1; config options 2server: 3 module-config: "validator iterator" 4 qname-minimisation: "no" 5 minimal-responses: no 6 serve-expired: yes 7 serve-expired-reply-ttl: 123 8 log-servfail: yes 9 ede: yes 10 ede-serve-expired: yes 11 12 13stub-zone: 14 name: "example.com" 15 stub-addr: 1.2.3.4 16CONFIG_END 17 18SCENARIO_BEGIN Test serve-expired with client-timeout and a SERVFAIL upstream reply 19; Scenario overview: 20; - query for example.com. IN A 21; - answer from upstream is SERVFAIL; will be cached for NORR_TTL(5) 22; - check that the client gets the SERVFAIL; also cached 23; - query again right after the TTL expired 24; - cached SERVFAIL should be ignored and upstream queried 25; - answer from upstream is still SERVFAIL; the cached error response will be 26; refreshed for another NORR_TTL(5) 27; - check that the client gets the SERVFAIL 28; - query again; the upstream now has the answer available 29; - check that we get the refreshed cached response instead 30 31; ns.example.com. 32RANGE_BEGIN 0 50 33 ADDRESS 1.2.3.4 34 ; response to A query 35 ENTRY_BEGIN 36 MATCH opcode qtype qname 37 ADJUST copy_id 38 REPLY QR AA SERVFAIL 39 SECTION QUESTION 40 example.com. IN A 41 ENTRY_END 42RANGE_END 43 44; ns.example.com. 45RANGE_BEGIN 60 100 46 ADDRESS 1.2.3.4 47 ENTRY_BEGIN 48 MATCH opcode qtype qname 49 ADJUST copy_id 50 REPLY QR NOERROR 51 SECTION QUESTION 52 example.com. IN NS 53 SECTION ANSWER 54 example.com. 10 IN NS ns.example.com. 55 SECTION ADDITIONAL 56 ns.example.com. 10 IN A 1.2.3.4 57 ENTRY_END 58 59 ENTRY_BEGIN 60 MATCH opcode qtype qname 61 ADJUST copy_id 62 REPLY QR NOERROR 63 SECTION QUESTION 64 example.com. IN A 65 SECTION ANSWER 66 example.com. 10 IN A 5.6.7.8 67 SECTION AUTHORITY 68 example.com. 10 IN NS ns.example.com. 69 SECTION ADDITIONAL 70 ns.example.com. 10 IN A 1.2.3.4 71 ENTRY_END 72RANGE_END 73 74; Query with RD flag 75STEP 0 QUERY 76ENTRY_BEGIN 77 REPLY RD 78 SECTION QUESTION 79 example.com. IN A 80ENTRY_END 81 82; Check that we get the SERVFAIL (will be cached) 83STEP 10 CHECK_ANSWER 84ENTRY_BEGIN 85 MATCH all 86 REPLY QR RD RA SERVFAIL 87 SECTION QUESTION 88 example.com. IN A 89ENTRY_END 90 91; Query again 92STEP 20 QUERY 93ENTRY_BEGIN 94 REPLY RD 95 SECTION QUESTION 96 example.com. IN A 97ENTRY_END 98 99; Check that we get the cached SERVFAIL 100STEP 30 CHECK_ANSWER 101ENTRY_BEGIN 102 MATCH all 103 REPLY QR RD RA SERVFAIL 104 SECTION QUESTION 105 example.com. IN A 106ENTRY_END 107 108; Wait for the SERVFAIL to expire 109STEP 31 TIME_PASSES ELAPSE 6 110 111; Query again 112STEP 40 QUERY 113ENTRY_BEGIN 114 REPLY RD 115 SECTION QUESTION 116 example.com. IN A 117ENTRY_END 118 119; Check that we get the SERVFAIL (will be refreshed) 120STEP 50 CHECK_ANSWER 121ENTRY_BEGIN 122 MATCH all 123 REPLY QR RD RA SERVFAIL 124 SECTION QUESTION 125 example.com. IN A 126ENTRY_END 127 128; Query again, upstream has the real answer available 129STEP 60 QUERY 130ENTRY_BEGIN 131 REPLY RD 132 SECTION QUESTION 133 example.com. IN A 134ENTRY_END 135 136; Check that we get the refreshed cached SERVFAIL 137STEP 70 CHECK_ANSWER 138ENTRY_BEGIN 139 MATCH all 140 REPLY QR RD RA SERVFAIL 141 SECTION QUESTION 142 example.com. IN A 143ENTRY_END 144 145SCENARIO_END 146