1#!/bin/sh -x 2# 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# This Source Code Form is subject to the terms of the Mozilla Public 6# License, v. 2.0. If a copy of the MPL was not distributed with this 7# file, you can obtain one at https://mozilla.org/MPL/2.0/. 8# 9# See the COPYRIGHT file distributed with this work for additional 10# information regarding copyright ownership. 11 12set -e 13 14# shellcheck source=conf.sh 15. ../conf.sh 16 17dig_with_opts() { 18 "$DIG" -p "${PORT}" "$@" 19} 20 21rndccmd() ( 22 "$RNDC" -c ../common/rndc.conf -p "${CONTROLPORT}" -s "$@" 23) 24 25_wait_for_message() ( 26 nextpartpeek "$1" > wait_for_message.$n 27 grep -F "$2" wait_for_message.$n >/dev/null 28) 29 30wait_for_message() ( 31 retry_quiet 20 _wait_for_message "$@" 32) 33 34_wait_for_rcode() ( 35 rcode="$1" 36 qtype="$2" 37 ns="$3" 38 qname="$4" 39 file="$5" 40 shift 5 41 dig_with_opts "$ns" "$qtype" "$qname" "$@" >"$file" || return 1 42 grep "status: $rcode" "$file" >/dev/null 43) 44 45wait_for_rcode() ( 46 retry_quiet 10 _wait_for_rcode "$@" 47) 48 49wait_for_soa() ( 50 wait_for_rcode NOERROR SOA "$@" 51) 52 53wait_for_a() ( 54 wait_for_rcode NOERROR A "$@" 55) 56 57wait_for_no_soa() { 58 wait_for_rcode REFUSED SOA "$@" 59} 60 61_wait_for_zonefile() ( 62 # shellcheck disable=SC2234 63 [ -f "$1" ] 64) 65 66wait_for_zonefile() ( 67 retry_quiet 10 _wait_for_zonefile "$@" 68) 69 70_wait_for_no_zonefile() ( 71 # shellcheck disable=SC2234 72 [ ! -f "$1" ] 73) 74 75wait_for_no_zonefile() ( 76 retry_quiet 10 _wait_for_no_zonefile "$@" 77) 78 79status=0 80n=0 81########################################################################## 82echo_i "Testing adding/removing of domain in catalog zone" 83n=$((n+1)) 84echo_i "checking that dom1.example. is not served by primary ($n)" 85ret=0 86wait_for_no_soa @10.53.0.1 dom1.example. dig.out.test$n || ret=1 87if [ $ret -ne 0 ]; then echo_i "failed"; fi 88status=$((status+ret)) 89 90n=$((n+1)) 91echo_i "Adding a domain dom1.example. to primary via RNDC ($n)" 92ret=0 93# enough initial content for IXFR response when TXT record is added below 94echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom1.example.db 95echo "@ 3600 IN NS invalid." >> ns1/dom1.example.db 96echo "foo 3600 IN TXT some content here" >> ns1/dom1.example.db 97echo "bar 3600 IN TXT some content here" >> ns1/dom1.example.db 98echo "xxx 3600 IN TXT some content here" >> ns1/dom1.example.db 99echo "yyy 3600 IN TXT some content here" >> ns1/dom1.example.db 100rndccmd 10.53.0.1 addzone dom1.example. '{ type primary; file "dom1.example.db"; allow-update { any; }; notify explicit; also-notify { 10.53.0.2; }; };' || ret=1 101if [ $ret -ne 0 ]; then echo_i "failed"; fi 102status=$((status+ret)) 103 104n=$((n+1)) 105echo_i "checking that dom1.example. is now served by primary ($n)" 106ret=0 107wait_for_soa @10.53.0.1 dom1.example. dig.out.test$n || ret=1 108if [ $ret -ne 0 ]; then echo_i "failed"; fi 109status=$((status+ret)) 110 111nextpart ns2/named.run >/dev/null 112 113n=$((n+1)) 114echo_i "Adding domain dom1.example. to catalog1 zone ($n)" 115ret=0 116$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 117 server 10.53.0.1 ${PORT} 118 update add e721433b6160b450260d4f54b3ec8bab30cb3b83.zones.catalog1.example. 3600 IN PTR dom1.example. 119 send 120END 121if [ $ret -ne 0 ]; then echo_i "failed"; fi 122status=$((status+ret)) 123 124n=$((n+1)) 125echo_i "waiting for secondary to sync up ($n)" 126ret=0 127wait_for_message ns2/named.run "catz: adding zone 'dom1.example' from catalog 'catalog1.example'" && 128wait_for_message ns2/named.run "transfer of 'dom1.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 129if [ $ret -ne 0 ]; then echo_i "failed"; fi 130status=$((status+ret)) 131 132n=$((n+1)) 133echo_i "checking that dom1.example. is served by secondary ($n)" 134ret=0 135wait_for_soa @10.53.0.2 dom1.example. dig.out.test$n || ret=1 136if [ $ret -ne 0 ]; then echo_i "failed"; fi 137status=$((status+ret)) 138 139n=$((n+1)) 140echo_i "checking that zone-directory is populated ($n)" 141ret=0 142wait_for_zonefile "ns2/zonedir/__catz___default_catalog1.example_dom1.example.db" || ret=1 143if [ $ret -ne 0 ]; then echo_i "failed"; fi 144status=$((status+ret)) 145 146n=$((n+1)) 147echo_i "update dom1.example. ($n)" 148ret=0 149$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 150 server 10.53.0.1 ${PORT} 151 update add dom1.example 0 IN TXT added record 152 send 153END 154if [ $ret -ne 0 ]; then echo_i "failed"; fi 155status=$((status+ret)) 156 157n=$((n+1)) 158echo_i "wait for secondary to be updated ($n)" 159ret=0 160wait_for_txt() { 161 dig_with_opts @10.53.0.2 TXT dom1.example. > dig.out.test$n || return 1 162 grep "ANSWER: 1," dig.out.test$n > /dev/null || return 1 163 grep "status: NOERROR" dig.out.test$n > /dev/null || return 1 164 grep "IN.TXT." dig.out.test$n > /dev/null || return 1 165} 166retry_quiet 10 wait_for_txt || ret=1 167if [ $ret -ne 0 ]; then echo_i "failed"; fi 168status=$((status+ret)) 169 170n=$((n+1)) 171echo_i "check that journal was created for cleanup test ($n)" 172ret=0 173test -f ns2/zonedir/__catz___default_catalog1.example_dom1.example.db.jnl || ret=1 174if [ $ret -ne 0 ]; then echo_i "failed"; fi 175status=$((status+ret)) 176 177n=$((n+1)) 178echo_i "removing domain dom1.example. from catalog1 zone ($n)" 179ret=0 180$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 181 server 10.53.0.1 ${PORT} 182 update delete e721433b6160b450260d4f54b3ec8bab30cb3b83.zones.catalog1.example 183 send 184END 185if [ $ret -ne 0 ]; then echo_i "failed"; fi 186status=$((status+ret)) 187 188n=$((n+1)) 189echo_i "waiting for secondary to sync up ($n)" 190ret=0 191wait_for_message ns2/named.run "zone_shutdown: zone dom1.example/IN: shutting down" || ret=1 192if [ $ret -ne 0 ]; then echo_i "failed"; fi 193status=$((status+ret)) 194 195n=$((n+1)) 196echo_i "checking that dom1.example. is not served by secondary ($n)" 197ret=0 198wait_for_no_soa @10.53.0.2 dom1.example. dig.out.test$n || ret=1 199if [ $ret -ne 0 ]; then echo_i "failed"; fi 200status=$((status+ret)) 201 202n=$((n+1)) 203echo_i "checking that zone-directory is emptied ($n)" 204ret=0 205wait_for_no_zonefile "ns2/zonedir/__catz___default_catalog1.example_dom1.example.db" || ret=1 206wait_for_no_zonefile "ns2/zonedir/__catz___default_catalog1.example_dom1.example.db.jnl" || ret=1 207if [ $ret -ne 0 ]; then echo_i "failed"; fi 208status=$((status+ret)) 209 210########################################################################## 211echo_i "Testing various simple operations on domains, including using multiple catalog zones and garbage in zone" 212n=$((n+1)) 213echo_i "adding domain dom2.example. to primary via RNDC ($n)" 214ret=0 215echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom2.example.db 216echo "@ IN NS invalid." >> ns1/dom2.example.db 217rndccmd 10.53.0.1 addzone dom2.example. '{type primary; file "dom2.example.db";};' || ret=1 218if [ $ret -ne 0 ]; then echo_i "failed"; fi 219status=$((status+ret)) 220 221n=$((n+1)) 222echo_i "adding domain dom4.example. to primary via RNDC ($n)" 223ret=0 224echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom4.example.db 225echo "@ IN NS invalid." >> ns1/dom4.example.db 226rndccmd 10.53.0.1 addzone dom4.example. '{type primary; file "dom4.example.db";};' || ret=1 227if [ $ret -ne 0 ]; then echo_i "failed"; fi 228status=$((status+ret)) 229 230n=$((n+1)) 231echo_i "adding domains dom2.example, dom3.example. and some garbage to catalog1 zone ($n)" 232ret=0 233$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 234 server 10.53.0.1 ${PORT} 235 update add 636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 236 update add b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN PTR dom3.example. 237 update add e721433b6160b450260d4f54b3ec8bab30cb3b83.zones.catalog1.example. 3600 IN NS foo.bar. 238 update add trash.catalog1.example. 3600 IN A 1.2.3.4 239 update add trash2.foo.catalog1.example. 3600 IN A 1.2.3.4 240 update add trash3.zones.catalog1.example. 3600 IN NS a.dom2.example. 241 update add foobarbaz.b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN PTR dom3.example. 242 update add blahblah.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 243 update add foobarbaz.b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN APL 1:1.2.3.4/30 244 update add blahblah.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN TXT "blah blah" 245 update add version.catalog1.example. 3600 IN A 1.2.3.4 246 send 247 248END 249if [ $ret -ne 0 ]; then echo_i "failed"; fi 250status=$((status+ret)) 251 252n=$((n+1)) 253echo_i "adding domain dom4.example. to catalog2 zone ($n)" 254ret=0 255$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 256 server 10.53.0.3 ${PORT} 257 update add de26b88d855397a03f77ff1162fd055d8b419584.zones.catalog2.example. 3600 IN PTR dom4.example. 258 send 259END 260if [ $ret -ne 0 ]; then echo_i "failed"; fi 261status=$((status+ret)) 262 263 264n=$((n+1)) 265echo_i "waiting for secondary to sync up ($n)" 266ret=0 267wait_for_message ns2/named.run "catz: adding zone 'dom4.example' from catalog 'catalog2.example'" && 268wait_for_message ns2/named.run "transfer of 'dom4.example/IN' from 10.53.0.1#${EXTRAPORT1}: Transfer status: success" || ret=1 269if [ $ret -ne 0 ]; then echo_i "failed"; fi 270status=$((status+ret)) 271 272n=$((n+1)) 273echo_i "checking that dom4.example. is served by secondary ($n)" 274ret=0 275wait_for_soa @10.53.0.2 dom4.example. dig.out.test$n || ret=1 276if [ $ret -ne 0 ]; then echo_i "failed"; fi 277status=$((status+ret)) 278 279 280n=$((n+1)) 281echo_i "checking that dom3.example. is not served by primary ($n)" 282ret=0 283wait_for_no_soa @10.53.0.1 dom3.example. dig.out.test$n || ret=1 284if [ $ret -ne 0 ]; then echo_i "failed"; fi 285status=$((status+ret)) 286 287n=$((n+1)) 288echo_i "adding a domain dom3.example. to primary via RNDC ($n)" 289ret=0 290echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom3.example.db 291echo "@ IN NS invalid." >> ns1/dom3.example.db 292rndccmd 10.53.0.1 addzone dom3.example. '{type primary; file "dom3.example.db"; also-notify { 10.53.0.2; }; notify explicit; };' || ret=1 293if [ $ret -ne 0 ]; then echo_i "failed"; fi 294status=$((status+ret)) 295 296n=$((n+1)) 297echo_i "checking that dom3.example. is served by primary ($n)" 298ret=0 299wait_for_soa @10.53.0.1 dom3.example. dig.out.test$n || ret=1 300if [ $ret -ne 0 ]; then echo_i "failed"; fi 301status=$((status+ret)) 302 303n=$((n+1)) 304echo_i "waiting for secondary to sync up ($n)" 305ret=0 306wait_for_message ns2/named.run "catz: adding zone 'dom2.example' from catalog 'catalog1.example'" && 307wait_for_message ns2/named.run "catz: adding zone 'dom3.example' from catalog 'catalog1.example'" && 308wait_for_message ns2/named.run "transfer of 'dom2.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" && 309wait_for_message ns2/named.run "transfer of 'dom3.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 310if [ $ret -ne 0 ]; then echo_i "failed"; fi 311status=$((status+ret)) 312 313n=$((n+1)) 314echo_i "checking that dom3.example. is served by secondary ($n)" 315ret=0 316wait_for_soa @10.53.0.2 dom3.example. dig.out.test$n || ret=1 317if [ $ret -ne 0 ]; then echo_i "failed"; fi 318status=$((status+ret)) 319 320n=$((n+1)) 321echo_i "removing all records from catalog1 zone ($n)" 322ret=0 323$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 324 server 10.53.0.1 ${PORT} 325 update delete 636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 326 update delete b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN PTR dom3.example. 327 update delete e721433b6160b450260d4f54b3ec8bab30cb3b83.zones.catalog1.example. 3600 IN NS foo.bar. 328 update delete trash.catalog1.example. 3600 IN A 1.2.3.4 329 update delete trash2.foo.catalog1.example. 3600 IN A 1.2.3.4 330 update delete trash3.zones.catalog1.example. 3600 IN NS a.dom2.example. 331 update delete foobarbaz.b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN PTR dom3.example. 332 update delete blahblah.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN PTR dom2.example. 333 update delete foobarbaz.b901f492f3ebf6c1e5b597e51766f02f0479eb03.zones.catalog1.example. 3600 IN APL 1:1.2.3.4/30 334 update delete blahblah.636722929740e507aaf27c502812fc395d30fb17.zones.catalog1.example. 3600 IN TXT "blah blah" 335 update delete version.catalog1.example. 3600 IN A 1.2.3.4 336 send 337 338END 339if [ $ret -ne 0 ]; then echo_i "failed"; fi 340status=$((status+ret)) 341 342n=$((n+1)) 343echo_i "removing all records from catalog2 zone ($n)" 344ret=0 345$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 346 server 10.53.0.3 ${PORT} 347 update delete de26b88d855397a03f77ff1162fd055d8b419584.zones.catalog2.example. 3600 IN PTR dom4.example. 348 send 349END 350if [ $ret -ne 0 ]; then echo_i "failed"; fi 351status=$((status+ret)) 352 353########################################################################## 354echo_i "Testing masters suboption and random labels" 355n=$((n+1)) 356echo_i "adding dom5.example. with a valid masters suboption (IP without TSIG) and a random label ($n)" 357ret=0 358$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 359 server 10.53.0.1 ${PORT} 360 update add somerandomlabel.zones.catalog1.example. 3600 IN PTR dom5.example. 361 update add masters.somerandomlabel.zones.catalog1.example. 3600 IN A 10.53.0.3 362 send 363END 364if [ $ret -ne 0 ]; then echo_i "failed"; fi 365status=$((status+ret)) 366 367n=$((n+1)) 368echo_i "waiting for secondary to sync up ($n)" 369ret=0 370wait_for_message ns2/named.run "catz: adding zone 'dom5.example' from catalog 'catalog1.example'" && 371wait_for_message ns2/named.run "transfer of 'dom5.example/IN' from 10.53.0.3#${PORT}: Transfer status: success" || ret=1 372if [ $ret -ne 0 ]; then echo_i "failed"; fi 373status=$((status+ret)) 374 375n=$((n+1)) 376echo_i "checking that dom5.example. is served by secondary ($n)" 377ret=0 378wait_for_soa @10.53.0.2 dom5.example. dig.out.test$n || ret=1 379if [ $ret -ne 0 ]; then echo_i "failed"; fi 380status=$((status+ret)) 381 382n=$((n+1)) 383echo_i "removing dom5.example. ($n)" 384ret=0 385$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 386 server 10.53.0.1 ${PORT} 387 update delete somerandomlabel.zones.catalog1.example. 3600 IN PTR dom5.example. 388 update delete masters.somerandomlabel.zones.catalog1.example. 3600 IN A 10.53.0.3 389 send 390END 391if [ $ret -ne 0 ]; then echo_i "failed"; fi 392status=$((status+ret)) 393 394n=$((n+1)) 395echo_i "waiting for secondary to sync up ($n)" 396ret=0 397wait_for_message ns2/named.run "zone_shutdown: zone dom5.example/IN: shutting down" || ret=1 398if [ $ret -ne 0 ]; then echo_i "failed"; fi 399status=$((status+ret)) 400 401n=$((n+1)) 402echo_i "checking that dom5.example. is no longer served by secondary ($n)" 403ret=0 404wait_for_no_soa @10.53.0.2 dom5.example. dig.out.test$n || ret=1 405if [ $ret -ne 0 ]; then echo_i "failed"; fi 406status=$((status+ret)) 407 408 409########################################################################## 410echo_i "Testing masters global option" 411n=$((n+1)) 412echo_i "adding dom6.example. and a valid global masters option (IP without TSIG) ($n)" 413ret=0 414$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 415 server 10.53.0.1 ${PORT} 416 update add masters.catalog1.example. 3600 IN A 10.53.0.3 417 update add masters.catalog1.example. 3600 IN AAAA fd92:7065:b8e:ffff::3 418 update add 4346f565b4d63ddb99e5d2497ff22d04e878e8f8.zones.catalog1.example. 3600 IN PTR dom6.example. 419 send 420END 421if [ $ret -ne 0 ]; then echo_i "failed"; fi 422status=$((status+ret)) 423 424n=$((n+1)) 425echo_i "waiting for secondary to sync up ($n)" 426ret=0 427wait_for_message ns2/named.run "catz: adding zone 'dom6.example' from catalog 'catalog1.example'" && 428wait_for_message ns2/named.run "transfer of 'dom6.example/IN' from " > /dev/null || ret=1 429if [ $ret -ne 0 ]; then echo_i "failed"; fi 430status=$((status+ret)) 431 432n=$((n+1)) 433echo_i "checking that dom6.example. is served by secondary ($n)" 434ret=0 435wait_for_soa @10.53.0.2 dom6.example. dig.out.test$n || ret=1 436if [ $ret -ne 0 ]; then echo_i "failed"; fi 437status=$((status+ret)) 438 439n=$((n+1)) 440echo_i "removing dom6.example. ($n)" 441ret=0 442$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 443 server 10.53.0.1 ${PORT} 444 update delete masters.catalog1.example. 3600 IN A 10.53.0.3 445 update delete masters.catalog1.example. 3600 IN AAAA fd92:7065:b8e:ffff::3 446 update delete 4346f565b4d63ddb99e5d2497ff22d04e878e8f8.zones.catalog1.example. 3600 IN PTR dom6.example. 447 send 448END 449if [ $ret -ne 0 ]; then echo_i "failed"; fi 450status=$((status+ret)) 451 452n=$((n+1)) 453echo_i "waiting for secondary to sync up ($n)" 454ret=0 455wait_for_message ns2/named.run "zone_shutdown: zone dom6.example/IN: shutting down" || ret=1 456if [ $ret -ne 0 ]; then echo_i "failed"; fi 457status=$((status+ret)) 458 459n=$((n+1)) 460echo_i "checking that dom6.example. is no longer served by secondary ($n)" 461ret=0 462wait_for_no_soa @10.53.0.2 dom6.example. dig.out.test$n || ret=1 463if [ $ret -ne 0 ]; then echo_i "failed"; fi 464status=$((status+ret)) 465 466nextpart ns2/named.run >/dev/null 467 468n=$((n+1)) 469echo_i "adding dom6.example. and an invalid global masters option (TSIG without IP) ($n)" 470ret=0 471$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 472 server 10.53.0.1 ${PORT} 473 update add label1.primaries.catalog1.example. 3600 IN TXT "tsig_key" 474 update add 4346f565b4d63ddb99e5d2497ff22d04e878e8f8.zones.catalog1.example. 3600 IN PTR dom6.example. 475 send 476END 477if [ $ret -ne 0 ]; then echo_i "failed"; fi 478status=$((status+ret)) 479 480n=$((n+1)) 481echo_i "waiting for secondary to sync up ($n)" 482ret=0 483wait_for_message ns2/named.run "catz: adding zone 'dom6.example' from catalog 'catalog1.example'" && 484wait_for_message ns2/named.run "error \"failure\" while trying to generate config for zone \"dom6.example\"" || ret=1 485if [ $ret -ne 0 ]; then echo_i "failed"; fi 486status=$((status+ret)) 487 488n=$((n+1)) 489echo_i "removing dom6.example. ($n)" 490ret=0 491$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 492 server 10.53.0.1 ${PORT} 493 update delete label1.primaries.catalog1.example. 3600 IN TXT "tsig_key" 494 update delete 4346f565b4d63ddb99e5d2497ff22d04e878e8f8.zones.catalog1.example. 3600 IN PTR dom6.example. 495 send 496END 497if [ $ret -ne 0 ]; then echo_i "failed"; fi 498status=$((status+ret)) 499 500n=$((n+1)) 501echo_i "waiting for secondary to sync up ($n)" 502ret=0 503wait_for_message ns2/named.run "catz: deleting zone 'dom6.example' from catalog 'catalog1.example' - success" > /dev/null || ret=1 504if [ $ret -ne 0 ]; then echo_i "failed"; fi 505status=$((status+ret)) 506 507########################################################################## 508n=$((n+1)) 509echo_i "Checking that a missing zone directory forces in-memory ($n)" 510ret=0 511grep "'nonexistent' not found; zone files will not be saved" ns2/named.run > /dev/null || ret=1 512if [ $ret -ne 0 ]; then echo_i "failed"; fi 513status=$((status+ret)) 514 515########################################################################## 516echo_i "Testing allow-query and allow-transfer ACLs" 517n=$((n+1)) 518echo_i "adding domains dom7.example. and dom8.example. to primary via RNDC ($n)" 519ret=0 520echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom7.example.db 521echo "@ IN NS invalid." >> ns1/dom7.example.db 522rndccmd 10.53.0.1 addzone dom7.example. '{type primary; file "dom7.example.db";};' || ret=1 523if [ $ret -ne 0 ]; then echo_i "failed"; fi 524status=$((status+ret)) 525echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom8.example.db 526echo "@ IN NS invalid." >> ns1/dom8.example.db 527rndccmd 10.53.0.1 addzone dom8.example. '{type primary; file "dom8.example.db";};' || ret=1 528if [ $ret -ne 0 ]; then echo_i "failed"; fi 529status=$((status+ret)) 530 531n=$((n+1)) 532echo_i "checking that dom7.example. is now served by primary ($n)" 533ret=0 534wait_for_soa @10.53.0.1 dom7.example. dig.out.test$n || ret=1 535if [ $ret -ne 0 ]; then echo_i "failed"; fi 536status=$((status+ret)) 537 538nextpart ns2/named.run >/dev/null 539 540n=$((n+1)) 541echo_i "adding domain dom7.example. to catalog1 zone with an allow-query statement ($n)" 542ret=0 543$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 544 server 10.53.0.1 ${PORT} 545 update add 78833ec3c0059fd4540fee81c7eaddce088e7cd7.zones.catalog1.example. 3600 IN PTR dom7.example. 546 update add allow-query.78833ec3c0059fd4540fee81c7eaddce088e7cd7.zones.catalog1.example. 3600 IN APL 1:10.53.0.1/32 !1:10.53.0.0/30 1:0.0.0.0/0 547 send 548END 549if [ $ret -ne 0 ]; then echo_i "failed"; fi 550status=$((status+ret)) 551 552n=$((n+1)) 553echo_i "waiting for secondary to sync up ($n)" 554ret=0 555wait_for_message ns2/named.run "catz: adding zone 'dom7.example' from catalog 'catalog1.example'" > /dev/null && 556wait_for_message ns2/named.run "transfer of 'dom7.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 557if [ $ret -ne 0 ]; then echo_i "failed"; fi 558status=$((status+ret)) 559 560n=$((n+1)) 561echo_i "checking that dom7.example. is accessible from 10.53.0.1 ($n)" 562ret=0 563wait_for_soa @10.53.0.2 dom7.example. dig.out.test$n -b 10.53.0.1 || ret=1 564if [ $ret -ne 0 ]; then echo_i "failed"; fi 565status=$((status+ret)) 566 567n=$((n+1)) 568echo_i "checking that dom7.example. is not accessible from 10.53.0.2 ($n)" 569ret=0 570wait_for_no_soa @10.53.0.2 dom7.example. dig.out.test$n -b 10.53.0.2 || ret=1 571if [ $ret -ne 0 ]; then echo_i "failed"; fi 572status=$((status+ret)) 573 574n=$((n+1)) 575echo_i "checking that dom7.example. is accessible from 10.53.0.5 ($n)" 576ret=0 577wait_for_soa @10.53.0.2 dom7.example. dig.out.test$n -b 10.53.0.5 || ret=1 578if [ $ret -ne 0 ]; then echo_i "failed"; fi 579status=$((status+ret)) 580 581nextpart ns2/named.run >/dev/null 582n=$((n+1)) 583echo_i "adding dom8.example. domain and global allow-query and allow-transfer ACLs ($n)" 584ret=0 585$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 586 server 10.53.0.1 ${PORT} 587 update add cba95222e308baba42417be6021026fdf20827b6.zones.catalog1.example. 3600 IN PTR dom8.example 588 update add allow-query.catalog1.example. 3600 IN APL 1:10.53.0.1/32 589 update add allow-transfer.catalog1.example. 3600 IN APL 1:10.53.0.2/32 590 send 591END 592if [ $ret -ne 0 ]; then echo_i "failed"; fi 593status=$((status+ret)) 594 595n=$((n+1)) 596echo_i "waiting for secondary to sync up ($n)" 597ret=0 598wait_for_message ns2/named.run "catz: update_from_db: new zone merged" && 599wait_for_message ns2/named.run "transfer of 'dom8.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 600if [ $ret -ne 0 ]; then echo_i "failed"; fi 601status=$((status+ret)) 602 603n=$((n+1)) 604echo_i "checking that dom8.example. is accessible from 10.53.0.1 ($n)" 605ret=0 606wait_for_soa @10.53.0.2 dom8.example. dig.out.test$n -b 10.53.0.1 || ret=1 607if [ $ret -ne 0 ]; then echo_i "failed"; fi 608status=$((status+ret)) 609 610n=$((n+1)) 611echo_i "checking that dom8.example. is not accessible from 10.53.0.2 ($n)" 612ret=0 613wait_for_no_soa @10.53.0.2 dom8.example. dig.out.test$n -b 10.53.0.2 || ret=1 614if [ $ret -ne 0 ]; then echo_i "failed"; fi 615status=$((status+ret)) 616 617n=$((n+1)) 618echo_i "checking that dom8.example. is not AXFR accessible from 10.53.0.1 ($n)" 619ret=0 620dig_with_opts @10.53.0.2 axfr dom8.example. -b 10.53.0.1 > dig.out.test$n 621grep "Transfer failed." dig.out.test$n > /dev/null || ret=1 622if [ $ret -ne 0 ]; then echo_i "failed"; fi 623status=$((status+ret)) 624 625n=$((n+1)) 626echo_i "checking that dom8.example. is AXFR accessible from 10.53.0.2 ($n)" 627ret=0 628dig_with_opts @10.53.0.2 axfr dom8.example. -b 10.53.0.2 > dig.out.test$n 629grep -v "Transfer failed." dig.out.test$n > /dev/null || ret=1 630if [ $ret -ne 0 ]; then echo_i "failed"; fi 631status=$((status+ret)) 632 633nextpart ns2/named.run >/dev/null 634n=$((n+1)) 635echo_i "deleting global allow-query and allow-domain ACLs ($n)" 636ret=0 637$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 638 server 10.53.0.1 ${PORT} 639 update delete allow-query.catalog1.example. 3600 IN APL 1:10.53.0.1/32 640 update delete allow-transfer.catalog1.example. 3600 IN APL 1:10.53.0.2/32 641 send 642END 643if [ $ret -ne 0 ]; then echo_i "failed"; fi 644status=$((status+ret)) 645ret=0 646wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 647if [ $ret -ne 0 ]; then echo_i "failed"; fi 648status=$((status+ret)) 649 650n=$((n+1)) 651echo_i "checking that dom8.example. is accessible from 10.53.0.1 ($n)" 652ret=0 653wait_for_soa @10.53.0.2 dom8.example. dig.out.test$n -b 10.53.0.1 || ret=1 654if [ $ret -ne 0 ]; then echo_i "failed"; fi 655status=$((status+ret)) 656 657n=$((n+1)) 658echo_i "checking that dom8.example. is accessible from 10.53.0.2 ($n)" 659ret=0 660wait_for_soa @10.53.0.2 dom8.example. dig.out.test$n -b 10.53.0.2 || ret=1 661if [ $ret -ne 0 ]; then echo_i "failed"; fi 662status=$((status+ret)) 663 664n=$((n+1)) 665echo_i "checking that dom8.example. is AXFR accessible from 10.53.0.1 ($n)" 666ret=0 667dig_with_opts @10.53.0.2 axfr dom8.example. -b 10.53.0.1 > dig.out.test$n 668grep -v "Transfer failed." dig.out.test$n > /dev/null || ret=1 669if [ $ret -ne 0 ]; then echo_i "failed"; fi 670status=$((status+ret)) 671 672n=$((n+1)) 673echo_i "checking that dom8.example. is AXFR accessible from 10.53.0.2 ($n)" 674ret=0 675dig_with_opts @10.53.0.2 axfr dom8.example. -b 10.53.0.2 > dig.out.test$n 676grep -v "Transfer failed." dig.out.test$n > /dev/null || ret=1 677if [ $ret -ne 0 ]; then echo_i "failed"; fi 678status=$((status+ret)) 679 680 681########################################################################## 682echo_i "Testing TSIG keys for masters set per-domain" 683n=$((n+1)) 684echo_i "adding a domain dom9.example. to primary via RNDC, with transfers allowed only with TSIG key ($n)" 685ret=0 686echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom9.example.db 687echo "@ IN NS invalid." >> ns1/dom9.example.db 688rndccmd 10.53.0.1 addzone dom9.example. '{type primary; file "dom9.example.db"; allow-transfer { key tsig_key; }; };' || ret=1 689if [ $ret -ne 0 ]; then echo_i "failed"; fi 690status=$((status+ret)) 691 692n=$((n+1)) 693echo_i "checking that dom9.example. is now served by primary ($n)" 694ret=0 695wait_for_soa @10.53.0.1 dom9.example. dig.out.test$n || ret=1 696if [ $ret -ne 0 ]; then echo_i "failed"; fi 697status=$((status+ret)) 698 699nextpart ns2/named.run >/dev/null 700 701n=$((n+1)) 702echo_i "adding domain dom9.example. to catalog1 zone with a valid masters suboption (IP with TSIG) ($n)" 703ret=0 704$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 705 server 10.53.0.1 ${PORT} 706 update add f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN PTR dom9.example. 707 update add label1.primaries.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN A 10.53.0.1 708 update add label1.primaries.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "tsig_key" 709 send 710END 711if [ $ret -ne 0 ]; then echo_i "failed"; fi 712status=$((status+ret)) 713 714n=$((n+1)) 715echo_i "waiting for secondary to sync up ($n)" 716ret=0 717wait_for_message ns2/named.run "catz: adding zone 'dom9.example' from catalog 'catalog1.example'" && 718wait_for_message ns2/named.run "transfer of 'dom9.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 719if [ $ret -ne 0 ]; then echo_i "failed"; fi 720status=$((status+ret)) 721 722n=$((n+1)) 723echo_i "checking that dom9.example. is accessible on secondary ($n)" 724ret=0 725wait_for_soa @10.53.0.2 dom9.example. dig.out.test$n || ret=1 726if [ $ret -ne 0 ]; then echo_i "failed"; fi 727status=$((status+ret)) 728 729n=$((n+1)) 730echo_i "deleting domain dom9.example. from catalog1 zone ($n)" 731ret=0 732$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 733 server 10.53.0.1 ${PORT} 734 update delete f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN PTR dom9.example. 735 update delete label1.primaries.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN A 10.53.0.1 736 update delete label1.primaries.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "tsig_key" 737 send 738END 739if [ $ret -ne 0 ]; then echo_i "failed"; fi 740status=$((status+ret)) 741 742n=$((n+1)) 743echo_i "waiting for secondary to sync up ($n)" 744ret=0 745wait_for_message ns2/named.run "catz: deleting zone 'dom9.example' from catalog 'catalog1.example' - success" || ret=1 746if [ $ret -ne 0 ]; then echo_i "failed"; fi 747status=$((status+ret)) 748 749n=$((n+1)) 750echo_i "checking that dom9.example. is no longer accessible on secondary ($n)" 751ret=0 752wait_for_no_soa @10.53.0.2 dom9.example. dig.out.test$n || ret=1 753if [ $ret -ne 0 ]; then echo_i "failed"; fi 754status=$((status+ret)) 755 756nextpart ns2/named.run >/dev/null 757 758n=$((n+1)) 759echo_i "adding domain dom9.example. to catalog1 zone with an invalid masters suboption (TSIG without IP) ($n)" 760ret=0 761$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 762 server 10.53.0.1 ${PORT} 763 update add f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN PTR dom9.example. 764 update add label1.primaries.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "tsig_key" 765 send 766END 767if [ $ret -ne 0 ]; then echo_i "failed"; fi 768status=$((status+ret)) 769 770n=$((n+1)) 771echo_i "waiting for secondary to sync up ($n)" 772ret=0 773wait_for_message ns2/named.run "catz: adding zone 'dom9.example' from catalog 'catalog1.example'" && 774wait_for_message ns2/named.run "error \"failure\" while trying to generate config for zone \"dom9.example\"" || ret=1 775if [ $ret -ne 0 ]; then echo_i "failed"; fi 776status=$((status+ret)) 777 778n=$((n+1)) 779echo_i "deleting domain dom9.example. from catalog1 zone ($n)" 780ret=0 781$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 782 server 10.53.0.1 ${PORT} 783 update delete f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN PTR dom9.example. 784 update delete label1.primaries.f0f989bc71c5c8ca3a1eb9c9ab5246521907e3af.zones.catalog1.example. 3600 IN TXT "tsig_key" 785 send 786END 787if [ $ret -ne 0 ]; then echo_i "failed"; fi 788status=$((status+ret)) 789 790n=$((n+1)) 791echo_i "waiting for secondary to sync up ($n)" 792ret=0 793wait_for_message ns2/named.run "catz: deleting zone 'dom9.example' from catalog 'catalog1.example'" || ret=1 794if [ $ret -ne 0 ]; then echo_i "failed"; fi 795status=$((status+ret)) 796 797########################################################################## 798echo_i "Testing catalog entries that can't be represented as filenames" 799# note: we need 4 backslashes in the shell to get 2 backslashes in DNS 800# presentation format, which is 1 backslash on the wire. 801for special in \ 802 this.is.a.very.very.long.long.long.domain.that.will.cause.catalog.zones.to.generate.hash.instead.of.using.regular.filename.dom10.example \ 803 this.zone/domain.has.a.slash.dom10.example \ 804 this.zone\\\\domain.has.backslash.dom10.example \ 805 this.zone:domain.has.a.colon.dom.10.example 806do 807 # hashes below are generated by: 808 # python ${TOP}/contrib/scripts/catzhash.py "${special}" 809 810 case "$special" in 811 this.is.a.very.very.long.long.long.domain.that.will.cause.catalog.zones.to.generate.hash.instead.of.using.regular.filename.dom10.example) 812 hash=825f48b1ce1b4cf5a041d20255a0c8e98d114858 813 db=__catz__4d70696f2335687069467f11f5d5378c480383f97782e553fb2d04a7bb2a23ed.db 814 ;; 815 this.zone/domain.has.a.slash.dom10.example) 816 hash=e64cc64c99bf52d0a77fb16dd7ed57cf925a36aa 817 db=__catz__46ba3e1b28d5955e5313d5fee61bedc78c71d08035aa7ea2f7bf0b8228ab3acc.db 818 ;; 819 this.zone\\\\domain.has.backslash.dom10.example) 820 hash=91e27e02153d38cf656a9b376d7747fbcd19f985 821 db=__catz__b667f7ff802c0895e0506699951cff9a1cab68c5ef8546aa0d07425f244ed870.db 822 ;; 823 this.zone:domain.has.a.colon.dom.10.example) 824 hash=8b7238bf4c34045834c573ba4116557ebb24d33c 825 db=__catz__5c721f7872913a4e7fa8ad42589cce5dd6e551a4c9e6ab3f86e77c0bbc7c2ca6.db 826 ;; 827 esac 828 829 n=$((n+1)) 830 echo_i "checking that ${special}. is not served by primary ($n)" 831 ret=0 832 wait_for_no_soa @10.53.0.1 "${special}" dig.out.test$n || ret=1 833 if [ $ret -ne 0 ]; then echo_i "failed"; fi 834 status=$((status+ret)) 835 836 n=$((n+1)) 837 echo_i "Adding a domain ${special}. to primary via RNDC ($n)" 838 ret=0 839 echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom10.example.db 840 echo "@ IN NS invalid." >> ns1/dom10.example.db 841 rndccmd 10.53.0.1 addzone '"'"${special}"'"' '{type primary; file "dom10.example.db";};' || ret=1 842 if [ $ret -ne 0 ]; then echo_i "failed"; fi 843 status=$((status+ret)) 844 845 n=$((n+1)) 846 echo_i "checking that ${special}. is now served by primary ($n)" 847 ret=0 848 wait_for_soa @10.53.0.1 "${special}." dig.out.test$n || ret=1 849 if [ $ret -ne 0 ]; then echo_i "failed"; fi 850 status=$((status+ret)) 851 852 nextpart ns2/named.run >/dev/null 853 854 n=$((n+1)) 855 echo_i "Adding domain ${special}. to catalog1 zone ($n)" 856 ret=0 857 $NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 858 server 10.53.0.1 ${PORT} 859 update add ${hash}.zones.catalog1.example 3600 IN PTR ${special}. 860 send 861END 862 if [ $ret -ne 0 ]; then echo_i "failed"; fi 863 status=$((status+ret)) 864 865 n=$((n+1)) 866 echo_i "waiting for secondary to sync up ($n)" 867 ret=0 868 wait_for_message ns2/named.run "catz: adding zone '$special' from catalog 'catalog1.example'" && 869 wait_for_message ns2/named.run "transfer of '$special/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 870 if [ $ret -ne 0 ]; then echo_i "failed"; fi 871 status=$((status+ret)) 872 873 n=$((n+1)) 874 echo_i "checking that ${special}. is served by secondary ($n)" 875 ret=0 876 wait_for_soa @10.53.0.2 "${special}." dig.out.test$n || ret=1 877 if [ $ret -ne 0 ]; then echo_i "failed"; fi 878 status=$((status+ret)) 879 880 n=$((n+1)) 881 echo_i "checking that zone-directory is populated with a hashed filename ($n)" 882 ret=0 883 wait_for_zonefile "ns2/zonedir/$db" || ret=1 884 if [ $ret -ne 0 ]; then echo_i "failed"; fi 885 status=$((status+ret)) 886 887 n=$((n+1)) 888 echo_i "removing domain ${special}. from catalog1 zone ($n)" 889 ret=0 890 $NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 891 server 10.53.0.1 ${PORT} 892 update delete ${hash}.zones.catalog1.example 893 send 894END 895 if [ $ret -ne 0 ]; then echo_i "failed"; fi 896 status=$((status+ret)) 897 898 n=$((n+1)) 899 echo_i "waiting for secondary to sync up ($n)" 900 ret=0 901 wait_for_message ns2/named.run "zone_shutdown: zone ${special}/IN: shutting down" || ret=1 902 if [ $ret -ne 0 ]; then echo_i "failed"; fi 903 status=$((status+ret)) 904 905 n=$((n+1)) 906 echo_i "checking that ${special}. is not served by secondary ($n)" 907 ret=0 908 wait_for_no_soa @10.53.0.2 "${special}." dig.out.test$n || ret=1 909 if [ $ret -ne 0 ]; then echo_i "failed"; fi 910 status=$((status+ret)) 911 912 n=$((n+1)) 913 echo_i "checking that zone-directory is emptied ($n)" 914 ret=0 915 wait_for_no_zonefile "ns2/zonedir/$db" || ret=1 916 wait_for_no_zonefile "ns2/zonedir/$db.jnl" || ret=1 917 if [ $ret -ne 0 ]; then echo_i "failed"; fi 918 status=$((status+ret)) 919done 920 921########################################################################## 922echo_i "Testing adding a domain and a subdomain of it" 923n=$((n+1)) 924echo_i "checking that dom11.example. is not served by primary ($n)" 925ret=0 926wait_for_no_soa @10.53.0.1 dom11.example. dig.out.test$n || ret=1 927if [ $ret -ne 0 ]; then echo_i "failed"; fi 928status=$((status+ret)) 929 930n=$((n+1)) 931echo_i "Adding a domain dom11.example. to primary via RNDC ($n)" 932ret=0 933echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom11.example.db 934echo "@ IN NS invalid." >> ns1/dom11.example.db 935rndccmd 10.53.0.1 addzone dom11.example. '{type primary; file "dom11.example.db";};' || ret=1 936if [ $ret -ne 0 ]; then echo_i "failed"; fi 937status=$((status+ret)) 938 939n=$((n+1)) 940echo_i "checking that dom11.example. is now served by primary ($n)" 941ret=0 942wait_for_soa @10.53.0.1 dom11.example. dig.out.test$n || ret=1 943if [ $ret -ne 0 ]; then echo_i "failed"; fi 944status=$((status+ret)) 945 946nextpart ns2/named.run >/dev/null 947 948n=$((n+1)) 949echo_i "Adding domain dom11.example. to catalog1 zone ($n)" 950ret=0 951$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 952 server 10.53.0.1 ${PORT} 953 update add 0580d70e769c86c8b951a488d8b776627f427d7a.zones.catalog1.example. 3600 IN PTR dom11.example. 954 send 955END 956if [ $ret -ne 0 ]; then echo_i "failed"; fi 957status=$((status+ret)) 958 959n=$((n+1)) 960echo_i "waiting for secondary to sync up ($n)" 961ret=0 962wait_for_message ns2/named.run "catz: adding zone 'dom11.example' from catalog 'catalog1.example'" && 963wait_for_message ns2/named.run "transfer of 'dom11.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 964if [ $ret -ne 0 ]; then echo_i "failed"; fi 965status=$((status+ret)) 966 967n=$((n+1)) 968echo_i "checking that dom11.example. is served by secondary ($n)" 969ret=0 970wait_for_soa @10.53.0.2 dom11.example. dig.out.test$n || ret=1 971if [ $ret -ne 0 ]; then echo_i "failed"; fi 972status=$((status+ret)) 973 974n=$((n+1)) 975echo_i "checking that subdomain.of.dom11.example. is not served by primary ($n)" 976ret=0 977wait_for_rcode NXDOMAIN SOA @10.53.0.1 subdomain.of.dom11.example. dig.out.test$n || ret=1 978if [ $ret -ne 0 ]; then echo_i "failed"; fi 979status=$((status+ret)) 980 981n=$((n+1)) 982echo_i "Adding a domain subdomain.of.dom11.example. to primary via RNDC ($n)" 983ret=0 984echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/subdomain.of.dom11.example.db 985echo "@ IN NS invalid." >> ns1/subdomain.of.dom11.example.db 986rndccmd 10.53.0.1 addzone subdomain.of.dom11.example. '{type primary; file "subdomain.of.dom11.example.db";};' || ret=1 987if [ $ret -ne 0 ]; then echo_i "failed"; fi 988status=$((status+ret)) 989 990n=$((n+1)) 991echo_i "checking that subdomain.of.dom11.example. is now served by primary ($n)" 992ret=0 993wait_for_soa @10.53.0.1 subdomain.of.dom11.example. dig.out.test$n || ret=1 994if [ $ret -ne 0 ]; then echo_i "failed"; fi 995status=$((status+ret)) 996 997nextpart ns2/named.run >/dev/null 998 999n=$((n+1)) 1000echo_i "Adding domain subdomain.of.dom11.example. to catalog1 zone ($n)" 1001ret=0 1002$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1003 server 10.53.0.1 ${PORT} 1004 update add 25557e0bdd10cb3710199bb421b776df160f241e.zones.catalog1.example. 3600 IN PTR subdomain.of.dom11.example. 1005 send 1006END 1007if [ $ret -ne 0 ]; then echo_i "failed"; fi 1008status=$((status+ret)) 1009 1010n=$((n+1)) 1011echo_i "waiting for secondary to sync up ($n)" 1012ret=0 1013wait_for_message ns2/named.run "catz: adding zone 'subdomain.of.dom11.example' from catalog 'catalog1.example'" && 1014wait_for_message ns2/named.run "transfer of 'subdomain.of.dom11.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1015if [ $ret -ne 0 ]; then echo_i "failed"; fi 1016status=$((status+ret)) 1017 1018n=$((n+1)) 1019echo_i "checking that subdomain.of.dom11.example. is served by secondary ($n)" 1020ret=0 1021wait_for_soa @10.53.0.2 subdomain.of.dom11.example. dig.out.test$n || ret=1 1022if [ $ret -ne 0 ]; then echo_i "failed"; fi 1023status=$((status+ret)) 1024 1025n=$((n+1)) 1026echo_i "removing domain dom11.example. from catalog1 zone ($n)" 1027ret=0 1028$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1029 server 10.53.0.1 ${PORT} 1030 update delete 0580d70e769c86c8b951a488d8b776627f427d7a.zones.catalog1.example 1031 send 1032END 1033if [ $ret -ne 0 ]; then echo_i "failed"; fi 1034status=$((status+ret)) 1035 1036n=$((n+1)) 1037echo_i "waiting for secondary to sync up ($n)" 1038ret=0 1039wait_for_message ns2/named.run "zone_shutdown: zone dom11.example/IN: shutting down" || ret=1 1040if [ $ret -ne 0 ]; then echo_i "failed"; fi 1041status=$((status+ret)) 1042 1043n=$((n+1)) 1044echo_i "checking that dom11.example. is not served by secondary ($n)" 1045ret=0 1046wait_for_no_soa @10.53.0.2 dom11.example. dig.out.test$n || ret=1 1047if [ $ret -ne 0 ]; then echo_i "failed"; fi 1048status=$((status+ret)) 1049 1050n=$((n+1)) 1051echo_i "checking that subdomain.of.dom11.example. is still served by secondary ($n)" 1052ret=0 1053wait_for_soa @10.53.0.2 subdomain.of.dom11.example. dig.out.test$n || ret=1 1054if [ $ret -ne 0 ]; then echo_i "failed"; fi 1055status=$((status+ret)) 1056 1057n=$((n+1)) 1058echo_i "removing domain subdomain.of.dom11.example. from catalog1 zone ($n)" 1059ret=0 1060$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1061 server 10.53.0.1 ${PORT} 1062 update delete 25557e0bdd10cb3710199bb421b776df160f241e.zones.catalog1.example 1063 send 1064END 1065if [ $ret -ne 0 ]; then echo_i "failed"; fi 1066status=$((status+ret)) 1067 1068n=$((n+1)) 1069echo_i "waiting for secondary to sync up ($n)" 1070ret=0 1071wait_for_message ns2/named.run "zone_shutdown: zone subdomain.of.dom11.example/IN: shutting down" || ret=1 1072if [ $ret -ne 0 ]; then echo_i "failed"; fi 1073status=$((status+ret)) 1074 1075n=$((n+1)) 1076echo_i "checking that subdomain.of.dom11.example. is not served by secondary ($n)" 1077ret=0 1078wait_for_no_soa @10.53.0.2 subdomain.of.d11.example. dig.out.test$n || ret=1 1079if [ $ret -ne 0 ]; then echo_i "failed"; fi 1080status=$((status+ret)) 1081 1082########################################################################## 1083echo_i "Testing adding a catalog zone at runtime with rndc reconfig" 1084n=$((n+1)) 1085echo_i "checking that dom12.example. is not served by primary ($n)" 1086ret=0 1087wait_for_no_soa @10.53.0.1 dom12.example. dig.out.test$n || ret=1 1088if [ $ret -ne 0 ]; then echo_i "failed"; fi 1089status=$((status+ret)) 1090 1091n=$((n+1)) 1092echo_i "Adding a domain dom12.example. to primary via RNDC ($n)" 1093ret=0 1094echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom12.example.db 1095echo "@ IN NS invalid." >> ns1/dom12.example.db 1096rndccmd 10.53.0.1 addzone dom12.example. '{type primary; file "dom12.example.db";};' || ret=1 1097if [ $ret -ne 0 ]; then echo_i "failed"; fi 1098status=$((status+ret)) 1099 1100n=$((n+1)) 1101echo_i "checking that dom12.example. is now served by primary ($n)" 1102ret=0 1103wait_for_soa @10.53.0.1 dom12.example. dig.out.test$n || ret=1 1104if [ $ret -ne 0 ]; then echo_i "failed"; fi 1105status=$((status+ret)) 1106 1107nextpart ns2/named.run >/dev/null 1108 1109n=$((n+1)) 1110echo_i "Adding domain dom12.example. to catalog4 zone ($n)" 1111ret=0 1112$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1113 server 10.53.0.1 ${PORT} 1114 update add 871d51e5433543c0f6fb263c40f359fbc152c8ae.zones.catalog4.example. 3600 IN PTR dom12.example. 1115 send 1116END 1117if [ $ret -ne 0 ]; then echo_i "failed"; fi 1118status=$((status+ret)) 1119 1120n=$((n+1)) 1121echo_i "checking that dom12.example. is not served by secondary ($n)" 1122ret=0 1123wait_for_no_soa @10.53.0.2 dom12.example. dig.out.test$n || ret=1 1124if [ $ret -ne 0 ]; then echo_i "failed"; fi 1125status=$((status+ret)) 1126 1127 1128n=$((n+1)) 1129echo_i "reconfiguring secondary - adding catalog4 catalog zone ($n)" 1130ret=0 1131sed -e "s/^#T1//g" < ns2/named.conf.in > ns2/named.conf.tmp 1132copy_setports ns2/named.conf.tmp ns2/named.conf 1133rndccmd 10.53.0.2 reconfig || ret=1 1134if [ $ret -ne 0 ]; then echo_i "failed"; fi 1135status=$((status+ret)) 1136 1137n=$((n+1)) 1138echo_i "waiting for secondary to sync up ($n)" 1139ret=0 1140wait_for_message ns2/named.run "catz: adding zone 'dom12.example' from catalog 'catalog4.example'" && 1141wait_for_message ns2/named.run "transfer of 'dom12.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1142if [ $ret -ne 0 ]; then echo_i "failed"; fi 1143status=$((status+ret)) 1144 1145n=$((n+1)) 1146echo_i "checking that dom7.example. is still served by secondary after reconfiguration ($n)" 1147ret=0 1148wait_for_soa @10.53.0.2 dom7.example. dig.out.test$n -b 10.53.0.1 || ret=1 1149if [ $ret -ne 0 ]; then echo_i "failed"; fi 1150status=$((status+ret)) 1151n=$((n+1)) 1152 1153echo_i "checking that dom12.example. is served by secondary ($n)" 1154ret=0 1155wait_for_soa @10.53.0.2 dom12.example. dig.out.test$n || ret=1 1156if [ $ret -ne 0 ]; then echo_i "failed"; fi 1157status=$((status+ret)) 1158 1159n=$((n+1)) 1160echo_i "reconfiguring secondary - removing catalog4 catalog zone, adding non-existent catalog5 catalog zone ($n)" 1161ret=0 1162sed -e "s/^#T2//" < ns2/named.conf.in > ns2/named.conf.tmp 1163copy_setports ns2/named.conf.tmp ns2/named.conf 1164$RNDC -c ../common/rndc.conf -s 10.53.0.2 -p 9953 reconfig > /dev/null 2>&1 && ret=1 1165if [ $ret -ne 0 ]; then echo_i "failed"; fi 1166status=$((status+ret)) 1167 1168n=$((n+1)) 1169echo_i "reconfiguring secondary - removing non-existent catalog5 catalog zone ($n)" 1170ret=0 1171copy_setports ns2/named.conf.in ns2/named.conf 1172rndccmd 10.53.0.2 reconfig || ret=1 1173if [ $ret -ne 0 ]; then echo_i "failed"; fi 1174status=$((status+ret)) 1175 1176n=$((n+1)) 1177echo_i "checking that dom12.example. is not served by secondary ($n)" 1178ret=0 1179wait_for_no_soa @10.53.0.2 dom12.example. dig.out.test$n || ret=1 1180if [ $ret -ne 0 ]; then echo_i "failed"; fi 1181status=$((status+ret)) 1182 1183n=$((n+1)) 1184echo_i "removing domain dom12.example. from catalog4 zone ($n)" 1185ret=0 1186$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1187 server 10.53.0.1 ${PORT} 1188 update delete 871d51e5433543c0f6fb263c40f359fbc152c8ae.zones.catalog4.example. 3600 IN PTR dom12.example. 1189 send 1190END 1191if [ $ret -ne 0 ]; then echo_i "failed"; fi 1192status=$((status+ret)) 1193 1194########################################################################## 1195echo_i "Testing having a zone in two different catalogs" 1196n=$((n+1)) 1197echo_i "checking that dom13.example. is not served by primary ($n)" 1198ret=0 1199wait_for_no_soa @10.53.0.1 dom13.example. dig.out.test$n || ret=1 1200if [ $ret -ne 0 ]; then echo_i "failed"; fi 1201status=$((status+ret)) 1202 1203n=$((n+1)) 1204echo_i "Adding a domain dom13.example. to primary ns1 via RNDC ($n)" 1205ret=0 1206echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom13.example.db 1207echo "@ IN NS invalid." >> ns1/dom13.example.db 1208echo "@ IN A 192.0.2.1" >> ns1/dom13.example.db 1209rndccmd 10.53.0.1 addzone dom13.example. '{type primary; file "dom13.example.db";};' || ret=1 1210if [ $ret -ne 0 ]; then echo_i "failed"; fi 1211status=$((status+ret)) 1212 1213n=$((n+1)) 1214echo_i "checking that dom13.example. is now served by primary ns1 ($n)" 1215ret=0 1216wait_for_soa @10.53.0.1 dom13.example. dig.out.test$n || ret=1 1217if [ $ret -ne 0 ]; then echo_i "failed"; fi 1218status=$((status+ret)) 1219 1220n=$((n+1)) 1221echo_i "Adding a domain dom13.example. to primary ns3 via RNDC ($n)" 1222ret=0 1223echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns3/dom13.example.db 1224echo "@ IN NS invalid." >> ns3/dom13.example.db 1225echo "@ IN A 192.0.2.2" >> ns3/dom13.example.db 1226rndccmd 10.53.0.3 addzone dom13.example. '{type primary; file "dom13.example.db";};' || ret=1 1227if [ $ret -ne 0 ]; then echo_i "failed"; fi 1228status=$((status+ret)) 1229 1230n=$((n+1)) 1231echo_i "checking that dom13.example. is now served by primary ns3 ($n)" 1232ret=0 1233wait_for_soa @10.53.0.3 dom13.example. dig.out.test$n || ret=1 1234if [ $ret -ne 0 ]; then echo_i "failed"; fi 1235status=$((status+ret)) 1236 1237 1238nextpart ns2/named.run >/dev/null 1239 1240n=$((n+1)) 1241echo_i "Adding domain dom13.example. to catalog1 zone with ns1 as primary ($n)" 1242ret=0 1243$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1244 server 10.53.0.1 ${PORT} 1245 update add 8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog1.example. 3600 IN PTR dom13.example. 1246 update add masters.8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog1.example. 3600 IN A 10.53.0.1 1247 send 1248END 1249if [ $ret -ne 0 ]; then echo_i "failed"; fi 1250status=$((status+ret)) 1251 1252n=$((n+1)) 1253echo_i "waiting for secondary to sync up ($n)" 1254ret=0 1255wait_for_message ns2/named.run "catz: adding zone 'dom13.example' from catalog 'catalog1.example'" && 1256wait_for_message ns2/named.run "transfer of 'dom13.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1257if [ $ret -ne 0 ]; then echo_i "failed"; fi 1258status=$((status+ret)) 1259 1260nextpart ns2/named.run >/dev/null 1261 1262n=$((n+1)) 1263echo_i "checking that dom13.example. is served by secondary and that it's the one from ns1 ($n)" 1264ret=0 1265wait_for_a @10.53.0.2 dom13.example. dig.out.test$n || ret=1 1266grep "192.0.2.1" dig.out.test$n > /dev/null || ret=1 1267if [ $ret -ne 0 ]; then echo_i "failed"; fi 1268status=$((status+ret)) 1269 1270n=$((n+1)) 1271echo_i "Adding domain dom13.example. to catalog2 zone with ns3 as primary ($n)" 1272ret=0 1273$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1274 server 10.53.0.3 ${PORT} 1275 update add 8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog2.example. 3600 IN PTR dom13.example. 1276 update add masters.8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog2.example. 3600 IN A 10.53.0.3 1277 send 1278END 1279if [ $ret -ne 0 ]; then echo_i "failed"; fi 1280status=$((status+ret)) 1281 1282n=$((n+1)) 1283echo_i "waiting for secondary to sync up ($n)" 1284ret=0 1285wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1286if [ $ret -ne 0 ]; then echo_i "failed"; fi 1287status=$((status+ret)) 1288 1289n=$((n+1)) 1290echo_i "checking that dom13.example. is served by secondary and that it's still the one from ns1 ($n)" 1291ret=0 1292wait_for_a @10.53.0.2 dom13.example. dig.out.test$n || ret=1 1293grep "192.0.2.1" dig.out.test$n > /dev/null || ret=1 1294if [ $ret -ne 0 ]; then echo_i "failed"; fi 1295status=$((status+ret)) 1296 1297nextpart ns2/named.run >/dev/null 1298 1299n=$((n+1)) 1300echo_i "Deleting domain dom13.example. from catalog2 ($n)" 1301ret=0 1302$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1303 server 10.53.0.3 ${PORT} 1304 update delete 8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog2.example. 3600 IN PTR dom13.example. 1305 update delete masters.8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog2.example. 3600 IN A 10.53.0.3 1306 send 1307END 1308if [ $ret -ne 0 ]; then echo_i "failed"; fi 1309status=$((status+ret)) 1310 1311n=$((n+1)) 1312echo_i "waiting for secondary to sync up ($n)" 1313ret=0 1314wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1315if [ $ret -ne 0 ]; then echo_i "failed"; fi 1316status=$((status+ret)) 1317 1318n=$((n+1)) 1319echo_i "checking that dom13.example. is served by secondary and that it's still the one from ns1 ($n)" 1320ret=0 1321wait_for_a @10.53.0.2 dom13.example. dig.out.test$n || ret=1 1322grep "192.0.2.1" dig.out.test$n > /dev/null || ret=1 1323if [ $ret -ne 0 ]; then echo_i "failed"; fi 1324status=$((status+ret)) 1325 1326n=$((n+1)) 1327echo_i "Deleting domain dom13.example. from catalog1 ($n)" 1328ret=0 1329$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1330 server 10.53.0.1 ${PORT} 1331 update delete 8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog1.example. 3600 IN PTR dom13.example. 1332 update delete masters.8d7989c746b3f92b3bba2479e72afd977198363f.zones.catalog1.example. 3600 IN A 10.53.0.2 1333 send 1334END 1335if [ $ret -ne 0 ]; then echo_i "failed"; fi 1336status=$((status+ret)) 1337 1338n=$((n+1)) 1339echo_i "waiting for secondary to sync up ($n)" 1340ret=0 1341wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1342if [ $ret -ne 0 ]; then echo_i "failed"; fi 1343status=$((status+ret)) 1344 1345n=$((n+1)) 1346echo_i "checking that dom13.example. is no longer served by secondary ($n)" 1347ret=0 1348wait_for_no_soa @10.53.0.2 dom13.example. dig.out.test$n || ret=1 1349if [ $ret -ne 0 ]; then echo_i "failed"; fi 1350status=$((status+ret)) 1351 1352########################################################################## 1353echo_i "Testing having a regular zone and a zone in catalog zone of the same name" 1354n=$((n+1)) 1355echo_i "checking that dom14.example. is not served by primary ($n)" 1356ret=0 1357wait_for_no_soa @10.53.0.1 dom14.example. dig.out.test$n || ret=1 1358if [ $ret -ne 0 ]; then echo_i "failed"; fi 1359status=$((status+ret)) 1360 1361n=$((n+1)) 1362echo_i "Adding a domain dom14.example. to primary ns1 via RNDC ($n)" 1363ret=0 1364echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom14.example.db 1365echo "@ IN NS invalid." >> ns1/dom14.example.db 1366echo "@ IN A 192.0.2.1" >> ns1/dom14.example.db 1367rndccmd 10.53.0.1 addzone dom14.example. '{type primary; file "dom14.example.db";};' || ret=1 1368if [ $ret -ne 0 ]; then echo_i "failed"; fi 1369status=$((status+ret)) 1370 1371n=$((n+1)) 1372echo_i "checking that dom14.example. is now served by primary ns1 ($n)" 1373ret=0 1374wait_for_soa @10.53.0.1 dom14.example. dig.out.test$n || ret=1 1375if [ $ret -ne 0 ]; then echo_i "failed"; fi 1376status=$((status+ret)) 1377 1378n=$((n+1)) 1379echo_i "Adding a domain dom14.example. to primary ns3 via RNDC ($n)" 1380ret=0 1381echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns3/dom14.example.db 1382echo "@ IN NS invalid." >> ns3/dom14.example.db 1383echo "@ IN A 192.0.2.2" >> ns3/dom14.example.db 1384rndccmd 10.53.0.3 addzone dom14.example. '{type primary; file "dom14.example.db";};' || ret=1 1385if [ $ret -ne 0 ]; then echo_i "failed"; fi 1386status=$((status+ret)) 1387 1388n=$((n+1)) 1389echo_i "checking that dom14.example. is now served by primary ns3 ($n)" 1390ret=0 1391wait_for_soa @10.53.0.3 dom14.example. dig.out.test$n || ret=1 1392if [ $ret -ne 0 ]; then echo_i "failed"; fi 1393status=$((status+ret)) 1394 1395nextpart ns2/named.run >/dev/null 1396 1397n=$((n+1)) 1398echo_i "Adding domain dom14.example. with rndc with ns1 as primary ($n)" 1399ret=0 1400rndccmd 10.53.0.2 addzone dom14.example. '{type secondary; primaries {10.53.0.1;};};' || ret=1 1401if [ $ret -ne 0 ]; then echo_i "failed"; fi 1402status=$((status+ret)) 1403 1404n=$((n+1)) 1405echo_i "waiting for secondary to sync up ($n)" 1406ret=0 1407wait_for_message ns2/named.run "transfer of 'dom14.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1408if [ $ret -ne 0 ]; then echo_i "failed"; fi 1409status=$((status+ret)) 1410 1411nextpart ns2/named.run >/dev/null 1412 1413n=$((n+1)) 1414echo_i "checking that dom14.example. is served by secondary and that it's the one from ns1 ($n)" 1415ret=0 1416wait_for_a @10.53.0.2 dom14.example. dig.out.test$n || ret=1 1417grep "192.0.2.1" dig.out.test$n > /dev/null || ret=1 1418if [ $ret -ne 0 ]; then echo_i "failed"; fi 1419status=$((status+ret)) 1420 1421n=$((n+1)) 1422echo_i "Adding domain dom14.example. to catalog2 zone with ns3 as primary ($n)" 1423ret=0 1424$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1425 server 10.53.0.3 ${PORT} 1426 update add 45e3d45ea5f7bd01c395ccbde6ae2e750a3ee8ab.zones.catalog2.example. 3600 IN PTR dom14.example. 1427 update add masters.45e3d45ea5f7bd01c395ccbde6ae2e750a3ee8ab.zones.catalog2.example. 3600 IN A 10.53.0.3 1428 send 1429END 1430if [ $ret -ne 0 ]; then echo_i "failed"; fi 1431status=$((status+ret)) 1432 1433n=$((n+1)) 1434echo_i "waiting for secondary to sync up ($n)" 1435ret=0 1436wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1437if [ $ret -ne 0 ]; then echo_i "failed"; fi 1438status=$((status+ret)) 1439 1440n=$((n+1)) 1441echo_i "checking that dom14.example. is served by secondary and that it's still the one from ns1 ($n)" 1442ret=0 1443wait_for_a @10.53.0.2 dom14.example. dig.out.test$n || ret=1 1444grep "192.0.2.1" dig.out.test$n > /dev/null || ret=1 1445if [ $ret -ne 0 ]; then echo_i "failed"; fi 1446status=$((status+ret)) 1447 1448nextpart ns2/named.run >/dev/null 1449 1450n=$((n+1)) 1451echo_i "Deleting domain dom14.example. from catalog2 ($n)" 1452ret=0 1453$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1454 server 10.53.0.3 ${PORT} 1455 update delete 45e3d45ea5f7bd01c395ccbde6ae2e750a3ee8ab.zones.catalog2.example. 3600 IN PTR dom14.example. 1456 update delete masters.45e3d45ea5f7bd01c395ccbde6ae2e750a3ee8ab.zones.catalog2.example. 3600 IN A 10.53.0.3 1457 send 1458END 1459if [ $ret -ne 0 ]; then echo_i "failed"; fi 1460status=$((status+ret)) 1461 1462n=$((n+1)) 1463echo_i "waiting for secondary to sync up ($n)" 1464ret=0 1465wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1466if [ $ret -ne 0 ]; then echo_i "failed"; fi 1467status=$((status+ret)) 1468 1469n=$((n+1)) 1470echo_i "checking that dom14.example. is served by secondary and that it's still the one from ns1 ($n)" 1471ret=0 1472wait_for_a @10.53.0.2 dom14.example. dig.out.test$n || ret=1 1473grep "192.0.2.1" dig.out.test$n > /dev/null || ret=1 1474if [ $ret -ne 0 ]; then echo_i "failed"; fi 1475status=$((status+ret)) 1476 1477########################################################################## 1478echo_i "Testing changing label for a member zone" 1479n=$((n+1)) 1480echo_i "checking that dom15.example. is not served by primary ($n)" 1481ret=0 1482wait_for_no_soa @10.53.0.1 dom15.example. dig.out.test$n || ret=1 1483if [ $ret -ne 0 ]; then echo_i "failed"; fi 1484status=$((status+ret)) 1485 1486n=$((n+1)) 1487echo_i "Adding a domain dom15.example. to primary ns1 via RNDC ($n)" 1488ret=0 1489echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom15.example.db 1490echo "@ IN NS invalid." >> ns1/dom15.example.db 1491rndccmd 10.53.0.1 addzone dom15.example. '{type primary; file "dom15.example.db";};' || ret=1 1492if [ $ret -ne 0 ]; then echo_i "failed"; fi 1493status=$((status+ret)) 1494 1495n=$((n+1)) 1496echo_i "checking that dom15.example. is now served by primary ns1 ($n)" 1497ret=0 1498wait_for_soa @10.53.0.1 dom15.example. dig.out.test$n || ret=1 1499if [ $ret -ne 0 ]; then echo_i "failed"; fi 1500status=$((status+ret)) 1501 1502nextpart ns2/named.run >/dev/null 1503 1504echo_i "Adding domain dom15.example. to catalog1 zone with 'dom15label1' label ($n)" 1505ret=0 1506$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1507 server 10.53.0.1 ${PORT} 1508 update add dom15label1.zones.catalog1.example. 3600 IN PTR dom15.example. 1509 send 1510END 1511if [ $ret -ne 0 ]; then echo_i "failed"; fi 1512status=$((status+ret)) 1513 1514n=$((n+1)) 1515echo_i "waiting for secondary to sync up ($n)" 1516ret=0 1517wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1518if [ $ret -ne 0 ]; then echo_i "failed"; fi 1519status=$((status+ret)) 1520 1521sleep 3 1522 1523n=$((n+1)) 1524echo_i "checking that dom15.example. is served by secondary ($n)" 1525ret=0 1526wait_for_soa @10.53.0.2 dom15.example. dig.out.test$n || ret=1 1527if [ $ret -ne 0 ]; then echo_i "failed"; fi 1528status=$((status+ret)) 1529 1530nextpart ns2/named.run >/dev/null 1531 1532n=$((n+1)) 1533echo_i "Changing label of domain dom15.example. from 'dom15label1' to 'dom15label2' ($n)" 1534ret=0 1535$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1536 server 10.53.0.1 ${PORT} 1537 update delete dom15label1.zones.catalog1.example. 3600 IN PTR dom15.example. 1538 update add dom15label2.zones.catalog1.example. 3600 IN PTR dom15.example. 1539 send 1540END 1541if [ $ret -ne 0 ]; then echo_i "failed"; fi 1542status=$((status+ret)) 1543 1544n=$((n+1)) 1545echo_i "waiting for secondary to sync up ($n)" 1546ret=0 1547wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1548if [ $ret -ne 0 ]; then echo_i "failed"; fi 1549status=$((status+ret)) 1550 1551n=$((n+1)) 1552echo_i "checking that dom15.example. is served by secondary ($n)" 1553ret=0 1554wait_for_soa @10.53.0.2 dom15.example. dig.out.test$n || ret=1 1555if [ $ret -ne 0 ]; then echo_i "failed"; fi 1556status=$((status+ret)) 1557 1558########################################################################## 1559echo_i "Testing recreation of a manually deleted zone after a reload" 1560n=$((n+1)) 1561echo_i "checking that dom16.example. is not served by primary ($n)" 1562ret=0 1563wait_for_no_soa @10.53.0.1 dom16.example. dig.out.test$n || ret=1 1564if [ $ret -ne 0 ]; then echo_i "failed"; fi 1565status=$((status+ret)) 1566 1567n=$((n+1)) 1568echo_i "Adding a domain dom16.example. to primary ns1 via RNDC ($n)" 1569ret=0 1570echo "@ 3600 IN SOA . . 1 3600 3600 3600 3600" > ns1/dom16.example.db 1571echo "@ IN NS invalid." >> ns1/dom16.example.db 1572echo "@ IN A 192.0.2.1" >> ns1/dom16.example.db 1573rndccmd 10.53.0.1 addzone dom16.example. '{type primary; file "dom16.example.db";};' || ret=1 1574if [ $ret -ne 0 ]; then echo_i "failed"; fi 1575status=$((status+ret)) 1576 1577n=$((n+1)) 1578echo_i "checking that dom16.example. is now served by primary ns1 ($n)" 1579ret=0 1580wait_for_soa @10.53.0.1 dom16.example. dig.out.test$n || ret=1 1581if [ $ret -ne 0 ]; then echo_i "failed"; fi 1582status=$((status+ret)) 1583 1584nextpart ns2/named.run >/dev/null 1585 1586n=$((n+1)) 1587echo_i "Adding domain dom16.example. to catalog1 zone with ns1 as primary ($n)" 1588ret=0 1589$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1590 server 10.53.0.1 ${PORT} 1591 update add efe725d0cf430ffb113b9bcf59266f066a21216b.zones.catalog1.example. 3600 IN PTR dom16.example. 1592 update add masters.efe725d0cf430ffb113b9bcf59266f066a21216b.zones.catalog1.example. 3600 IN A 10.53.0.1 1593 send 1594END 1595if [ $ret -ne 0 ]; then echo_i "failed"; fi 1596status=$((status+ret)) 1597 1598n=$((n+1)) 1599echo_i "waiting for secondary to sync up ($n)" 1600ret=0 1601wait_for_message ns2/named.run "catz: adding zone 'dom16.example' from catalog 'catalog1.example'" && 1602wait_for_message ns2/named.run "transfer of 'dom16.example/IN' from 10.53.0.1#${PORT}: Transfer status: success" || ret=1 1603if [ $ret -ne 0 ]; then echo_i "failed"; fi 1604status=$((status+ret)) 1605 1606nextpart ns2/named.run >/dev/null 1607 1608n=$((n+1)) 1609echo_i "checking that dom16.example. is served by secondary and that it's the one from ns1 ($n)" 1610ret=0 1611wait_for_a @10.53.0.2 dom16.example. dig.out.test$n || ret=1 1612grep "192.0.2.1" dig.out.test$n > /dev/null || ret=1 1613if [ $ret -ne 0 ]; then echo_i "failed"; fi 1614status=$((status+ret)) 1615 1616nextpart ns2/named.run >/dev/null 1617 1618echo_i "Deleting dom16.example. from secondary ns2 via RNDC ($n)" 1619ret=0 1620rndccmd 10.53.0.2 delzone dom16.example. >/dev/null 2>&1 || ret=1 1621if [ $ret -ne 0 ]; then echo_i "failed"; fi 1622status=$((status+ret)) 1623 1624n=$((n+1)) 1625echo_i "checking that dom16.example. is no longer served by secondary ($n)" 1626ret=0 1627wait_for_no_soa @10.53.0.2 dom16.example. dig.out.test$n || ret=1 1628if [ $ret -ne 0 ]; then echo_i "failed"; fi 1629status=$((status+ret)) 1630 1631nextpart ns2/named.run >/dev/null 1632 1633echo_i "Reloading secondary ns2 via RNDC ($n)" 1634ret=0 1635rndccmd 10.53.0.2 reload >/dev/null 2>&1 || ret=1 1636if [ $ret -ne 0 ]; then echo_i "failed"; fi 1637status=$((status+ret)) 1638 1639n=$((n+1)) 1640echo_i "waiting for secondary to sync up ($n)" 1641ret=0 1642wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1643if [ $ret -ne 0 ]; then echo_i "failed"; fi 1644status=$((status+ret)) 1645 1646n=$((n+1)) 1647echo_i "checking that dom16.example. is served by secondary and that it's the one from ns1 ($n)" 1648ret=0 1649wait_for_a @10.53.0.2 dom16.example. dig.out.test$n || ret=1 1650grep "192.0.2.1" dig.out.test$n > /dev/null || ret=1 1651if [ $ret -ne 0 ]; then echo_i "failed"; fi 1652status=$((status+ret)) 1653 1654nextpart ns2/named.run >/dev/null 1655 1656n=$((n+1)) 1657echo_i "Deleting domain dom16.example. from catalog1 ($n)" 1658ret=0 1659$NSUPDATE -d <<END >> nsupdate.out.test$n 2>&1 || ret=1 1660 server 10.53.0.1 ${PORT} 1661 update delete efe725d0cf430ffb113b9bcf59266f066a21216b.zones.catalog1.example. 3600 IN PTR dom16.example. 1662 update delete masters.efe725d0cf430ffb113b9bcf59266f066a21216b.zones.catalog1.example. 3600 IN A 10.53.0.1 1663 send 1664END 1665if [ $ret -ne 0 ]; then echo_i "failed"; fi 1666status=$((status+ret)) 1667 1668n=$((n+1)) 1669echo_i "waiting for secondary to sync up ($n)" 1670ret=0 1671wait_for_message ns2/named.run "catz: update_from_db: new zone merged" || ret=1 1672if [ $ret -ne 0 ]; then echo_i "failed"; fi 1673status=$((status+ret)) 1674 1675n=$((n+1)) 1676echo_i "checking that dom16.example. is no longer served by secondary ($n)" 1677ret=0 1678wait_for_no_soa @10.53.0.2 dom16.example. dig.out.test$n || ret=1 1679if [ $ret -ne 0 ]; then echo_i "failed"; fi 1680status=$((status+ret)) 1681 1682echo_i "exit status: $status" 1683[ $status -eq 0 ] || exit 1 1684