1; scope of 0, if the query also had scope of 0, do not answer this 2; to everyone, but only for scope 0 queries. Otherwise can answer cached. 3 4server: 5 target-fetch-policy: "0 0 0 0 0" 6 send-client-subnet: 1.2.3.4 7 module-config: "subnetcache validator iterator" 8 verbosity: 4 9 qname-minimisation: no 10 11stub-zone: 12 name: "." 13 stub-addr: 193.0.14.129 14 15stub-zone: 16 name: "example.com" 17 stub-addr: 1.2.3.4 18CONFIG_END 19 20SCENARIO_BEGIN Test subnet cache with scope zero response without EDNS. 21 22; the upstream server. 23RANGE_BEGIN 0 100 24 ADDRESS 193.0.14.129 25 26ENTRY_BEGIN 27MATCH opcode qtype qname ednsdata 28ADJUST copy_id 29REPLY QR NOERROR 30SECTION QUESTION 31. IN NS 32SECTION ANSWER 33. IN NS K.ROOT-SERVERS.NET. 34SECTION ADDITIONAL 35HEX_EDNSDATA_BEGIN 36 ;; we expect to receive empty 37HEX_EDNSDATA_END 38K.ROOT-SERVERS.NET. IN A 193.0.14.129 39ENTRY_END 40RANGE_END 41 42RANGE_BEGIN 0 11 43 ADDRESS 1.2.3.4 44ENTRY_BEGIN 45MATCH opcode qtype qname 46ADJUST copy_id 47;copy_ednsdata_assume_clientsubnet 48REPLY QR NOERROR 49SECTION QUESTION 50www.example.com. IN A 51SECTION ANSWER 52www.example.com. IN A 10.20.30.40 53SECTION AUTHORITY 54SECTION ADDITIONAL 55HEX_EDNSDATA_BEGIN 56 ; client is 127.0.0.1 57 00 08 ; OPC 58 00 07 ; option length 59 00 01 ; Family 60 18 11 ; source mask, scopemask 61 7f 00 00 ; address 62HEX_EDNSDATA_END 63ENTRY_END 64RANGE_END 65 66RANGE_BEGIN 20 31 67 ADDRESS 1.2.3.4 68ENTRY_BEGIN 69MATCH opcode qtype qname 70ADJUST copy_id 71;copy_ednsdata_assume_clientsubnet 72REPLY QR NOERROR 73SECTION QUESTION 74www.example.com. IN A 75SECTION ANSWER 76www.example.com. IN A 10.20.30.41 77SECTION AUTHORITY 78SECTION ADDITIONAL 79HEX_EDNSDATA_BEGIN 80 ; client is 127.0.0.1 81 00 08 ; OPC 82 00 07 ; option length 83 00 01 ; Family 84 18 11 ; source mask, scopemask 85 7f 01 00 ; address 86HEX_EDNSDATA_END 87ENTRY_END 88RANGE_END 89 90RANGE_BEGIN 40 51 91 ADDRESS 1.2.3.4 92ENTRY_BEGIN 93MATCH opcode qtype qname 94ADJUST copy_id 95;copy_ednsdata_assume_clientsubnet 96REPLY QR NOERROR 97SECTION QUESTION 98www.example.com. IN A 99SECTION ANSWER 100www.example.com. IN A 10.20.30.42 101SECTION AUTHORITY 102SECTION ADDITIONAL 103;no EDNS in this answer. Tests if the back_parsed callback 104;is called to process the lack of edns contents. 105;HEX_EDNSDATA_BEGIN 106 ;00 08 ; OPC 107 ;00 04 ; option length 108 ;00 01 ; Family 109 ;00 00 ; source mask, scopemask 110 ; ; address 0.0.0.0/0 scope 0 111;HEX_EDNSDATA_END 112ENTRY_END 113RANGE_END 114 115RANGE_BEGIN 120 131 116 ADDRESS 1.2.3.4 117ENTRY_BEGIN 118MATCH opcode qtype qname 119ADJUST copy_id 120;copy_ednsdata_assume_clientsubnet 121REPLY QR NOERROR 122SECTION QUESTION 123www.example.com. IN A 124SECTION ANSWER 125www.example.com. IN A 10.20.30.43 126SECTION AUTHORITY 127SECTION ADDITIONAL 128HEX_EDNSDATA_BEGIN 129 00 08 ; OPC 130 00 07 ; option length 131 00 01 ; Family 132 18 00 ; source mask, scopemask 133 7f 02 00 ; address 127.2.0.0/24 scope 0 134HEX_EDNSDATA_END 135ENTRY_END 136RANGE_END 137 138; query for 127.0.0.0/24 139STEP 1 QUERY 140ENTRY_BEGIN 141HEX_ANSWER_BEGIN 142 00 00 01 00 00 01 00 00 ;ID 0 143 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 144 07 65 78 61 6d 70 6c 65 145 03 63 6f 6d 00 00 01 00 146 01 00 00 29 10 00 00 00 147 80 00 00 0b 148 149 00 08 00 07 ; OPC, optlen 150 00 01 18 00 ; ip4, scope 24, source 0 151 7f 00 00 ;127.0.0.0/24 152HEX_ANSWER_END 153ENTRY_END 154 155; answer is 10.20.30.40 for 127.0.0.0/24 scope 17 156STEP 10 CHECK_ANSWER 157ENTRY_BEGIN 158MATCH all ednsdata 159REPLY QR RD RA NOERROR 160SECTION QUESTION 161www.example.com. IN A 162SECTION ANSWER 163www.example.com. IN A 10.20.30.40 164SECTION AUTHORITY 165SECTION ADDITIONAL 166HEX_EDNSDATA_BEGIN 167 ; client is 127.0.0.1 168 00 08 ; OPC 169 00 07 ; option length 170 00 01 ; Family 171 18 11 ; source mask, scopemask 172 7f 00 00 ; address 173HEX_EDNSDATA_END 174ENTRY_END 175 176; query for 127.1.0.0/24 177STEP 20 QUERY 178ENTRY_BEGIN 179HEX_ANSWER_BEGIN 180 00 00 01 00 00 01 00 00 ;ID 0 181 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 182 07 65 78 61 6d 70 6c 65 183 03 63 6f 6d 00 00 01 00 184 01 00 00 29 10 00 00 00 185 80 00 00 0b 186 187 00 08 00 07 ; OPC, optlen 188 00 01 18 00 ; ip4, scope 24, source 0 189 7f 01 00 ;127.1.0.0/24 190HEX_ANSWER_END 191ENTRY_END 192 193; answer is 10.20.30.41 for 127.1.0.0/24 scope 17 194STEP 30 CHECK_ANSWER 195ENTRY_BEGIN 196MATCH all ednsdata 197REPLY QR RD RA NOERROR 198SECTION QUESTION 199www.example.com. IN A 200SECTION ANSWER 201www.example.com. IN A 10.20.30.41 202SECTION AUTHORITY 203SECTION ADDITIONAL 204HEX_EDNSDATA_BEGIN 205 ; client is 127.1.0.1 206 00 08 ; OPC 207 00 07 ; option length 208 00 01 ; Family 209 18 11 ; source mask, scopemask 210 7f 01 00 ; address 211HEX_EDNSDATA_END 212ENTRY_END 213 214; query for 0.0.0.0/0 215STEP 40 QUERY 216ENTRY_BEGIN 217HEX_ANSWER_BEGIN 218 00 00 01 00 00 01 00 00 ;ID 0 219 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 220 07 65 78 61 6d 70 6c 65 221 03 63 6f 6d 00 00 01 00 222 01 00 00 29 10 00 00 00 223 80 00 00 08 224 225 00 08 00 04 ; OPC, optlen 226 00 01 00 00 ; ip4, scope 0, source 0 227 ;0.0.0.0/0 228HEX_ANSWER_END 229ENTRY_END 230 231; answer is 10.20.30.42 for 0.0.0.0/0 scope 0 232STEP 50 CHECK_ANSWER 233ENTRY_BEGIN 234MATCH all ednsdata 235REPLY QR RD RA NOERROR 236SECTION QUESTION 237www.example.com. IN A 238SECTION ANSWER 239www.example.com. IN A 10.20.30.42 240SECTION AUTHORITY 241SECTION ADDITIONAL 242HEX_EDNSDATA_BEGIN 243 00 08 ; OPC 244 00 04 ; option length 245 00 01 ; Family 246 00 00 ; source mask, scopemask 247 ; address 248HEX_EDNSDATA_END 249ENTRY_END 250 251; query for 127.0.0.0/24, again, it should be in cache. 252; and not from the scope 0 answer. 253STEP 60 QUERY 254ENTRY_BEGIN 255HEX_ANSWER_BEGIN 256 00 00 01 00 00 01 00 00 ;ID 0 257 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 258 07 65 78 61 6d 70 6c 65 259 03 63 6f 6d 00 00 01 00 260 01 00 00 29 10 00 00 00 261 80 00 00 0b 262 263 00 08 00 07 ; OPC, optlen 264 00 01 18 00 ; ip4, scope 24, source 0 265 7f 00 00 ;127.0.0.0/24 266HEX_ANSWER_END 267ENTRY_END 268 269; answer should be 10.20.30.40 for 127.0.0.0/24 scope 17 270STEP 70 CHECK_ANSWER 271ENTRY_BEGIN 272MATCH all ednsdata 273REPLY QR RD RA NOERROR 274SECTION QUESTION 275www.example.com. IN A 276SECTION ANSWER 277www.example.com. IN A 10.20.30.40 278SECTION AUTHORITY 279SECTION ADDITIONAL 280HEX_EDNSDATA_BEGIN 281 ; client is 127.0.0.1 282 00 08 ; OPC 283 00 07 ; option length 284 00 01 ; Family 285 18 11 ; source mask, scopemask 286 7f 00 00 ; address 287HEX_EDNSDATA_END 288ENTRY_END 289 290; query for 127.1.0.0/24, again, it should be in cache. 291STEP 80 QUERY 292ENTRY_BEGIN 293HEX_ANSWER_BEGIN 294 00 00 01 00 00 01 00 00 ;ID 0 295 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 296 07 65 78 61 6d 70 6c 65 297 03 63 6f 6d 00 00 01 00 298 01 00 00 29 10 00 00 00 299 80 00 00 0b 300 301 00 08 00 07 ; OPC, optlen 302 00 01 18 00 ; ip4, scope 24, source 0 303 7f 01 00 ;127.1.0.0/24 304HEX_ANSWER_END 305ENTRY_END 306 307; answer should be 10.20.30.41 for 127.1.0.0/24 scope 17 308STEP 90 CHECK_ANSWER 309ENTRY_BEGIN 310MATCH all ednsdata 311REPLY QR RD RA NOERROR 312SECTION QUESTION 313www.example.com. IN A 314SECTION ANSWER 315www.example.com. IN A 10.20.30.41 316SECTION AUTHORITY 317SECTION ADDITIONAL 318HEX_EDNSDATA_BEGIN 319 ; client is 127.1.0.1 320 00 08 ; OPC 321 00 07 ; option length 322 00 01 ; Family 323 18 11 ; source mask, scopemask 324 7f 01 00 ; address 325HEX_EDNSDATA_END 326ENTRY_END 327 328; query for 0.0.0.0/0, again. 329STEP 100 QUERY 330ENTRY_BEGIN 331HEX_ANSWER_BEGIN 332 00 00 01 00 00 01 00 00 ;ID 0 333 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 334 07 65 78 61 6d 70 6c 65 335 03 63 6f 6d 00 00 01 00 336 01 00 00 29 10 00 00 00 337 80 00 00 08 338 339 00 08 00 04 ; OPC, optlen 340 00 01 00 00 ; ip4, scope 0, source 0 341 ;0.0.0.0/0 342HEX_ANSWER_END 343ENTRY_END 344 345; answer should be 10.20.30.42 for 0.0.0.0/0 scope 0 346STEP 110 CHECK_ANSWER 347ENTRY_BEGIN 348MATCH all ednsdata 349REPLY QR RD RA NOERROR 350SECTION QUESTION 351www.example.com. IN A 352SECTION ANSWER 353www.example.com. IN A 10.20.30.42 354SECTION AUTHORITY 355SECTION ADDITIONAL 356HEX_EDNSDATA_BEGIN 357 00 08 ; OPC 358 00 04 ; option length 359 00 01 ; Family 360 00 00 ; source mask, scopemask 361 ; address 362HEX_EDNSDATA_END 363ENTRY_END 364 365; now a query for a /24 that gets an answer for a /0. 366STEP 120 QUERY 367ENTRY_BEGIN 368HEX_ANSWER_BEGIN 369 00 00 01 00 00 01 00 00 ;ID 0 370 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 371 07 65 78 61 6d 70 6c 65 372 03 63 6f 6d 00 00 01 00 373 01 00 00 29 10 00 00 00 374 80 00 00 0b 375 376 00 08 00 07 ; OPC, optlen 377 00 01 18 00 ; ip4, scope 24, source 0 378 7f 02 00 ;127.2.0.0/24 379HEX_ANSWER_END 380ENTRY_END 381 382; answer should be 10.20.30.43 for 127.2.0.0/24 scope 0 383STEP 130 CHECK_ANSWER 384ENTRY_BEGIN 385MATCH all ednsdata 386REPLY QR RD RA NOERROR 387SECTION QUESTION 388www.example.com. IN A 389SECTION ANSWER 390www.example.com. IN A 10.20.30.43 391SECTION AUTHORITY 392SECTION ADDITIONAL 393HEX_EDNSDATA_BEGIN 394 ; client is 127.2.0.1 395 00 08 ; OPC 396 00 07 ; option length 397 00 01 ; Family 398 18 00 ; source mask, scopemask 399 7f 02 00 ; address 400HEX_EDNSDATA_END 401ENTRY_END 402 403; the scope 0 answer is now used to answer queries from 404; query for 127.0.0.0/24 405STEP 140 QUERY 406ENTRY_BEGIN 407HEX_ANSWER_BEGIN 408 00 00 01 00 00 01 00 00 ;ID 0 409 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 410 07 65 78 61 6d 70 6c 65 411 03 63 6f 6d 00 00 01 00 412 01 00 00 29 10 00 00 00 413 80 00 00 0b 414 415 00 08 00 07 ; OPC, optlen 416 00 01 18 00 ; ip4, scope 24, source 0 417 7f 00 00 ;127.0.0.0/24 418HEX_ANSWER_END 419ENTRY_END 420 421STEP 150 CHECK_ANSWER 422ENTRY_BEGIN 423MATCH all ednsdata 424REPLY QR RD RA NOERROR 425SECTION QUESTION 426www.example.com. IN A 427SECTION ANSWER 428www.example.com. IN A 10.20.30.43 429SECTION AUTHORITY 430SECTION ADDITIONAL 431HEX_EDNSDATA_BEGIN 432 ; client is 127.0.0.1 433 00 08 ; OPC 434 00 07 ; option length 435 00 01 ; Family 436 18 00 ; source mask, scopemask 437 7f 00 00 ; address 438HEX_EDNSDATA_END 439ENTRY_END 440 441SCENARIO_END 442