SV_RFC1034_4_3_5_NotCompZoneTransfer - Zone transfer is not completed case.
Verify that a NUT starts zone maintenance and transfers as follows:
- Whenever a new zone is loaded in a secondary, the secondary waits REFRESH seconds
- before checking with the primary for a new serial.
- If this check cannot be completed, new checks are started every RETRY seconds.
- The check is a simple query to the primary for the SOA RR of the zone.
- If the secondary finds it impossible to perform a serial check for the EXPIRE interval,
- it must assume that its copy of the zone is obsolete an discard it.
- In spite of a server's best efforts, it may be unable to load zone data
- from a master file due to syntax errors, etc., or be unable to refresh a
- zone within the its expiration parameter. In this case, the name server
- should answer queries as if it were not supposed to possess the zone.
-
Server (Secondary)
SV_RFC1034_4_3_5_NotCompZoneTransfer.seq [-tooloption ...]: KOI tool option
See also DNSConfig.pm
This test sequence is following.
DNS Client1 (TN) DNS Server1 (NUT) DNS Server7 (TN)
| | |
| | |
| |----------------------------->|
| | 1. Standard query |
| | QNAME = sec.example.com |
| | QTYPE = SOA (0x0006) |
| | |
| |<-----------------------------|
| | 2. Standard query response |
| | QNAME = sec.example.com |
| | QTYPE = SOA (0x0006) |
| | ANSWER Name |
| | = sec.example.com |
| | ANSWER Type |
| | = SOA (0x0006) |
| | ANSWER TTL |
| | = 30 |
| | ANSWER MNAME |
| | = sec.example.com |
| | ANSWER Rname |
| | = root.sec.example.com |
| | ANSWER SERIAL |
| | = 1 |
| | ANSWER REFRESH |
| | = 180sec |
| | ANSWER RETRY |
| | = 30sec |
| | ANSWER EXPIRE |
| | = 360sec |
| | ANSWER MINIMUM |
| | = 30sec |
| | AUTHORITY Name |
| | = sec.example.com |
| | AUTHORITY Type |
| | = NS (0x0002) |
| | AUTHORITY Name Server |
| | = NS7.sec.example.com |
| | ADDITIONAL Name |
| | = NS7.sec.example.com |
| | AUTHORITY Type |
| | = A (0x0001) |
| | AUTHORITY Address |
| | = 192.168.0.31 |
| | |
| |----------------------------->|
| | 3. Standard query (using TCP)|
| | QNAME = sec.example.com |
| | QTYPE = AXFR (0x00FC) |
| | |
| |<-----------------------------|
| | 4. Standard query response |
| | (using TCP) |
| | QNAME = sec.example.com |
| | QTYPE = AXFR (0x00FC) |
| | ANSWER Name |
| | = sec.example.com |
| | ANSWER Type |
| | = SOA (0x0006) |
| | ANSWER TTL |
| | = 30 |
| | ANSWER MNAME |
| | = sec.example.com |
| | ANSWER Rname |
| | = root.sec.example.com |
| | ANSWER SERIAL |
| | = 1 |
| | ANSWER REFRESH |
| | = 180sec |
| | ANSWER RETRY |
| | = 30sec |
| | ANSWER EXPIRE |
| | = 360sec |
| | ANSWER MINIMUM |
| | = 30sec |
| | |
| | ANSWER Name |
| | = sec.example.com |
| | ANSWER Type |
| | = NS (0x0002) |
| | ANSWER Name |
| | = NS7.sec.example.com |
| | |
| | ANSWER Name |
| | = sec.example.com |
| | ANSWER Type |
| | = MX (0x000F) |
| | ANSWER Name |
| | = NS7.sec.example.com |
| | |
| | ANSWER Name |
| | = CL1.sec.example.com |
| | ANSWER Type |
| | = A (0x0001) |
| | ANSWER Address |
| | = 192.168.0.21 |
| | |
| | ANSWER Name |
| | = CL1.sec.example.com |
| | ANSWER Type |
| | = AAAA (0x001C) |
| | ANSWER Address |
| | = 3ffe:501:ffff:100::20 |
| | |
| | ANSWER Name |
| | = NS7.sec.example.com |
| | ANSWER Type |
| | = A (0x0001) |
| | ANSWER Address |
| | = 192.168.0.31 |
| | |
| | ANSWER Name |
| | = NS7.sec.example.com |
| | ANSWER Type |
| | = AAAA (0x001C) |
| | ANSWER Address |
| | = 3ffe:501:ffff:100::31 |
| | |
| | ANSWER Name |
| | = sec.example.com |
| | ANSWER Type |
| | = SOA (0x0006) |
| | ANSWER TTL |
| | = 30 |
| | ANSWER MNAME |
| | = sec.example.com |
| | ANSWER Rname |
| | = root.sec.example.com |
| | ANSWER SERIAL |
| | = 1 |
| | ANSWER REFRESH |
| | = 180sec |
| | ANSWER RETRY |
| | = 30sec |
| | ANSWER EXPIRE |
| | = 360sec |
| | ANSWER MINIMUM |
| | = 30sec |
| | |
|----------------------------->| |
| 5. Send standard query | |
| RD = 0 | |
| QNAME = CL1.sec.example.com | |
| QTYPE = A | |
| | |
|<-----------------------------| |
| 6. Standard query response | |
| AA = 0 | |
| RD = 0 | |
| QNAME = CL1.sec.example.com | |
| QTYPE = A | |
| ANSWER Name | |
| = CL1.sec.example.com | |
| ANSWER Type | |
| = A (0x0001) | |
| ANSWER Address | |
| = 192.168.0.21 | |
| | |
| AUTHORITY Name | |
| = sec.example.com | |
| AUTHORITY Type | |
| = NS (0x0002) | |
| AUTHORITY Name Server | |
| = NS7.sec.example.com | |
| | |
| ADDITIONAL Name | |
| = NS7.sec.example.com | |
| ADDITIONAL Type | |
| = A (0x0001) | |
| ADDITIONAL Address | |
| = 192.168.0.31 | |
| | |
| ADDITIONAL Name | |
| = NS7.sec.example.com | |
| ADDITIONAL Type | |
| = AAAA (0x001C) | |
| ADDITIONAL Address | |
| = 3ffe:501:ffff:100::31 | |
| | |
| | |
| | (REFRESH (3 minutes) interval|
| | expired after sending zone |
| | information) |
| | |
| |----------------------------->|
| | 7. Standard query |
| | same as above No.1 |
| | |
| | x <---------------|
| | 8. Doesn't send standard |
| | query response |
| | |
| | (RETRY (30 sec) interval |
| | expired after sending |
| | previous query) |
| | |
| |----------------------------->|
| | 9. Standard query |
| | same as above No.1 |
| | Repeat every RETRY seconds |
| | |
| | (EXPIRE (360 sec) interval |
| | passed after sending zone |
| | information) |
| | |
| | |
|----------------------------->| |
| 10. Send standard query | |
| same as above No.5 | |
| | |
|<-----------------------------| |
| 11. Standard query response | |
| AA = 0 | |
| RD = 0 | |
| RCODE = 2 (Server failure) | |
| QNAME = CL1.sec.example.com | |
| QTYPE = A | |
| | |
v v v
1. DNS Server1 (NUT) transmits standard query QNAME = sec.example.com,
Type = SOA to DNS Server7 (TN). (Judgment *1)
2. DNS Server7 (TN) send standard query response with SOA RRs to DNS Server1 (NUT).
3. DNS Server1 (NUT) transmits standard query with QNAME = sec.example.com,
Type = AXFR using TCP to DNS Server7 (TN). (Judgment *3)
4. DNS Server7 (TN) send standard query response including all RRs about sec.example.com zone
using TCP to DNS Server1 (NUT).
5. DNS Client1 (TN) send standard query QNAME = CL1.sec.example.com to DNS Server1 (NUT).
6. DNS Server1 (NUT) transmits standard query response ANSWER Address = 192.168.0.21
to DNS Client1 (TN). (Judgment *6)
7. After REFRESH time expired, DNS Server1 (NUT) transmits standard query QNAME = sec.example.com,
Type = SOA to DNS Server7 (TN). (Judgment *7)
8. DNS Server7 (TN) doesn't send standard query response to DNS Server1 (NUT).
9. Then DNS Server1 (NUT) transmits standard query QNAME = sec.example.com to DNS Server7 (TN)
every RETRY seconds. (Judgment *9)
10. After EXPIRE time passed, DNS Client1 (TN) send standard query QNAME = CL1.sec.example.com
to DNS Server1 (NUT).
11. DNS Server1 (NUT) transmits error response RCODE = 2 (Server failure)
to DNS Client1 (TN). (Judgment *11)
- Packet Description
- 1st packet.
|
Standard query from DNS Server1 (NUT) to Server7 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
SV7_NETZ |
| UDP Header |
Src Port |
ANY |
| Dst Port |
53 |
| DNS Header |
ID |
ANY |
| QR |
0 |
| OPCODE |
0 |
| AA |
0 |
| TC |
0 |
| RD |
0 |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
0 |
| ARCOUNT |
0 |
| DNS Question section |
QNAME |
sec.example.com |
| QTYPE |
SOA (0x0006) |
| QCLASS |
IN (0x0001) |
- 2nd packet.
|
Standard query response from DNS Server7 (TN) to Server1 (NUT)
|
| IP Header |
Source Address |
SV7_NETZ |
| Destination Address |
NUT_NETZ |
| UDP Header |
Src Port |
53 |
| Dst Port |
Value that NUT uses |
| DNS Header |
ID |
Value that NUT uses |
| QR |
1 |
| OPCODE |
0 |
| AA |
1 |
| TC |
0 |
| RD |
0 |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
1 |
| NSCOUNT |
1 |
| ARCOUNT |
2 |
| DNS Question section |
QNAME |
sec.example.com |
| QTYPE |
SOA (0x0006) |
| QCLASS |
IN (0x0001) |
| DNS Answer section |
NAME |
sec.example.com (Pointer 0xC00C)
|
| TYPE |
SOA (0x0006) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
33 |
| MNAME |
NS7.sec.example.com (NS7 + Pointer 0xC00C) |
| RNAME |
root.sec.example.com (root + Pointer 0xC00C) |
| SERIAL |
1 |
| REFRESH |
30sec |
| RETRY |
30sec |
| EXPIRE |
600sec |
| MINIMUM |
30sec |
| DNS Authority section |
NAME |
sec.example.com (Pointer 0xC00C) |
| TYPE |
NS (0x0002) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
2 |
| NSDNAME |
NS7.sec.example.com (Pointer 0xC02D) |
| DNS Additional section |
NAME |
NS7.sec.example.com (Pointer 0xC02D) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
4 |
| ADDRESS |
192.168.0.31 |
| DNS Additional section |
NAME |
NS7.sec.example.com (Pointer 0xC02D) |
TYPE
|
AAAA (0x001C) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
16 |
| ADDRESS |
3ffe:501:ffff:100::31 |
- 3rd packet.
|
Standard query from DNS Server1 (NUT) to Server7 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
SV7_NETZ |
| TCP Header |
Src Port |
ANY |
| Dst Port |
53 |
| DNS Header |
ID |
ANY |
| QR |
0 |
| OPCODE |
0 |
| AA |
0 |
| TC |
0 |
| RD |
0 |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
0 |
| ARCOUNT |
0 |
| DNS Question section |
QNAME |
sec.example.com |
| QTYPE |
AXFR (0x00FC) |
| QCLASS |
IN (0x0001) |
- 4th packet.
|
Standard query response from DNS Server7 (TN) to Server1 (NUT)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
SV7_NETZ |
| TCP Header |
Src Port |
53 |
| Dst Port |
Value that NUT uses |
| DNS Header |
ID |
Value that NUT uses |
| QR |
0 |
| OPCODE |
0 |
| AA |
1 |
| TC |
0 |
| RD |
0 |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
7 |
| NSCOUNT |
0 |
| ARCOUNT |
0 |
| DNS Question section |
QNAME |
sec.example.com |
| QTYPE |
AXFR (0x00FC) |
| QCLASS |
IN (0x0001) |
| DNS Answer section |
NAME |
sec.example.com (Pointer 0xC00C)
|
| TYPE |
SOA (0x0006) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
33 |
| MNAME |
NS7.sec.example.com (NS7 + Pointer 0xC00C) |
| RNAME |
root.sec.example.com (root + Pointer 0xC00C) |
| SERIAL |
1 |
| REFRESH |
30sec |
| RETRY |
30sec |
| EXPIRE |
600sec |
| MINIMUM |
30sec |
| DNS Answer section |
NAME |
sec.example.com (Pointer 0xC00C) |
TYPE
|
NS (0x0002) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
2 |
| NSDNAME |
NS7.sec.example.com (Pointer 0xC02D) |
| DNS Answer section |
NAME |
CL1.sec.example.com (CL1 + Pointer 0xC00C) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
4 |
| ADDRESS |
192.168.0.21 |
| DNS Answer section |
NAME |
CL1.sec.example.com (Pointer 0xC05C) |
TYPE
|
AAAA (0x001C) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
16 |
| ADDRESS |
3ffe:501:ffff:100::21 |
| DNS Answer section |
NAME |
NS7.sec.example.com (Pointer 0xC02D) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
4 |
| ADDRESS |
192.168.0.31 |
| DNS Answer section |
NAME |
NS7.sec.example.com (Pointer 0xC02D) |
TYPE
|
AAAA (0x001C) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
16 |
| ADDRESS |
3ffe:501:ffff:100::31 |
| DNS Answer section |
NAME |
sec.example.com (Pointer 0xC00C)
|
| TYPE |
SOA (0x0006) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
24 |
| MNAME |
NS7.sec.example.com (Pointer 0xC02D) |
| RNAME |
root.sec.example.com (Pointer 0xC033) |
| SERIAL |
1 |
| REFRESH |
30sec |
| RETRY |
30sec |
| EXPIRE |
600sec |
| MINIMUM |
30sec |
- 5th packet.
|
Standard query from DNS Client1 (TN) to Server1 (NUT)
|
| IP Header |
Source Address |
CL1_NETZ |
| Destination Address |
NUT_NETZ |
| UDP Header |
Src Port |
1000 |
| Dst Port |
53 |
| DNS Header |
ID |
0x1000 |
| QR |
0 |
| OPCODE |
0 |
| AA |
0 |
| TC |
0 |
| RD |
0 |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
0 |
| ARCOUNT |
0 |
| DNS Question section |
QNAME |
CL1.sec.example.com |
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
- 6th packet.
|
Standard query response from DNS Server1 (NUT) to Client1 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
CL1_NETZ |
| UDP Header |
Src Port |
53 |
| Dst Port |
1000 |
| DNS Header |
ID |
0x1000 |
| QR |
1 |
| OPCODE |
0 |
| AA |
1 |
| TC |
0 |
| RD |
0 |
| RA |
ANY |
| Z |
ANY |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
1 |
| NSCOUNT |
1 |
| ARCOUNT |
2 |
| DNS Question section |
QNAME |
CL1.sec.example.com
|
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
| DNS Answer section |
NAME |
CL1.sec.example.com (Pointer 0xC00C)
|
| TYPE |
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
4 |
| ADDRESS |
192.168.0.21 |
| DNS Authority section |
NAME |
sec.example.com (Pointer 0xC010) |
| TYPE |
NS (0x0002) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
6 |
| NSDNAME |
NS7.sec.example.com (NS7 + Pointer 0xC010) |
| DNS Additional section |
NAME |
NS7.sec.example.com (Pointer 0xC041) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
4 |
| ADDRESS |
192.168.0.30 |
| DNS Additional section |
NAME |
NS7.sec.example.com (Pointer 0xC041) |
TYPE
|
AAAA (0x001C) |
| CLASS |
IN (0x0001) |
| TTL |
30sec |
| RDLENGTH |
16 |
| ADDRESS |
3ffe:501:ffff:100::31 |
- 7th packet.
- same as No.1 packet.
- 8th packet.
- Doesn't send standard query response
- 9th packet.
- same as No.1 packet.
- 10th packet.
- same as No.5 packet, but ID=0x2000
- 11th packet.
|
Standard query response from DNS Server1 (NUT) to Client1 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
CL1_NETZ |
| UDP Header |
Src Port |
53 |
| Dst Port |
1000 |
| DNS Header |
ID |
0x2000 |
| QR |
1 |
| OPCODE |
0 |
| AA |
0 |
| TC |
0 |
| RD |
0 |
| RA |
ANY |
| Z |
ANY |
| RCODE |
2 |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
0 |
| ARCOUNT |
0 |
| DNS Question section |
QNAME |
CL1.sec.example.com
|
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
- Exp.
| NUT_NETZ |
DNS Server1's (NUT) Net-z address |
| CL1_NETZ |
DNS Client1's (TN) Net-z address |
| SV7_NETZ |
DNS Server7's (TN) Net-z address |
1. Received standard query with Type=SOA.
3. Received standard query with Type=AXFR using TCP
6. Received standard query response including Answer address 192.168.0.21.
7. Received standard query with Type=SOA after REFRESH time expired.
9. Received standard query with Type=SOA every RETRY seconds.
11. Received error response including RCODE=2.
None
RFC1034 DOMAIN NAMES - CONCEPTS AND FACILITIES
4. NAME SERVERS
4.3.5. Zone maintenance and transfers
RFC1035 Domain Implementation and Specification
6.3. Zone refresh and reload processing