CL_RFC1035_7_3_invalid_TTL - Invalid response(Long TTL)(optional)
Verify that a NUT checks the TTL of response
- As an optional step, check the TTLs of arriving data looking
- for RRs with excessively long TTLs. If a RR has an
- excessively long TTL, say greater than 1 week, either discard
- the whole response, or limit all TTLs in the response to 1 week.
Client (Caching function might be necessary)
CL_RFC1035_7_3_invalid_TTL.seq [-tooloption ...]: KOI tool option
See also DNSConfig.pm
AP Server1(TN):B.example.com DNS Server1(TN)
|3ffe:501:ffff:101::60 |3ffe:501:ffff:101::20
|192.168.1.60 |192.168.1.20
| |
Net-y --+--------+-----------------------+-------- 3ffe:501:ffff:101::/64
| 192.168.1/24
|
|
ROUTER1(TN)
|3ffe:501:ffff:100::1
|192.168.0.1
|
Net-z --+--------+-------------------------------- 3ffe:501:ffff:100::/64
| 192.168.0/24
DNS Client1(NUT)
3ffe:501:ffff:100:XXXX
192.168.0.10
XXXX: EUI64 address
Setup
Set the DNS Server1(TN)'s address on NUT as above mentioned Network Topology.
Pre-Sequence
In order to send the query for A type(IN class) of AP Server1(TN):B.example.com to the DNS Server1(TN),
NUT send Echo Request(Echo Message) to AP Server1(TN):B.example.com.
This test sequence is following.
DNS Client1 (NUT) DNS Server1 (TN) AP Server1 (TN)
| | |
|--------------------------------------------->| |
| 1. Send standard query | |
| QNAME=B.example.com | |
| | |
|<---------------------------------------------| |
| 2. Standard query response | |
| TTL=2 weeks (invalid) | |
| | |
|----------------------------------------------|------------------------------------------> X |
| 3A1. Echo Request(Echo Message) | |
| or | |
|----------------------------------------------|--------------------------------------------->|
| 3A2. Echo Request(Echo Message) | |
| | |
// // //
| | |
|----------------------------------------------|------------------------------------------> X |
| 3B. Echo Request(Echo Message) | |
| | |
v v v
1. NUT send standard query to DNS Server1(TN).
Judgment (Check *1)
2. TN send standard query response to NUT.
3A1,3A2. NUT send Echo Request(Echo Message) to to AP Server1(TN).
Judgment (Check *3A)
3B. *If TN receive Echo Request(Echo Message) from NUT at 3A(3A2), this sequence is run.
NUT send Echo Request(Echo Message) to to AP Server1(TN) after 1 week from 3A1 or 3A2.
Judgment (Check *3B)
Packet Description
1st Packet
|
1. Standard query from DNS Client1 (NUT) to DNS Server1 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
SV_NETY |
UDP Header
|
Src Port
|
any
|
Dst Port
|
53
|
DNS Header
|
ID |
any |
QR
|
0
|
OPCODE
|
0
|
AA
|
any
|
| TC |
0 |
| RD |
any |
RA
|
any
|
Z
|
any
|
RCODE
|
any
|
QDCOUNT
|
1
|
ANCOUNT
|
0
|
NSCOUNT
|
0
|
ARCOUNT
|
any
|
DNS Question section
|
QNAME |
B.example.com
|
QTYPE
|
A (0x0001)
|
QCLASS
|
IN (0x0001)
|
2nd packet.
|
2. Standard query response from DNS Server1 (TN) to Client1 (NUT)
|
| IP Header |
Source Address |
SV_NETY |
| Destination Address |
NUT_NETZ |
| UDP Header |
Src Port |
53 |
| Dst Port |
Same as 1st Packet's Src Port |
| DNS Header |
ID |
Same as 1st Packet's ID |
| QR |
1 |
| OPCODE |
0 |
| AA |
1 |
| TC |
0 |
| RD |
Same as 1st Packet's RD |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
1 |
| NSCOUNT |
1 |
| ARCOUNT |
1 |
| DNS Question section |
QNAME |
B.example.com |
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
| DNS Answer section |
NAME |
B.example.com (Pointer 0xC00C) |
| TYPE |
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
2 weeks (1209600) |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.60 |
| DNS Authority section |
NAME |
example.com (Pointer 0xC00E) |
| TYPE |
NS (0x0002) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
6 |
| NSDNAME |
NS1.example.com (NS1 + Pointer 0xC00E) |
| DNS Additional section |
NAME |
NS1.example.com (Pointer 0xC03B) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.20 |
3rd Packet(3A2)
|
3. Standard Echo Request(Echo Message) from DNS Client1 (NUT) to AP Server1 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
AP_NETY |
ICMP
|
Type
|
8(Echo Message for IPv4)/128(Echo Request for IPv6)
|
NUT_NETZ : DNS Client1(NUT)'s address
SV_NETY : DNS Server1(TN)'s address
AP_NETY : AP Server1(TN)'s address
1. Received standard query QNAME=B.example.com from NUT.
3A1. Not received Echo Request(Echo Message) from NUT.
3A2. Received Echo Request(Echo Message) from NUT.
*3A1 or 3A2 is judged. If 3A2 is observed, 3B is judged.
3B. Not received Echo Request(Echo Message) from NUT.
If NUT has cache function, clear the cache.
RFC1035 DOMAIN NAMES - IMPLEMENTATION AND SPECIFICATION
7.3. Processing responses