xref: /freebsd/contrib/unbound/testdata/serve_expired_client_timeout_servfail.rpl (revision 4b15965daa99044daf184221b7c283bf7f2d7e66) 
1; config options
2server:
3	module-config: "validator iterator"
4	qname-minimisation: "no"
5	minimal-responses: no
6	serve-expired: yes
7	serve-expired-client-timeout: 1
8	serve-expired-reply-ttl: 123
9	ede: yes
10	ede-serve-expired: yes
11
12stub-zone:
13	name: "example.com"
14	stub-addr: 1.2.3.4
15CONFIG_END
16
17SCENARIO_BEGIN Test serve-expired with client-timeout and a SERVFAIL upstream reply
18; Scenario overview:
19; - query for example.com. IN A
20; - check that we get an answer for example.com. IN A with the correct TTL
21; - query again right after the TTL expired
22; - answer from upstream is servfail
23; - (expired cached answer will not be replaced, instead marked as unresolvable for NORR_TTL(5))
24; - check that we get the expired cached answer
25; - query again (the answer is available on the upstream server now)
26; - check that we get the immediate expired answer back instead
27; - query again (the answer is available on the upstream server now)
28; - check that we *still* get the immediate expired answer back instead, recursion is blocked for NORR_TTL(5)
29; - wait for NORR_TTL(5) to expire
30; - query again
31; - check that we get the freshly cached answer
32
33; ns.example.com.
34RANGE_BEGIN 0 20
35	ADDRESS 1.2.3.4
36	ENTRY_BEGIN
37		MATCH opcode qtype qname
38		ADJUST copy_id
39		REPLY QR NOERROR
40		SECTION QUESTION
41			example.com. IN NS
42		SECTION ANSWER
43			example.com. 10 IN NS ns.example.com.
44		SECTION ADDITIONAL
45			ns.example.com. 10 IN A 1.2.3.4
46	ENTRY_END
47
48	ENTRY_BEGIN
49		MATCH opcode qtype qname
50		ADJUST copy_id
51		REPLY QR NOERROR
52		SECTION QUESTION
53			example.com. IN A
54		SECTION ANSWER
55			example.com. 10 IN A 5.6.7.8
56		SECTION AUTHORITY
57			example.com. 10 IN NS ns.example.com.
58		SECTION ADDITIONAL
59			ns.example.com. 10 IN A 1.2.3.4
60	ENTRY_END
61RANGE_END
62
63; ns.example.com.
64RANGE_BEGIN 30 40
65	ADDRESS 1.2.3.4
66	; response to A query
67	ENTRY_BEGIN
68		MATCH opcode qtype qname
69		ADJUST copy_id
70		REPLY QR AA SERVFAIL
71		SECTION QUESTION
72			example.com. IN A
73	ENTRY_END
74RANGE_END
75
76; ns.example.com.
77RANGE_BEGIN 50 100
78	ADDRESS 1.2.3.4
79	; response to A query
80	ENTRY_BEGIN
81		MATCH opcode qtype qname
82		ADJUST copy_id
83		REPLY QR NOERROR
84		SECTION QUESTION
85			example.com. IN A
86		SECTION ANSWER
87			example.com. 10 IN A 5.6.7.8
88		SECTION AUTHORITY
89			example.com. 10 IN NS ns.example.com.
90		SECTION ADDITIONAL
91			ns.example.com. 10 IN A 1.2.3.4
92	ENTRY_END
93RANGE_END
94
95; Query with RD flag
96STEP 1 QUERY
97ENTRY_BEGIN
98	REPLY RD
99	SECTION QUESTION
100		example.com. IN A
101ENTRY_END
102
103; Check that we got the correct answer (should be cached)
104STEP 10 CHECK_ANSWER
105ENTRY_BEGIN
106	MATCH all ttl
107	REPLY QR RD RA NOERROR
108	SECTION QUESTION
109		example.com. IN A
110	SECTION ANSWER
111		example.com. 10 IN A 5.6.7.8
112	SECTION AUTHORITY
113		example.com. 10 IN NS ns.example.com.
114	SECTION ADDITIONAL
115		ns.example.com. 10 IN A 1.2.3.4
116ENTRY_END
117
118; Wait for the TTL to expire
119STEP 11 TIME_PASSES ELAPSE 11
120
121; Query again
122STEP 30 QUERY
123ENTRY_BEGIN
124	REPLY RD DO
125	SECTION QUESTION
126		example.com. IN A
127ENTRY_END
128
129; Check that we got a stale answer because of the upstream SERVFAIL
130STEP 40 CHECK_ANSWER
131ENTRY_BEGIN
132	MATCH all ttl ede=3
133	REPLY QR RD RA DO NOERROR
134	SECTION QUESTION
135		example.com. IN A
136	SECTION ANSWER
137		example.com.  123 IN A 5.6.7.8
138	SECTION AUTHORITY
139		example.com. 123 IN NS ns.example.com.
140	SECTION ADDITIONAL
141		ns.example.com. 123 IN A 1.2.3.4
142ENTRY_END
143
144; Query again
145STEP 50 QUERY
146ENTRY_BEGIN
147	REPLY RD DO
148	SECTION QUESTION
149		example.com. IN A
150ENTRY_END
151
152; Check that we got an immediate stale answer because of the previous failure,
153; regardless if upstream has the answer already in this range.
154STEP 60 CHECK_ANSWER
155ENTRY_BEGIN
156	MATCH all ttl ede=3
157	REPLY QR RD RA DO NOERROR
158	SECTION QUESTION
159		example.com. IN A
160	SECTION ANSWER
161		example.com.  123 IN A 5.6.7.8
162	SECTION AUTHORITY
163		example.com. 123 IN NS ns.example.com.
164	SECTION ADDITIONAL
165		ns.example.com. 123 IN A 1.2.3.4
166ENTRY_END
167
168; Query again
169STEP 70 QUERY
170ENTRY_BEGIN
171	REPLY RD DO
172	SECTION QUESTION
173		example.com. IN A
174ENTRY_END
175
176; Check that we still get the immediate stale answer because of the previous failure,
177; regardless if upstream has the answer already in this range. NORR_TTL(5) blocks us from
178; recursion.
179STEP 80 CHECK_ANSWER
180ENTRY_BEGIN
181	MATCH all ttl ede=3
182	REPLY QR RD RA DO NOERROR
183	SECTION QUESTION
184		example.com. IN A
185	SECTION ANSWER
186		example.com.  123 IN A 5.6.7.8
187	SECTION AUTHORITY
188		example.com. 123 IN NS ns.example.com.
189	SECTION ADDITIONAL
190		ns.example.com. 123 IN A 1.2.3.4
191ENTRY_END
192
193; Let NORR_TTL(5) expire
194STEP 81 TIME_PASSES ELAPSE 5
195
196; Query again
197STEP 90 QUERY
198ENTRY_BEGIN
199	REPLY RD
200	SECTION QUESTION
201		example.com. IN A
202ENTRY_END
203
204; Check fresh reply
205STEP 100 CHECK_ANSWER
206ENTRY_BEGIN
207	MATCH all ttl
208	REPLY QR RD RA NOERROR
209	SECTION QUESTION
210		example.com. IN A
211	SECTION ANSWER
212		example.com. 10 IN A 5.6.7.8
213	SECTION AUTHORITY
214		example.com. 10 IN NS ns.example.com.
215	SECTION ADDITIONAL
216		ns.example.com. 10 IN A 1.2.3.4
217ENTRY_END
218
219SCENARIO_END
220