SV_RFC2308_5_cache_NXDOMAIN - Caching of name error (NXDOMAIN)
Verify that a NUT caches negative answer that resulted from a name error(NXDOMAIN).
- A negative answer that resulted from a name error (NXDOMAIN) should
be cached such that it can be retrieved and returned in response to
another query for the same "QNAME, QCLASS" that resulted in the
cached negative response.
- When a server, in answering a query, encounters a cached negative
response it MUST add the cached SOA record to the authority section
of the response with the TTL decremented by the amount of time it was
stored in the cache. This allows the NXDOMAIN / NODATA response to
time out correctly.
Caching Server
SV_RFC2308_5_cache_NXDOMAIN.seq [-tooloption ...]: KOI tool option
See also DNSConfig.pm
This test sequence is following.
<-------------- TN --------------->
DNS Client1 (TN) DNS Server1 (NUT) DNS Server2 DNS Server3 DNS Server4
| | | | |
|----------------------------->| | | |
| 1. Send standard query | | | |
| QNAME=B.example.org | | | |
| QTYPE=A | | | |
| | | | |
| |-------------------------------->| | |
| | 2. Recv standard query | | |
| | QNAME=B.example.org | | |
| | QTYPE=A | | |
| | | | |
| |<--------------------------------| | |
| | 3. Send standard query response | | |
| | QNAME=B.example.org | | |
| | QTYPE=A | | |
| | AUTHORITY Name=org | | |
| | AUTHORITY Name Server | | |
| | =NS3.example.org | | |
| | ADDITIONAL Name | | |
| | =NS3.example.org | | |
| | ADDITIONAL Address | | |
| | =192.168.1.30 | | |
| | | | |
| | v | |
| | | |
| |-------------------------------------------->| |
| | 4. Recv standard query | |
| | QNAME=B.example.org | |
| | QTYPE=A | |
| | | |
| |<--------------------------------------------| |
| | 5. Send standard query response | |
| | QNAME=B.example.org | |
| | QTYPE=A | |
| | AUTHORITY Name=example.org | |
| | AUTHORITY Name Server | |
| | = NS4.example.org | |
| | ADDITIONAL Name | |
| | = NS4.example.org | |
| | ADDITIONAL Address | |
| | = 192.168.1.40 | |
| | | |
| | v |
| | |
| |-------------------------------------------------------->|
| | 6. Send standard query |
| | QNAME=B.example.org |
| | QTYPE=A |
| | |
| |<--------------------------------------------------------|
| | 7. Send standard query response|
| | RCODE=3(NXDOMIN) |
| | QNAME=B.example.org |
| | QTYPE=A |
| | AUTHORITY Name=example.org |
| | AUTHORITY Type=SOA |
| | AUTHORITY Minimum=1 hour |
| | |
| | |
|<-----------------------------| |
| 8. Standard query response | |
| RCODE= 3(NXDOMIN) | |
| QNAME= B.example.org | |
| QTYPE=A | |
| AUTHORITY Name=example.org | |
| AUTHORITY Type=SOA | |
| AUTHORITY Minimum=1 hour | |
| | |
// wait 15 seconds // //
| | |
|----------------------------->| |
| 9. Send standard query | |
| QNAME=B.example.org | |
| QTYPE=A | |
| | |
|<-----------------------------| |
|10. Standard query response | |
| RCODE= 3(NXDOMIN) | |
| QNAME= B.example.org | |
| QTYPE=A | |
| AUTHORITY Name=example.org | |
| AUTHORITY Type=SOA | |
| AUTHORITY TTL=less than | |
| 1 hour | |
| AUTHORITY Minimum=1 hour | |
| | |
v v v
1. TN send standard query QNAME=B.example.org, QTYPE=A to NUT.
2. NUT transmits standard query to DNS Server2 (TN: root name server) (Judgment *2)
3. TN send query response to NUT w/ AUTHORITY Name=org, AUTHORITY Name Server=NS3.example.org.
4. NUT transmits standard query QNAME=B.example.org, QTYPE=A to DNS Server3 (TN: NS3.example.org) (Judgment *4)
5. TN send query response to NUT w/ AUTHORITY Name=example.org, AUTHORITY Name Server=NS4.example.org.
6. NUT transmits standard query QNAME=B.example.org, QTYPE=A to DNS Server4 (TN: NS4.example.org) (Judgment *6)
7. TN send query response(NXDOMAIN) to AUTHORITY Name=example.org, AUTHORITY Type=SOA.
8. NUT transmits query response(NXDOMAIN) to DNS Client1 (TN) (Judgment *8)
9. TN send standard query QNAME=B.example.org, QTYPE=A to NUT.
10. NUT transmits query response(NXDOMAIN) to DNS Client1 (TN) (Judgment *10)
- Packet Description
- 1st packet.
Standard query from DNS Client1 (TN) to Server1 (NUT)
|
IP Header |
Source Address |
CL1_NETZ |
Destination Address |
NUT_NETZ |
UDP Header |
Src Port |
2000 |
Dst Port |
53 |
DNS Header |
ID |
0x1000 |
QR |
0 |
OPCODE |
0 |
AA |
0 |
TC |
0 |
RD |
1 |
RA |
0 |
Z |
0 |
RCODE |
0 |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
0 |
ARCOUNT |
0 |
DNS Question section |
QNAME |
B.example.org |
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
- 2nd packet.
Standard query from DNS Server1 (NUT) to Server2 (TN)
|
IP Header |
Source Address |
NUT_NETZ |
Destination Address |
SV2_NETY |
UDP Header |
Src Port |
ANY |
Dst Port |
53 |
DNS Header |
ID |
ANY |
QR |
0 |
OPCODE |
0 |
AA |
ANY |
TC |
0 |
RD |
0 |
RA |
ANY |
Z |
ANY |
RCODE |
ANY |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
0 |
ARCOUNT |
ANY |
DNS Question section |
QNAME |
B.example.org |
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
- 3rd packet.
Standard query response from DNS Server2 (TN) to Server1 (NUT)
|
IP Header |
Source Address |
SV2_NETY |
Destination Address |
NUT_NETZ |
UDP Header |
Src Port |
53 |
Dst Port |
Value that NUT uses |
DNS Header |
ID |
Value that NUT uses |
QR |
1 |
OPCODE |
0 |
AA |
0 |
TC |
0 |
RD |
0 |
RA |
0 |
Z |
0 |
RCODE |
0 |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
1 |
ARCOUNT |
1 |
DNS Question section |
QNAME |
B.example.org
|
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
DNS Authority section |
NAME |
org (Pointer 0xC016) |
TYPE |
NS (0x0002) |
CLASS |
IN (0x0001) |
TTL |
1 day (86400) |
RDLENGTH |
6 |
NSDNAME |
NS3.example.org (NS3 + Pointer 0xC00E) |
DNS Additional section |
NAME |
NS3.example.org (Pointer 0xC02B) |
TYPE
|
A (0x0001) |
CLASS |
IN (0x0001) |
TTL |
1 day (86400) |
RDLENGTH |
4 |
ADDRESS |
192.168.1.30 |
- 4th packet.
Standard query from DNS Server1 (NUT) to Server3 (TN)
|
IP Header |
Source Address |
NUT_NETZ |
Destination Address |
SV3_NETY |
UDP Header |
Src Port |
ANY |
Dst Port |
53 |
DNS Header |
ID |
ANY |
QR |
0 |
OPCODE |
0 |
AA |
ANY |
TC |
0 |
RD |
0 |
RA |
ANY |
Z |
ANY |
RCODE |
ANY |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
0 |
ARCOUNT |
ANY |
DNS Question section |
QNAME |
B.example.org |
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
- 5th packet.
Standard query response from DNS Server3 (TN) to Server1 (NUT)
|
IP Header |
Source Address |
SV3_NETY |
Destination Address |
NUT_NETZ |
UDP Header |
Src Port |
Value that NUT uses |
Dst Port |
53 |
DNS Header |
ID |
Value that NUT uses |
QR |
1 |
OPCODE |
0 |
AA |
0 |
TC |
0 |
RD |
0 |
RA |
0 |
Z |
0 |
RCODE |
0 |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
1 |
ARCOUNT |
1 |
DNS Question section |
QNAME |
B.example.org
|
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
DNS Authority section |
NAME |
example.org (Pointer 0xC00E) |
TYPE |
NS (0x0002) |
CLASS |
IN (0x0001) |
TTL |
1 day (86400) |
RDLENGTH |
6 |
NSDNAME |
NS4.example.org (NS4 + Pointer 0xC00E) |
DNS Additional section |
NAME |
NS4.example.org (Pointer 0xC02B) |
TYPE
|
A (0x0001) |
CLASS |
IN (0x0001) |
TTL |
1 day (86400) |
RDLENGTH |
4 |
ADDRESS |
192.168.1.40 |
- 6th packet.
Standard query from DNS Server1 (NUT) to Server4 (TN)
|
IP Header |
Source Address |
NUT_NETZ |
Destination Address |
SV4_NETY |
UDP Header |
Src Port |
ANY |
Dst Port |
53 |
DNS Header |
ID |
ANY |
QR |
0 |
OPCODE |
0 |
AA |
ANY |
TC |
0 |
RD |
0 |
RA |
ANY |
Z |
ANY |
RCODE |
ANY |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
0 |
ARCOUNT |
ANY |
DNS Question section |
QNAME |
B.example.org |
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
- 7th packet.
Standard query response from DNS Server4 (TN) to Server1 (NUT)
|
IP Header |
Source Address |
SV4_NETY |
Destination Address |
NUT_NETZ |
UDP Header |
Src Port |
Value that NUT uses |
Dst Port |
53 |
DNS Header |
ID |
Value that NUT uses |
QR |
1 |
OPCODE |
0 |
AA |
1 |
TC |
0 |
RD |
0 |
RA |
1 |
Z |
0 |
RCODE |
3 |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
1 |
ARCOUNT |
0 |
DNS Question section |
QNAME |
B.example.org
|
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
DNS Authority section |
NAME |
example.com (Pointer 0xC00E) |
TYPE |
SOA (0x0006) |
CLASS |
IN (0x0001) |
TTL |
1 hour (3600) |
RDLENGTH |
33 |
NSDNAME |
NS4.example.com (NS4 + Pointer 0xC00E) |
RNAME |
root.example.com (root + Pointer 0xC00E) |
SERIAL |
2005081600 |
REFRESH |
1 hour |
RETRY |
15 minutes |
EXPIRE |
1 week |
MINIMUM |
1 hour (3600) |
- 8th packet.
Standard query response from DNS Server1 (NUT) to Client1 (TN)
|
IP Header |
Source Address |
NUT_NETZ |
Destination Address |
CL1_NETZ |
UDP Header |
Src Port |
53 |
Dst Port |
2000 |
DNS Header |
ID |
0x1000 |
QR |
1 |
OPCODE |
0 |
AA |
0 |
TC |
0 |
RD |
1 |
RA |
1 |
Z |
0 |
RCODE |
3 |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
1 |
ARCOUNT |
0 |
DNS Question section |
QNAME |
B.example.org |
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
DNS Authority section |
NAME |
example.com (Pointer 0xC00E) |
TYPE |
SOA (0x0006) |
CLASS |
IN (0x0001) |
TTL |
1 hour (3600) |
RDLENGTH |
33 |
NSDNAME |
NS4.example.com (NS4 + Pointer 0xC00E) |
RNAME |
root.example.com (root + Pointer 0xC00E) |
SERIAL |
2005081600 |
REFRESH |
1 hour |
RETRY |
15 minutes |
EXPIRE |
1 week |
MINIMUM |
1 hour (3600) |
- 9th packet.
Standard query from DNS Client1 (TN) to Server1 (NUT)
|
IP Header |
Source Address |
CL1_NETZ |
Destination Address |
NUT_NETZ |
UDP Header |
Src Port |
2000 |
Dst Port |
53 |
DNS Header |
ID |
0x1001 |
QR |
0 |
OPCODE |
0 |
AA |
0 |
TC |
0 |
RD |
1 |
RA |
0 |
Z |
0 |
RCODE |
0 |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
0 |
ARCOUNT |
0 |
DNS Question section |
QNAME |
B.example.org |
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
- 10th packet.
Standard query response from DNS Server1 (NUT) to Client1 (TN)
|
IP Header |
Source Address |
NUT_NETZ |
Destination Address |
CL1_NETZ |
UDP Header |
Src Port |
53 |
Dst Port |
2000 |
DNS Header |
ID |
0x1001 |
QR |
1 |
OPCODE |
0 |
AA |
0 |
TC |
0 |
RD |
1 |
RA |
1 |
Z |
0 |
RCODE |
3 |
QDCOUNT |
1 |
ANCOUNT |
0 |
NSCOUNT |
1 |
ARCOUNT |
0 |
DNS Question section |
QNAME |
B.example.org |
QTYPE |
A (0x0001) |
QCLASS |
IN (0x0001) |
DNS Authority section |
NAME |
example.com (Pointer 0xC00E) |
TYPE |
SOA (0x0006) |
CLASS |
IN (0x0001) |
TTL |
less than 1 hour |
RDLENGTH |
33 |
NSDNAME |
NS4.example.com (NS4 + Pointer 0xC00E) |
RNAME |
root.example.com (root + Pointer 0xC00E) |
SERIAL |
2005081600 |
REFRESH |
1 hour |
RETRY |
15 minutes |
EXPIRE |
1 week |
MINIMUM |
1 hour (3600) |
- Exp.
NUT_NETZ |
DNS Server1's (NUT) Net-z address |
CL1_NETZ |
DNS Client1's (TN) Net-z address |
SV2_NETY |
DNS Server2's (TN) Net-y address |
SV3_NETY |
DNS Server3's (TN) Net-y address |
SV4_NETY |
DNS Server4's (TN) Net-y address |
2. Received standard query including QNAME=B.example.org, QTYPE=A.
4. Received standard query including QNAME=B.example.org, QTYPE=A.
6. Received standard query including QNAME=B.example.org, QTYPE=A.
8. Received standard query response(NXDOMAIN).
10. Received standard query response(NXDOMAIN).
None
RFC2308 Negative Caching of DNS Queries (DNS NCACHE)
5 - Caching Negative Answers
6 - Negative answers from the cache