1; config options 2server: 3 target-fetch-policy: "0 0 0 0 0" 4 minimal-responses: no 5 6stub-zone: 7 name: "." 8 stub-addr: 193.0.14.129 # K.ROOT-SERVERS.NET. 9CONFIG_END 10 11SCENARIO_BEGIN Test resolver with a domain sale and NS changes 12; and the old operator is nasty, keeps running his server with the old data. 13; and lots of lookups keep going towards the domain. 14; and the old server is changing the NS record of the old domain. 15 16; K.ROOT-SERVERS.NET. 17RANGE_BEGIN 0 100 18 ADDRESS 193.0.14.129 19ENTRY_BEGIN 20MATCH opcode qtype qname 21ADJUST copy_id 22REPLY QR NOERROR 23SECTION QUESTION 24. IN NS 25SECTION ANSWER 26. IN NS K.ROOT-SERVERS.NET. 27SECTION ADDITIONAL 28K.ROOT-SERVERS.NET. IN A 193.0.14.129 29ENTRY_END 30 31ENTRY_BEGIN 32MATCH opcode subdomain 33ADJUST copy_id copy_query 34REPLY QR NOERROR 35SECTION QUESTION 36com. IN A 37SECTION AUTHORITY 38com. IN NS a.gtld-servers.net. 39SECTION ADDITIONAL 40a.gtld-servers.net. IN A 192.5.6.30 41ENTRY_END 42RANGE_END 43 44; a.gtld-servers.net. (before sale of domain) 45RANGE_BEGIN 0 20 46 ADDRESS 192.5.6.30 47ENTRY_BEGIN 48MATCH opcode qtype qname 49ADJUST copy_id 50REPLY QR NOERROR 51SECTION QUESTION 52com. IN NS 53SECTION ANSWER 54com. IN NS a.gtld-servers.net. 55SECTION ADDITIONAL 56a.gtld-servers.net. IN A 192.5.6.30 57ENTRY_END 58 59ENTRY_BEGIN 60MATCH opcode subdomain 61ADJUST copy_id copy_query 62REPLY QR NOERROR 63SECTION QUESTION 64example.com. IN A 65SECTION AUTHORITY 66example.com. IN NS ns.example.com. 67SECTION ADDITIONAL 68ns.example.com. IN A 1.2.3.4 69ENTRY_END 70RANGE_END 71 72; a.gtld-servers.net. (after sale of domain) 73RANGE_BEGIN 30 200 74 ADDRESS 192.5.6.30 75ENTRY_BEGIN 76MATCH opcode qtype qname 77ADJUST copy_id 78REPLY QR NOERROR 79SECTION QUESTION 80com. IN NS 81SECTION ANSWER 82com. IN NS a.gtld-servers.net. 83SECTION ADDITIONAL 84a.gtld-servers.net. IN A 192.5.6.30 85ENTRY_END 86 87ENTRY_BEGIN 88MATCH opcode subdomain 89ADJUST copy_id copy_query 90REPLY QR NOERROR 91SECTION QUESTION 92example.com. IN A 93SECTION AUTHORITY 94example.com. IN NS ns.example.com. 95SECTION ADDITIONAL 96ns.example.com. IN A 8.8.8.8 97ENTRY_END 98RANGE_END 99 100; ns.example.com. first owner 101RANGE_BEGIN 0 30 102 ADDRESS 1.2.3.4 103ENTRY_BEGIN 104MATCH opcode qtype qname 105ADJUST copy_id 106REPLY QR AA NOERROR 107SECTION QUESTION 108example.com. IN NS 109SECTION ANSWER 110example.com. IN NS ns.example.com. 111SECTION ADDITIONAL 112ns.example.com. IN A 1.2.3.4 113ENTRY_END 114 115ENTRY_BEGIN 116MATCH opcode qname 117ADJUST copy_id copy_query 118REPLY QR AA NOERROR 119SECTION QUESTION 120www.example.com. IN A 121SECTION ANSWER 122www.example.com. 3600 IN A 10.20.30.40 123SECTION AUTHORITY 124example.com. 3600 IN NS ns.example.com. 125SECTION ADDITIONAL 126ns.example.com. 3600 IN A 1.2.3.4 127ENTRY_END 128 129; nxdomains for any name,type 130; last in RANGE so that it matches everything left over. 131; it includes the NS record. 132ENTRY_BEGIN 133MATCH opcode 134ADJUST copy_id copy_query 135REPLY QR AA NXDOMAIN 136SECTION QUESTION 137www.example.com. IN A 138SECTION ANSWER 139SECTION AUTHORITY 140example.com. 3600 IN SOA a. b. 1 2 3 4 5 141example.com. 3600 IN NS ns.example.com. 142SECTION ADDITIONAL 143ns.example.com. 3600 IN A 1.2.3.4 144ENTRY_END 145RANGE_END 146 147; ns.example.com. first owner, NS changed 148RANGE_BEGIN 40 200 149 ADDRESS 1.2.3.4 150ENTRY_BEGIN 151MATCH opcode qtype qname 152ADJUST copy_id 153REPLY QR AA NOERROR 154SECTION QUESTION 155example.com. IN NS 156SECTION ANSWER 157example.com. IN NS nsb.example.com. 158SECTION ADDITIONAL 159nsb.example.com. IN A 1.2.3.4 160ENTRY_END 161 162ENTRY_BEGIN 163MATCH opcode qname 164ADJUST copy_id copy_query 165REPLY QR AA NOERROR 166SECTION QUESTION 167www.example.com. IN A 168SECTION ANSWER 169www.example.com. 3600 IN A 10.20.30.40 170SECTION AUTHORITY 171example.com. 3600 IN NS nsb.example.com. 172SECTION ADDITIONAL 173nsb.example.com. 3600 IN A 1.2.3.4 174ENTRY_END 175 176; nxdomains for any name,type 177; last in RANGE so that it matches everything left over. 178; it includes the NS record. 179ENTRY_BEGIN 180MATCH opcode 181ADJUST copy_id copy_query 182REPLY QR AA NXDOMAIN 183SECTION QUESTION 184www.example.com. IN A 185SECTION ANSWER 186SECTION AUTHORITY 187example.com. 3600 IN SOA a. b. 1 2 3 4 5 188example.com. 3600 IN NS nsb.example.com. 189SECTION ADDITIONAL 190nsb.example.com. 3600 IN A 1.2.3.4 191ENTRY_END 192RANGE_END 193 194; ns.example.com. new owner 195RANGE_BEGIN 0 200 196 ADDRESS 8.8.8.8 197ENTRY_BEGIN 198MATCH opcode qtype qname 199ADJUST copy_id 200REPLY QR AA NOERROR 201SECTION QUESTION 202example.com. IN NS 203SECTION ANSWER 204example.com. IN NS ns.example.com. 205SECTION ADDITIONAL 206ns.example.com. IN A 8.8.8.8 207ENTRY_END 208 209ENTRY_BEGIN 210MATCH opcode qtype qname 211ADJUST copy_id 212REPLY QR AA NOERROR 213SECTION QUESTION 214www.example.com. IN A 215SECTION ANSWER 216www.example.com. 3600 IN A 88.88.88.88 217SECTION AUTHORITY 218example.com. 3600 IN NS ns.example.com. 219SECTION ADDITIONAL 220ns.example.com. 3600 IN A 8.8.8.8 221ENTRY_END 222RANGE_END 223 224; Fetch the old record from the old owner. 225STEP 1 QUERY 226ENTRY_BEGIN 227REPLY RD 228SECTION QUESTION 229www.example.com. IN A 230ENTRY_END 231; recursion happens here. 232STEP 5 CHECK_ANSWER 233ENTRY_BEGIN 234MATCH all ttl 235REPLY QR RD RA NOERROR 236SECTION QUESTION 237www.example.com. IN A 238SECTION ANSWER 239www.example.com. 3600 IN A 10.20.30.40 240SECTION AUTHORITY 241example.com. 3600 IN NS ns.example.com. 242SECTION ADDITIONAL 243ns.example.com. 3600 IN A 1.2.3.4 244ENTRY_END 245 246; the domain is sold (right at this time). 247; but the information stays in the cache. 248 249; after 1800 secs still the cached answer 250STEP 20 TIME_PASSES ELAPSE 1800 251 252STEP 30 QUERY 253ENTRY_BEGIN 254REPLY RD 255SECTION QUESTION 256www.example.com. IN A 257ENTRY_END 258; recursion happens here. 259STEP 40 CHECK_ANSWER 260ENTRY_BEGIN 261MATCH all ttl 262REPLY QR RD RA NOERROR 263SECTION QUESTION 264www.example.com. IN A 265SECTION ANSWER 266www.example.com. 1800 IN A 10.20.30.40 267SECTION AUTHORITY 268example.com. 1800 IN NS ns.example.com. 269SECTION ADDITIONAL 270ns.example.com. 1800 IN A 1.2.3.4 271ENTRY_END 272 273; and ask another query 274STEP 50 QUERY 275ENTRY_BEGIN 276REPLY RD 277SECTION QUESTION 278nx1.example.com. IN A 279ENTRY_END 280; recursion happens here. 281STEP 60 CHECK_ANSWER 282ENTRY_BEGIN 283MATCH all ttl 284REPLY QR RD RA NXDOMAIN 285SECTION QUESTION 286nx1.example.com. IN A 287SECTION ANSWER 288SECTION AUTHORITY 289; at TTL 5 because TTL capped at ttl of minttl in rdata of SOA. 290example.com. 5 IN SOA a. b. 1 2 3 4 5 291;example.com. 3600 IN NS nsb.example.com. 292SECTION ADDITIONAL 293;nsb.example.com. 3600 IN A 1.2.3.4 294ENTRY_END 295 296STEP 62 QUERY 297ENTRY_BEGIN 298REPLY RD 299SECTION QUESTION 300nx1.example.com. IN A 301ENTRY_END 302; recursion happens here. 303STEP 63 CHECK_ANSWER 304ENTRY_BEGIN 305MATCH all ttl 306REPLY QR RD RA NXDOMAIN 307SECTION QUESTION 308nx1.example.com. IN A 309SECTION ANSWER 310SECTION AUTHORITY 311; at TTL 5 because TTL capped at ttl of minttl in rdata of SOA. 312example.com. 5 IN SOA a. b. 1 2 3 4 5 313;example.com. 1800 IN NS nsb.example.com. 314SECTION ADDITIONAL 315;nsb.example.com. 3600 IN A 1.2.3.4 316ENTRY_END 317 318; after another 1900 seconds the domain must have timed out. 319STEP 70 TIME_PASSES ELAPSE 1900 320 321; the NS record should have timed out. 322STEP 80 QUERY 323ENTRY_BEGIN 324REPLY RD 325SECTION QUESTION 326www.example.com. IN A 327ENTRY_END 328; recursion happens here. 329STEP 90 CHECK_ANSWER 330ENTRY_BEGIN 331MATCH all ttl 332REPLY QR RD RA NOERROR 333SECTION QUESTION 334www.example.com. IN A 335SECTION ANSWER 336www.example.com. 3600 IN A 88.88.88.88 337SECTION AUTHORITY 338example.com. 3600 IN NS ns.example.com. 339SECTION ADDITIONAL 340ns.example.com. 3600 IN A 8.8.8.8 341ENTRY_END 342 343SCENARIO_END 344