; config options server: target-fetch-policy: "0 0 0 0 0" module-config: "subnetcache validator iterator" verbosity: 4 qname-minimisation: no ; the domain is not configured for edns-subnet ;send-client-subnet: 1.2.3.4 client-subnet-zone: "ex2.com" stub-zone: name: "." stub-addr: 193.0.14.129 stub-zone: name: "example.com" stub-addr: 1.2.3.4 stub-zone: name: "ex2.com" stub-addr: 1.2.3.5 CONFIG_END SCENARIO_BEGIN Test subnet cache with scope zero for global cache store. ; the upstream server. RANGE_BEGIN 0 100 ADDRESS 193.0.14.129 ENTRY_BEGIN MATCH opcode qtype qname ednsdata ADJUST copy_id REPLY QR NOERROR SECTION QUESTION . IN NS SECTION ANSWER . IN NS K.ROOT-SERVERS.NET. SECTION ADDITIONAL HEX_EDNSDATA_BEGIN ;; we expect to receive empty HEX_EDNSDATA_END K.ROOT-SERVERS.NET. IN A 193.0.14.129 ENTRY_END RANGE_END RANGE_BEGIN 0 21 ADDRESS 1.2.3.4 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION www.example.com. IN A SECTION ANSWER www.example.com. IN A 10.20.30.40 SECTION AUTHORITY SECTION ADDITIONAL ENTRY_END RANGE_END RANGE_BEGIN 20 61 ADDRESS 1.2.3.5 ENTRY_BEGIN MATCH opcode qtype qname ADJUST copy_id REPLY QR AA NOERROR SECTION QUESTION www.ex2.com. IN A SECTION ANSWER www.ex2.com. IN A 10.20.30.41 SECTION AUTHORITY SECTION ADDITIONAL ENTRY_END RANGE_END RANGE_BEGIN 90 101 ADDRESS 1.2.3.5 ENTRY_BEGIN MATCH opcode qtype qname ednsdata ADJUST copy_id copy_ednsdata_assume_clientsubnet REPLY QR NOERROR SECTION QUESTION www.ex2.com. IN A SECTION ANSWER www.ex2.com. 10 IN A 10.20.30.42 SECTION AUTHORITY ex2.com. IN NS ns.ex2.com. SECTION ADDITIONAL HEX_EDNSDATA_BEGIN ; client is 127.0.0.1 00 08 ; OPC 00 07 ; option length 00 01 ; Family 18 00 ; source mask, scopemask 7f 00 00 ; address HEX_EDNSDATA_END ns.ex2.com. IN A 1.2.3.5 ENTRY_END RANGE_END ; query for 0.0.0.0/0 STEP 10 QUERY ENTRY_BEGIN HEX_ANSWER_BEGIN 00 00 01 00 00 01 00 00 ;ID 0 00 00 00 01 03 77 77 77 ; www.example.com A? (DO) 07 65 78 61 6d 70 6c 65 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 80 00 00 08 00 08 00 04 ; OPC, optlen 00 01 00 00 ; ip4, scope 0, source 0 ;0.0.0.0/0 HEX_ANSWER_END ENTRY_END STEP 20 CHECK_ANSWER ENTRY_BEGIN MATCH all ednsdata REPLY QR RD RA NOERROR SECTION QUESTION www.example.com. IN A SECTION ANSWER www.example.com. IN A 10.20.30.40 SECTION AUTHORITY SECTION ADDITIONAL HEX_EDNSDATA_BEGIN 00 08 ; OPC 00 04 ; option length 00 01 ; Family 00 00 ; source mask, scopemask ; address HEX_EDNSDATA_END ENTRY_END ; That that it is in global cache. STEP 30 QUERY ENTRY_BEGIN REPLY RD NOERROR SECTION QUESTION www.example.com. IN A ENTRY_END STEP 40 CHECK_ANSWER ENTRY_BEGIN MATCH all ednsdata REPLY QR RD RA NOERROR SECTION QUESTION www.example.com. IN A SECTION ANSWER www.example.com. IN A 10.20.30.40 ENTRY_END ; With a query where the name is whitelisted, it should not be stored ; in global cache. STEP 50 QUERY ENTRY_BEGIN HEX_ANSWER_BEGIN 00 00 01 00 00 01 00 00 ;ID 0 00 00 00 01 03 77 77 77 ; www.ex2.com A? (DO) 03 65 78 32 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 80 00 00 08 00 08 00 04 ; OPC, optlen 00 01 00 00 ; ip4, scope 0, source 0 ;0.0.0.0/0 HEX_ANSWER_END ENTRY_END STEP 60 CHECK_ANSWER ENTRY_BEGIN MATCH all ednsdata REPLY QR RD RA NOERROR SECTION QUESTION www.ex2.com. IN A SECTION ANSWER www.ex2.com. IN A 10.20.30.41 SECTION AUTHORITY SECTION ADDITIONAL HEX_EDNSDATA_BEGIN 00 08 ; OPC 00 04 ; option length 00 01 ; Family 00 00 ; source mask, scopemask ; address HEX_EDNSDATA_END ENTRY_END STEP 70 QUERY ENTRY_BEGIN HEX_ANSWER_BEGIN 00 00 01 00 00 01 00 00 ;ID 0 00 00 00 01 03 77 77 77 ; www.ex2.com A? (DO) 03 65 78 32 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 80 00 00 08 00 08 00 04 ; OPC, optlen 00 01 00 00 ; ip4, scope 0, source 0 ;0.0.0.0/0 HEX_ANSWER_END ENTRY_END STEP 80 CHECK_ANSWER ENTRY_BEGIN MATCH all ednsdata REPLY QR RD RA NOERROR SECTION QUESTION www.ex2.com. IN A SECTION ANSWER www.ex2.com. IN A 10.20.30.41 SECTION AUTHORITY SECTION ADDITIONAL HEX_EDNSDATA_BEGIN 00 08 ; OPC 00 04 ; option length 00 01 ; Family 00 00 ; source mask, scopemask ; address HEX_EDNSDATA_END ENTRY_END ; www.ex2.com is not in the global cache. and gets subnet treatment STEP 90 QUERY ENTRY_BEGIN REPLY RD NOERROR SECTION QUESTION www.ex2.com. IN A ENTRY_END STEP 100 CHECK_ANSWER ENTRY_BEGIN MATCH all ednsdata REPLY QR RD RA NOERROR SECTION QUESTION www.ex2.com. IN A SECTION ANSWER www.ex2.com. IN A 10.20.30.42 ENTRY_END ; that result is in the subnet cache STEP 110 QUERY ENTRY_BEGIN HEX_ANSWER_BEGIN 00 00 01 00 00 01 00 00 ;ID 0 00 00 00 01 03 77 77 77 ; www.ex2.com A? (DO) 03 65 78 32 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 80 00 00 0b 00 08 00 07 ; OPC, optlen ; ip4 127.0.0.0/24 scope /0 00 01 ; Family 18 00 ; source mask, scopemask 7f 00 00 ; address HEX_ANSWER_END ENTRY_END STEP 120 CHECK_ANSWER ENTRY_BEGIN MATCH all ednsdata REPLY QR RD RA NOERROR SECTION QUESTION www.ex2.com. IN A SECTION ANSWER www.ex2.com. IN A 10.20.30.42 SECTION AUTHORITY SECTION ADDITIONAL HEX_EDNSDATA_BEGIN 00 08 ; OPC 00 07 ; option length ; ip4 127.0.0.0/24 scope /24 00 01 ; Family 18 18 ; source mask, scopemask 7f 00 00 ; address HEX_EDNSDATA_END ENTRY_END SCENARIO_END