SV_RFC1034_4_3_1_Recursive - Recursion Available (RA) bit is set or cleared by a name server in all responses
Verify that whether NUT can set or clear RA bit in all responses.
1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | ID | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ |QR| Opcode |AA|TC|RD|RA| Z | RCODE | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | QDCOUNT | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | ANCOUNT | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | NSCOUNT | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | ARCOUNT | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
Server
SV_RFC1034_4_3_1_Recursive.seq [-tooloption ...]: KOI tool option See also DNSConfig.pm
AP Server1 (TN) |A.example.org |3ffe:501:ffff:101::10 |192.168.1.10 | Net-y --+--------+-------------------------------------------------------------------- 3ffe:501:ffff:101::/64 | 192.168.1/24 | | Router (TN) |3ffe:501:ffff:100::1 |192.168.0.1 | | Net-z --+--------+-----------------+-------- 3ffe:501:ffff:100::/64 | | 192.168.0/24 | | DNS Server1 (NUT) DNS Client1 (TN) 3ffe:501:ffff:100::XXXX 3ffe:501:ffff:100::20 192.168.0.10 192.168.0.20
XXXX: EUI64
. 3600000 IN NS A.ROOT.NET. A.ROOT.NET. 3600000 A 192.168.1.20
. 3600000 IN NS A.ROOT.NET. A.ROOT.NET. 3600000 AAAA 3ffe:501:ffff:101::20
$TTL 86400 ; TTL of 1 day @ IN SOA NS1.example.com. root.example.com. ( 2005081600 ; serial 3600 ; refresh every 1 hr 900 ; retry every 15 min 604800 ; expire after a week 3600 ; Minimum TTL of a 1 hr ) ; IN NS NS1.example.com. NS1 IN A 192.168.0.10 ; A IN A 192.168.1.10
This test sequence is following.
DNS Client1 (TN) DNS Server1 (NUT) | | |----------------------------->| | 1. Send standard query | | RD = 1 | | RA = 1 | | QNAME=A.example.com | | QTYPE=A | | | |<-----------------------------| | 2. Standard query response | | RD = 1 | | RA = 0 | | QNAME = A.example.com | | QTYPE = A | | ANSWER Name | | = A.example.com | | ANSWER Address | | = 192.168.1.10 | | AUTHORITY Name | | = example.com | | AUTHORITY Name Server | | = NS1.example.com | | ADDITIONAL Name | | = NS1.example.com | | ADDITIONAL Address | | = 192.168.0.10 | | | | | v v
3. Disable non-recursive mode on DNS Server1 (NUT)
| | | | |----------------------------->| | 4. Send standard query | | RD = 1 | | RA = 0 | | QNAME = A.example.com | | QTYPE = A | | | |<-----------------------------| | 5. Standard query response | | RD = 1 | | RA = 1 | | QNAME = A.example.com | | QTYPE = A | | ANSWER Name | | = A.example.com | | ANSWER Address | | = 192.168.1.10 | | AUTHORITY Name | | = example.com | | AUTHORITY Name Server | | = NS1.example.com | | ADDITIONAL Name | | = NS1.example.com | | ADDITIONAL Address | | = 192.168.0.10 | | | v v
This test sequence is following.
1. DNS Client1 (TN) send standard query QNAME=A.example.com, QTYPE=A with RD=1, RA=1 to DNS Server1 (NUT). 2. DNS Server1 (NUT) transmits standard query response from which RA bit is cleared to DNS Client1 (TN). (Judgment *2) 3. Disable non-recursive mode on DNS Server1 (NUT) and restart DNS service. 4. DNS Client1 (TN) send standard query QNAME=A.example.org, QTYPE=A with RD=1, RA=0 to DNS Server1 (NUT). 5. DNS Server1 (NUT) transmits standard query response from which RA bit is set to DNS Client1 (TN). (Judgment *4)
|
||
IP Header | Source Address | CL1_NETZ |
Destination Address | NUT_NETZ | |
UDP Header | Src Port | 1000 |
Dst Port | 53 | |
DNS Header | ID | 0x1000 |
QR | 0 | |
OPCODE | 0 | |
AA | 0 | |
TC | 0 | |
RD | 1 | |
RA | 1 | |
Z | 0 | |
RCODE | 0 | |
QDCOUNT | 1 | |
ANCOUNT | 0 | |
NSCOUNT | 0 | |
ARCOUNT | 0 | |
DNS Question section | QNAME | A.example.com |
QTYPE | A (0x0001) | |
QCLASS | IN (0x0001) |
|
||
IP Header | Source Address | NUT_NETZ |
Destination Address | CL1_NETZ | |
UDP Header | Src Port | 53 |
Dst Port | 1000 | |
DNS Header | ID | 0x1000 |
QR | 1 | |
OPCODE | 0 | |
AA | 1 | |
TC | 0 | |
RD | 1 | |
RA | 0 | |
Z | ANY | |
RCODE | 0 | |
QDCOUNT | 1 | |
ANCOUNT | 1 | |
NSCOUNT | 1 | |
ARCOUNT | 1 | |
DNS Question section | QNAME | A.example.com |
QTYPE | A (0x0001) | |
QCLASS | IN (0x0001) | |
DNS Answer section | NAME | A.example.com (Pointer 0xC00C) |
TYPE | A (0x0001) | |
CLASS | IN (0x0001) | |
TTL | 1 day (86400) | |
RDLENGTH | 4 | |
ADDRESS | 192.168.1.10 | |
DNS Authority section | NAME | example.com (Pointer 0xC00E) |
TYPE | NS (0x0002) | |
CLASS | IN (0x0001) | |
TTL | 1 day (86400) | |
RDLENGTH | 6 | |
NSDNAME | NS1.example.com (NS1 + Pointer 0xC00E) | |
DNS Additional section | NAME | NS1.example.com (Pointer 0xC03B) |
TYPE |
A (0x0001) | |
CLASS | IN (0x0001) | |
TTL | 1 day (86400) | |
RDLENGTH | 4 | |
ADDRESS | 192.168.0.10 |
|
||
IP Header | Source Address | CL1_NETZ |
Destination Address | NUT_NETZ | |
UDP Header | Src Port | 1000 |
Dst Port | 53 | |
DNS Header | ID | 0x2000 |
QR | 0 | |
OPCODE | 0 | |
AA | 0 | |
TC | 0 | |
RD | 1 | |
RA | 0 | |
Z | 0 | |
RCODE | 0 | |
QDCOUNT | 1 | |
ANCOUNT | 0 | |
NSCOUNT | 0 | |
ARCOUNT | 0 | |
DNS Question section | QNAME | A.example.com |
QTYPE | A (0x0001) | |
QCLASS | IN (0x0001) |
|
||
IP Header | Source Address | NUT_NETZ |
Destination Address | CL1_NETZ | |
UDP Header | Src Port | 53 |
Dst Port | 1000 | |
DNS Header | ID | 0x2000 |
QR | 1 | |
OPCODE | 0 | |
AA | 1 | |
TC | 0 | |
RD | 1 | |
RA | 1 | |
Z | ANY | |
RCODE | 0 | |
QDCOUNT | 1 | |
ANCOUNT | 1 | |
NSCOUNT | 1 | |
ARCOUNT | 1 | |
DNS Question section | QNAME | A.example.com |
QTYPE | A (0x0001) | |
QCLASS | IN (0x0001) | |
DNS Answer section | NAME | A.example.com (Pointer 0xC00C) |
TYPE | A (0x0001) | |
CLASS | IN (0x0001) | |
TTL | 1 day (86400) | |
RDLENGTH | 4 | |
ADDRESS | 192.168.1.10 | |
DNS Authority section | NAME | example.com (Pointer 0xC00E) |
TYPE | NS (0x0002) | |
CLASS | IN (0x0001) | |
TTL | 1 day (86400) | |
RDLENGTH | 6 | |
NSDNAME | NS1.example.com (NS1 + Pointer 0xC00E) | |
DNS Additional section | NAME | NS1.example.com (Pointer 0xC03B) |
TYPE |
A (0x0001) | |
CLASS | IN (0x0001) | |
TTL | 1 day (86400) | |
RDLENGTH | 4 | |
ADDRESS | 192.168.0.10 |
2. Received standard query response from which RA bit is cleared. 5. Received standard query response from which RA bit is set.
None
RFC1034 DOMAIN NAMES - CONCEPTS AND FACILITIES 4. NAME SERVERS 4.3.1. Queries and responses