val_cnametocloser_nosig.rpl
- val_cnametocnamewctoposwc.rpl
- val_cnametodname.rpl
- val_cnametodnametocnametopos.rpl
- val_cnametoinsecure.rpl
- val_cnametonodata.rpl
- val_cnametonodata_nonsec.rpl
- val_cnametonsec.rpl
- val_cnametonx.rpl
- val_cnametooptin.rpl
- val_cnametooptout.rpl
- val_cnametopos.rpl
- val_cnametoposnowc.rpl
- val_cnametoposwc.rpl
- val_cnamewctonodata.rpl
- val_cnamewctonx.rpl
- val_cnamewctoposwc.rpl
- val_deleg_nons.rpl
- val_dnametoolong.rpl
- val_dnametopos.rpl
- val_dnametoposwc.rpl
- val_dnamewc.rpl
- val_ds_afterprime.rpl
- val_ds_cname.rpl
- val_ds_cnamesub.rpl
- val_ds_gost.crpl
- val_ds_gost_downgrade.crpl
- val_ds_sha2.crpl
- val_ds_sha2_downgrade.crpl
- val_ds_sha2_lenient.crpl
- val_dsnsec.rpl
- val_entds.rpl
- val_faildnskey.rpl
- val_faildnskey_ok.rpl
- val_fwdds.rpl
- val_keyprefetch.rpl
- val_keyprefetch_verify.rpl
- val_mal_wc.rpl
- val_negcache_ds.rpl
- val_negcache_dssoa.rpl
- val_negcache_nodata.rpl
- val_negcache_nta.rpl
- val_negcache_nxdomain.rpl
- val_noadwhennodo.rpl
- val_nodata.rpl
- val_nodata_ent.rpl
- val_nodata_entnx.rpl
- val_nodata_entwc.rpl
- val_nodata_failsig.rpl
- val_nodata_failwc.rpl
- val_nodata_hasdata.rpl
- val_nodata_zonecut.rpl
- val_nodatawc.rpl
- val_nodatawc_badce.rpl
- val_nodatawc_nodeny.rpl
- val_nodatawc_one.rpl
- val_nokeyprime.rpl
- val_nsec3_b1_nameerror.rpl
- val_nsec3_b1_nameerror_noce.rpl
- val_nsec3_b1_nameerror_nonc.rpl
- val_nsec3_b1_nameerror_nowc.rpl
- val_nsec3_b21_nodataent.rpl
- val_nsec3_b21_nodataent_wr.rpl
- val_nsec3_b2_nodata.rpl
- val_nsec3_b2_nodata_nons.rpl
- val_nsec3_b3_optout.rpl
- val_nsec3_b3_optout_negcache.rpl
- val_nsec3_b3_optout_noce.rpl
- val_nsec3_b3_optout_nonc.rpl
- val_nsec3_b4_wild.rpl
- val_nsec3_b4_wild_wr.rpl
- val_nsec3_b5_wcnodata.rpl
- val_nsec3_b5_wcnodata_noce.rpl
- val_nsec3_b5_wcnodata_nonc.rpl
- val_nsec3_b5_wcnodata_nowc.rpl
- val_nsec3_cname_ds.rpl
- val_nsec3_cname_par.rpl
- val_nsec3_cname_sub.rpl
- val_nsec3_cnametocnamewctoposwc.rpl
- val_nsec3_entnodata_optout.rpl
- val_nsec3_entnodata_optout_badopt.rpl
- val_nsec3_entnodata_optout_match.rpl
- val_nsec3_iter_high.rpl
- val_nsec3_nodatawccname.rpl
- val_nsec3_nods.rpl
- val_nsec3_nods_badopt.rpl
- val_nsec3_nods_badsig.rpl
- val_nsec3_nods_negcache.rpl
- val_nsec3_nods_soa.rpl
- val_nsec3_optout_ad.rpl
- val_nsec3_optout_cache.rpl
- val_nsec3_wcany.rpl
- val_nsec3_wcany_nodeny.rpl
- val_nx.rpl
- val_nx_failwc.rpl
- val_nx_nodeny.rpl
- val_nx_nowc.rpl
- val_nx_nsec3_collision.rpl
- val_nx_nsec3_params.rpl
- val_nx_overreach.rpl
- val_pos_truncns.rpl
- val_positive.rpl
- val_positive_nosigs.rpl
- val_positive_wc.rpl
- val_positive_wc_nodeny.rpl
- val_qds_badanc.rpl
- val_qds_oneanc.rpl
- val_qds_twoanc.rpl
- val_refer_unsignadd.rpl
- val_referd.rpl
- val_referglue.rpl
- val_rrsig.rpl
- val_secds.rpl
- val_secds_nosig.rpl
- val_spurious_ns.rpl
- val_stub_noroot.rpl
- val_stubds.rpl
- val_ta_algo_dnskey.rpl
- val_ta_algo_dnskey_dp.rpl
- val_ta_algo_missing.rpl
- val_ta_algo_missing_dp.rpl
- val_twocname.rpl
- val_unalgo_anchor.rpl
- val_unalgo_ds.rpl
- val_unsec_cname.rpl
- val_unsecds.rpl
- val_unsecds_negcache.rpl
- val_unsecds_qtypeds.rpl
- val_wild_pos.rpl
- version_bind.rpl
- version_bind_hide.rpl
- views.rpl
- zonemd.example1.zone
- zonemd.example10.zone
- zonemd.example11.zone
- zonemd.example12.zone
- zonemd.example13.zone
- zonemd.example14.zone
- zonemd.example15.zone
- zonemd.example16.zone
- zonemd.example17.zone
- zonemd.example2.zone
- zonemd.example3.zone
- zonemd.example4.zone
- zonemd.example5.zone
- zonemd.example6.zone
- zonemd.example7.zone
- zonemd.example8.zone
- zonemd.example9.zone
- zonemd.example_a1.zone
- zonemd.example_a2.zone
- zonemd.example_a3.zone
- zonemd.example_a4.zone
- zonemd.example_a5.zone
ipsecmod_enabled.crpl @c2ee7321-09a1-4ac6-a786-53e54f2790b2/main — raw · history · blame
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 | ; Test ipsecmod-enabled option. ; config options server: access-control: 127.0.0.1 allow_snoop module-config: "ipsecmod validator iterator" ; ../../ is there because the test runs from testdata/03-testbound.dir ipsecmod-hook: "../../testdata/ipsecmod_hook.sh" ipsecmod-strict: no ipsecmod-max-ttl: 200 ipsecmod-enabled: no qname-minimisation: "no" minimal-responses: no stub-zone: name: "." stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. CONFIG_END SCENARIO_BEGIN Test ipsecmod-enabled option ; Scenario overview: ; - query for example.com. IN A ; - check that we get an answer for example.com. IN A with the correct TTL ; - check that the get the same answer from cache ; - check that we don't get the IPSECKEY answer from cache ; K.ROOT-SERVERS.NET. RANGE_BEGIN 0 100 ADDRESS 193.0.14.129 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION . IN NS SECTION ANSWER . IN NS K.ROOT-SERVERS.NET. SECTION ADDITIONAL K.ROOT-SERVERS.NET. IN A 193.0.14.129 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION a.gtld-servers.net. IN AAAA SECTION AUTHORITY . 86400 IN SOA . . 20070304 28800 7200 604800 86400 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION K.ROOT-SERVERS.NET. IN AAAA SECTION AUTHORITY . 86400 IN SOA . . 20070304 28800 7200 604800 86400 ENTRY_END ENTRY_BEGIN MATCH opcode subdomain ADJUST copy_id copy_query REPLY QR NOERROR SECTION QUESTION com. IN A SECTION AUTHORITY com. IN NS a.gtld-servers.net. SECTION ADDITIONAL a.gtld-servers.net. IN A 192.5.6.30 ENTRY_END RANGE_END ; a.gtld-servers.net. RANGE_BEGIN 0 100 ADDRESS 192.5.6.30 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION com. IN NS SECTION ANSWER com. IN NS a.gtld-servers.net. SECTION ADDITIONAL a.gtld-servers.net. IN A 192.5.6.30 ENTRY_END ENTRY_BEGIN MATCH opcode subdomain ADJUST copy_id copy_query REPLY QR NOERROR SECTION QUESTION example.com. IN A SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END RANGE_END ; ns.example.com. RANGE_BEGIN 0 100 ADDRESS 1.2.3.4 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION example.com. IN NS SECTION ANSWER example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION ns.example.com. IN AAAA SECTION AUTHORITY example.com. 10 IN SOA . . 15 28800 7200 604800 10 ENTRY_END ; response to A query ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION example.com. IN A SECTION ANSWER example.com. 3600 IN A 5.6.7.8 SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END ; response to IPSECKEY query ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR NOERROR SECTION QUESTION example.com. IN IPSECKEY SECTION ANSWER example.com. 3600 IN IPSECKEY 10 0 2 . AQNRU3mG7TVTO2BkR47usntb102uFJtugbo6BSGvgqt4AQ== SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END RANGE_END ; Query with RD flag STEP 1 QUERY ENTRY_BEGIN REPLY RD SECTION QUESTION example.com. IN A ENTRY_END STEP 10 CHECK_ANSWER ENTRY_BEGIN MATCH all ttl REPLY QR RD RA NOERROR SECTION QUESTION example.com. IN A SECTION ANSWER example.com. 3600 IN A 5.6.7.8 SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END ; Query without RD, check if cached and with correct TTL STEP 11 QUERY ENTRY_BEGIN SECTION QUESTION example.com. IN A ENTRY_END STEP 20 CHECK_ANSWER ENTRY_BEGIN MATCH all ttl REPLY QR RA NOERROR SECTION QUESTION example.com. IN A SECTION ANSWER example.com. 3600 IN A 5.6.7.8 SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END ; Query without RD, check if IPSECKEY cached STEP 21 QUERY ENTRY_BEGIN SECTION QUESTION example.com. IN IPSECKEY ENTRY_END STEP 30 CHECK_ANSWER ENTRY_BEGIN MATCH all REPLY QR RA NOERROR SECTION QUESTION example.com. IN IPSECKEY SECTION AUTHORITY example.com. IN NS ns.example.com. SECTION ADDITIONAL ns.example.com. IN A 1.2.3.4 ENTRY_END SCENARIO_END |