NAME

        SV_RFC1995_2_IXFR_server_newer - an IXFR server received an IXFR request with a newer version number.

VERIFICATION POINTS

        Verify that a NUT sends only reply to with a single SOA record of the server's current version

TARGET

        Server (an IXFR server)

SYNOPSIS

	SV_RFC1995_2_IXFR_server_newer.seq [-tooloption ...]: KOI tool option
	See also DNSConfig.pm

INITIALIZATION

Network Topology

Net-z   --+------------------------+--------------------------- 3ffe:501:ffff:100::/64
          |                        |                            192.168.0/24
          |                        |
        sec.example.com domain
        DNS Server1 (NUT)         DNS Server2 (TN)
           3ffe:501:ffff:100::10    3ffe:501:ffff:100::11
           192.168.0.10             192.168.0.11

Setup

Set the DNS Server1's (NUT) address as above mentioned Network Topology.

Configure the Server1's: (NUT)

zone file to response query from TN.

configuration file as master server about sec.example.com zone.

slave server is DNS Server2.

Enable incremental zone transfer function.

Example of DNS server configuration on DNS Server1 (NUT):

        
For IPv4 transport
zone "sec.example.com" {
        type master;
        allow-transfer { 192.168.0.11; };
        file "master/sec.example.com";
};
        
For IPv6 transport
zone "sec.example.com" {
        type master;
        allow-transfer { 3ffe:501:ffff:100::11; };
        file "master/sec.example.com";
};

Example of sec.example.com zone file:

$TTL    86400           ; TTL of 1 day
@ IN SOA NS1.sec.example.com. root.sec.example.com. (
	1		; serial
	3600		; refresh every 1 hr
	900		; retry every 15 min
	604800		; expire after a week
	3600		; Minimum TTL of a 1 hr
)
;
	IN	NS	NS1.sec.example.com.
	IN	NS	NS2.sec.example.com.
NS1	IN	A	192.168.0.10
NS1	IN	AAAA	3ffe:501:ffff:100::10
NS2	IN	A	192.168.0.11
NS2	IN	AAAA	3ffe:501:ffff:100::11
;
CL1	IN	A	192.168.0.20

PRE-TEST SEQUENCE

Update sec.example.com zone like following on DNS Server1 (NUT)

$TTL    86400           ; TTL of 1 day
@ IN SOA NS1.sec.example.com. root.sec.example.com. (
	2		; serial
	3600		; refresh every 1 hr
	900		; retry every 15 min
	604800		; expire after a week
	3600		; Minimum TTL of a 1 hr
)
;
	IN	NS	NS1.sec.example.com.
	IN	NS	NS2.sec.example.com.
NS1	IN	A	192.168.0.10
NS1	IN	AAAA	3ffe:501:ffff:100::10
NS2	IN	A	192.168.0.11
NS2	IN	AAAA	3ffe:501:ffff:100::11
;
CL2	IN	A	192.168.0.21

TEST PROCEDURE

        This test sequence is following.

  DNS Server1 (NUT)              DNS Server2 (TN)
        |                              |
        |<-----------------------------|
        | 1. Standard query            |
        |  QNAME = sec.example.com     |
        |  QTYPE = IXFR (0x00FB)       |
        |  AUTHORITY Name              |
        |       = sec.example.com      |
        |  AUTHORITY Type              |
        |       = SOA (0x0006)         |
        |  AUTHORITY Serial            |
        |       = 3                    |
        |                              |
        |----------------------------->|
        | 2. Standard query response   |
        |  QNAME = sec.example.com     |
        |  QTYPE = IXFR (0x00FB)       |
        |                              |
        |  ANSWER Name                 |
        |       = sec.example.com      |
        |  ANSWER Type                 |
        |       = SOA (0x0006)         |
        |  ANSWER Serial               |
        |       = 2                    |
        |                              |
        |  ANSWER Name                 |
        |       = sec.example.com      |
        |  ANSWER Type                 |
        |       = NS (0x0002)          |
        |  ANSWER NSDNAME              |
        |       = NS1.sec.example.com  |
        |                              |
        |  ANSWER Name                 |
        |       = sec.example.com      |
        |  ANSWER Type                 |
        |       = NS (0x0002)          |
        |  ANSWER NSDNAME              |
        |       = NS2.sec.example.com  |
        |                              |
        |  ANSWER Name                 |
        |       = NS1.sec.example.com  |
        |  ANSWER Type                 |
        |       = A (0x0001)           |
        |  ANSWER Address              |
        |       = 192.168.0.10         |
        |                              |
        |  ANSWER Name                 |
        |       = NS1.sec.example.com  |
        |  ANSWER Type                 |
        |       = AAAA (0x001C)        |
        |  ANSWER Address              |
        |       = 3ffe:501:ffff:100::10|
        |                              |
        |  ANSWER Name                 |
        |       = NS2.sec.example.com  |
        |  ANSWER Type                 |
        |       = A (0x0001)           |
        |  ANSWER Address              |
        |       = 192.168.0.11         |
        |                              |
        |  ANSWER Name                 |
        |       = NS2.sec.example.com  |
        |  ANSWER Type                 |
        |       = AAAA (0x001C)        |
        |  ANSWER Address              |
        |       = 3ffe:501:ffff:100::11|
        |                              |
        |  ANSWER Name                 |
        |       = CL2.sec.example.com  |
        |  ANSWER Type                 |
        |       = A (0x0001)           |
        |  ANSWER Address              |
        |       = 192.168.0.21         |
        |                              |
        v                              v

        This test sequence is following.

        1. DNS Server2 (TN) sends standard query with QNAME = sec.example.com, Type = IXFR, 
           including Authority Name = sec.example.com, Type = SOA,  serial = 2 using UDP.

        2. DNS Server1 (NUT) transmits standard query responce with QNAME = sec.example.com, Type = IXFR, 
           including 'sec.example.com SOA serial=2',
           'sec.example.com NS NS1.sec.example.com',
           'sec.example.com NS NS2.sec.example.com',
           'NS1.sec.example.com A 192.168.0.10',
           'NS1.sec.example.com AAAA 3ffe:501:ffff:100::10',
           'NS2.sec.example.com A 192.168.0.11',
           'NS2.sec.example.com AAAA 3ffe:501:ffff:100::11',
           and
           'CL2.sec.example.com A 192.168.0.21',
           in Answer section to DNS Server2 (TN). (Judgment *2)

Packet Description

1st packet.

Standard query response from DNS Server2 (TN) to Server1 (NUT)
IP Header	Source Address	SV2_NETZ
IP Header	Destination Address	NUT_NETZ
UDP Header	Src Port	2000
UDP Header	Dst Port	53
DNS Header	ID	0x1000
	QR	0
	OPCODE	0
	AA	1
	TC	0
	RD	1
	RA	0
	Z	0
	RCODE	0
	QDCOUNT	1
	ANCOUNT	0
	NSCOUNT	1
	ARCOUNT	0
DNS Question section	QNAME	sec.example.com
	QTYPE	IXFR (0x00FB)
	QCLASS	IN (0x0001)
DNS Authority section	NAME	sec.example.com (Pointer 0x0033)
	TYPE	SOA (0x0006)
	CLASS	IN (0x0001)
	TTL	86400sec
	RDLENGTH	33
	MNAME	NS1.sec.example.com (NS1 + Pointer 0xC00C)
	RNAME	root.sec.example.com (root + Pointer 0xC00C)
	SERIAL	3
	REFRESH	3600sec
	RETRY	900sec
	EXPIRE	604800sec
	MINIMUM	3600sec

2nd packet.

Standard query from DNS Server1 (NUT) to Server2 (TN)
IP Header	Source Address	NUT_NETZ
IP Header	Destination Address	SV2_NETZ
UDP Header	Src Port	53
UDP Header	Dst Port	2000
DNS Header	ID	0x1000
	QR	1
	OPCODE	0
	AA	1
	TC	0
	RD	1
	RA	ANY
	Z	0
	RCODE	0
	QDCOUNT	1
	ANCOUNT	6
	NSCOUNT	0
	ARCOUNT	0
DNS Question section	QNAME	sec.example.com
	QTYPE	*IXFR (0x00FB)*
	QCLASS	IN (0x0001)
DNS Answer section	NAME	sec.example.com (Pointer 0xC00C)
	TYPE	SOA (0x0006)
	CLASS	IN (0x0001)
	TTL	86400sec
	RDLENGTH	33
	MNAME	NS1.sec.example.com (NS1 + Pointer 0xC00C)
	RNAME	root.sec.example.com (root + Pointer 0xC00C)
	SERIAL	2
	REFRESH	3600sec
	RETRY	900sec
	EXPIRE	604800sec
	MINIMUM	3600sec
DNS Answer section	NAME	sec.example.com (Pointer 0xC00C)
	TYPE	NS (0x0002)
	CLASS	IN (0x0001)
	TTL	1 day (86400)
	RDLENGTH	2
	NSDNAME	NS1.sec.example.com (Pointer 0xC02D)
DNS Answer section	NAME	sec.example.com (Pointer 0xC00C)
	TYPE	NS (0x0002)
	CLASS	IN (0x0001)
	TTL	1 day (86400)
	RDLENGTH	6
	NSDNAME	NS2.sec.example.com (NS2 + Pointer 0xC00C)
DNS Answer section	NAME	NS1.sec.example.com (Pointer 0xC02D)
	TYPE	A (0x0001)
	CLASS	IN (0x0001)
	TTL	1 day (86400)
	RDLENGTH	4
	ADDRESS	192.168.0.10
DNS Answer section	NAME	NS1.sec.example.com (Pointer 0xC02D)
	TYPE	AAAA (0x0001C)
	CLASS	IN (0x0001)
	TTL	1 day (86400)
	RDLENGTH	4
	ADDRESS	3ffe:501:ffff:100::10
DNS Answer section	NAME	NS2.sec.example.com (Pointer 0xC05A)
	TYPE	A (0x0001)
	CLASS	IN (0x0001)
	TTL	1 day (86400)
	RDLENGTH	4
	ADDRESS	192.168.0.11
DNS Answer section	NAME	NS2.sec.example.com (Pointer 0xC05A)
	TYPE	AAAA (0x0001C)
	CLASS	IN (0x0001)
	TTL	1 day (86400)
	RDLENGTH	4
	ADDRESS	3ffe:501:ffff:100::11
DNS Answer section	NAME	CL2.sec.example.com (CL2 + Pointer 0xC00C)
	TYPE	A (0x0001)
	CLASS	IN (0x0001)
	TTL	1 day (86400)
	RDLENGTH	4
	ADDRESS	192.168.0.21

Exp.

NUT_NETZ	DNS Server1's (NUT) Net-z address
CL1_NETZ	DNS Client1's (TN) Net-z address
SV2_NETZ	DNS Server2's (TN) Net-z address

JUDGMENT

        2. DNS Server1 (NUT) transmits standard query responce with QNAME = sec.example.com, Type = IXFR, 
           including 'sec.example.com SOA serial=2',
           'sec.example.com NS NS1.sec.example.com',
           'sec.example.com NS NS2.sec.example.com',
           'NS1.sec.example.com A 192.168.0.10',
           'NS1.sec.example.com AAAA 3ffe:501:ffff:100::10',
           'NS2.sec.example.com A 192.168.0.11',
           'NS2.sec.example.com AAAA 3ffe:501:ffff:100::11',
           and
           'CL2.sec.example.com A 192.168.0.21',
           in Answer section to DNS Server2 (TN).

TERMINATION

        None

REFERENCE

        RFC1995 Incremental Zone Transfer in DNS
        2. Brief Description of the Protocol
        4. Response Format