SV_RFC2181_5_2_diff_auth - Differing TTLs from authoritative source
Verify that a NUT uses the value of the lowest TTL in the RRSet,
when receive response containing RRs from an RRSet with differing TTLs
from a authoritative source.
- Should an authoritative source send such a malformed RRSet, the
client should treat the RRs for all purposes as if all TTLs in the
RRSet had been set to the value of the lowest TTL in the RRSet.
Caching Server
SV_RFC2181_5_2_diff_auth.seq [-tooloption ...]: KOI tool option
See also DNSConfig.pm
- Network Topology
. domain org domain example.org domain
AP Server1 (TN) DNS Server2 DNS Server3 DNS Server4
|A.example.org |A.ROOT.NET |NS3.example.org |NS4.example.org
|3ffe:501:ffff:101::10,11|3ffe:501:ffff:101::20 |3ffe:501:ffff:101::30 |3ffe:501:ffff:101::40
|192.168.1.10,11 |192.168.1.20 |192.168.1.30 |192.168.1.40
| | | |
Net-y --+--------+---------------+------------------------+------------------------+-- 3ffe:501:ffff:101::/64
| 192.168.1/24
|
|
Router (TN)
|3ffe:501:ffff:100::1
|192.168.0.1
|
|
|
Net-z --+--------+-----------------+-------- 3ffe:501:ffff:100::/64
| | 192.168.0/24
| |
DNS Server1 (NUT) DNS Client1 (TN)
3ffe:501:ffff:100::XXXX 3ffe:501:ffff:100::20
192.168.0.10 192.168.0.20
XXXX: EUI64
- Setup
- Set the DNS Server1's (NUT) address as above mentioned Network Topology.
- Configure the Server1's (NUT) zone file to response query from TN.
- Example of root server list:
- For IPv4:
. 3600000 IN NS A.ROOT.NET.
A.ROOT.NET. 3600000 A 192.168.1.20
- For IPv6:
. 3600000 IN NS A.ROOT.NET.
A.ROOT.NET. 3600000 AAAA 3ffe:501:ffff:101::20
- Example of example.com zone file:
$TTL 86400 ; TTL of 1 day
@ IN SOA NS1.example.com. root.example.com. (
2005081600 ; serial
3600 ; refresh every 1 hr
900 ; retry every 15 min
604800 ; expire after a week
3600 ; Minimum TTL of a 1 hr
)
;
IN NS NS1.example.com.
NS1 IN A 192.168.0.10
;
This test sequence is following.
<-------------- TN --------------->
DNS Client1 (TN) DNS Server1 (NUT) DNS Server2 DNS Server3 DNS Server4
| | | | |
|----------------------------->| | | |
| 1. Send standard query | | | |
| QNAME=A.example.org | | | |
| QTYPE=A | | | |
| | | | |
| |-------------------------------->| | |
| | 2. Recv standard query | | |
| | QNAME=A.example.org | | |
| | QTYPE=A | | |
| | | | |
| |<--------------------------------| | |
| | 3. Send standard query response | | |
| | QNAME=A.example.org | | |
| | QTYPE=A | | |
| | AUTHORITY Name=org | | |
| | AUTHORITY Name Server | | |
| | =NS3.example.org | | |
| | ADDITIONAL Name | | |
| | =NS3.example.org | | |
| | ADDITIONAL Address | | |
| | =192.168.1.30 | | |
| | | | |
| | v | |
| | | |
| |-------------------------------------------->| |
| | 4. Recv standard query | |
| | QNAME=A.example.org | |
| | QTYPE=A | |
| | | |
| |<--------------------------------------------| |
| | 5. Send standard query response | |
| | QNAME=A.example.org | |
| | QTYPE=A | |
| | AUTHORITY Name=example.org | |
| | AUTHORITY Name Server | |
| | = NS4.example.org | |
| | ADDITIONAL Name | |
| | = NS4.example.org | |
| | ADDITIONAL Address | |
| | = 192.168.1.40 | |
| | | |
| | v |
| | |
| |-------------------------------------------------------->|
| | 6. Send standard query |
| | QNAME=A.example.org |
| | QTYPE=A |
| | |
| |<--------------------------------------------------------|
| | 7. Send standard query response|
| | QNAME=A.example.org |
| | QTYPE=A |
| | ANSWER Name=A.example.org |
| | ANSWER Address=192.168.1.10 |
| | ANSWER TTL=600 |
| | ANSWER Address=192.168.1.11 |
| | ANSWER TTL=300 |
| | AUTHORITY Name=example.org |
| | AUTHORITY Name Server |
| | = NS4.example.org |
| | ADDITIONAL Name |
| | = NS4.example.org |
| | ADDITIONAL Address |
| | = 192.168.1.40 |
| | |
| | |
|<-----------------------------| |
| 8. Standard query response | |
| QNAME= A.example.org | |
| QTYPE=A | |
| ANSWER Name=A.example.org | |
| ANSWER Address=192.168.1.10 | |
| ANSWER TTL=300 | |
| ANSWER Address=192.168.1.11 | |
| ANSWER TTL=300 | |
| AUTHORITY Name=example.org | |
| AUTHORITY Name Server | |
| = NS4.example.org | |
| ADDITIONAL Name | |
| = NS4.example.org | |
| ADDITIONAL Address | |
| = 192.168.1.40 | |
| | |
v v v
1. TN send standard query QNAME=A.example.org, QTYPE=A to NUT.
2. NUT transmits standard query to DNS Server2 (TN: root name server) (Judgment *2)
3. TN send query response to NUT w/ AUTHORITY Name=org, AUTHORITY Name Server=NS3.example.org.
4. NUT transmits standard query QNAME=A.example.org, QTYPE=A to DNS Server3 (TN: NS3.example.org) (Judgment *4)
5. TN send query response to NUT w/ AUTHORITY Name=example.org, AUTHORITY Name Server=NS4.example.org.
6. NUT transmits standard query QNAME=A.example.org, QTYPE=A to DNS Server4 (TN: NS4.example.org) (Judgment *6)
7. TN send query response to ANSWER Name=A.example.org, ANSWER Address=192.168.1.10(TTL=600) and 192.168.1.11(TTL=300).
8. NUT transmits query response to DNS Client1 (TN) that ANSWER TTL=300.(Judgment *8)
- Packet Description
- 1st packet.
|
Standard query from DNS Client1 (TN) to Server1 (NUT)
|
| IP Header |
Source Address |
CL1_NETZ |
| Destination Address |
NUT_NETZ |
| UDP Header |
Src Port |
2000 |
| Dst Port |
53 |
| DNS Header |
ID |
0x1000 |
| QR |
0 |
| OPCODE |
0 |
| AA |
0 |
| TC |
0 |
| RD |
1 |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
0 |
| ARCOUNT |
0 |
| DNS Question section |
QNAME |
A.example.org |
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
- 2nd packet.
|
Standard query from DNS Server1 (NUT) to Server2 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
SV2_NETY |
| UDP Header |
Src Port |
ANY |
| Dst Port |
53 |
| DNS Header |
ID |
ANY |
| QR |
0 |
| OPCODE |
0 |
| AA |
ANY |
| TC |
0 |
| RD |
0 |
| RA |
ANY |
| Z |
ANY |
| RCODE |
ANY |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
0 |
| ARCOUNT |
ANY |
| DNS Question section |
QNAME |
A.example.org |
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
- 3rd packet.
|
Standard query response from DNS Server2 (TN) to Server1 (NUT)
|
| IP Header |
Source Address |
SV2_NETY |
| Destination Address |
NUT_NETZ |
| UDP Header |
Src Port |
53 |
| Dst Port |
Value that NUT uses |
| DNS Header |
ID |
Value that NUT uses |
| QR |
1 |
| OPCODE |
0 |
| AA |
0 |
| TC |
0 |
| RD |
0 |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
1 |
| ARCOUNT |
1 |
| DNS Question section |
QNAME |
A.example.org
|
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
| DNS Authority section |
NAME |
org (Pointer 0xC016) |
| TYPE |
NS (0x0002) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
6 |
| NSDNAME |
NS3.example.org (NS3 + Pointer 0xC00E) |
| DNS Additional section |
NAME |
NS3.example.org (Pointer 0xC02B) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.30 |
- 4th packet.
|
Standard query from DNS Server1 (NUT) to Server3 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
SV3_NETY |
| UDP Header |
Src Port |
ANY |
| Dst Port |
53 |
| DNS Header |
ID |
ANY |
| QR |
0 |
| OPCODE |
0 |
| AA |
ANY |
| TC |
0 |
| RD |
0 |
| RA |
ANY |
| Z |
ANY |
| RCODE |
ANY |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
0 |
| ARCOUNT |
ANY |
| DNS Question section |
QNAME |
A.example.org |
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
- 5th packet.
|
Standard query response from DNS Server3 (TN) to Server1 (NUT)
|
| IP Header |
Source Address |
SV3_NETY |
| Destination Address |
NUT_NETZ |
| UDP Header |
Src Port |
Value that NUT uses |
| Dst Port |
53 |
| DNS Header |
ID |
Value that NUT uses |
| QR |
1 |
| OPCODE |
0 |
| AA |
0 |
| TC |
0 |
| RD |
0 |
| RA |
0 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
1 |
| ARCOUNT |
1 |
| DNS Question section |
QNAME |
A.example.org
|
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
| DNS Authority section |
NAME |
example.org (Pointer 0xC00E) |
| TYPE |
NS (0x0002) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
6 |
| NSDNAME |
NS4.example.org (NS4 + Pointer 0xC00E) |
| DNS Additional section |
NAME |
NS4.example.org (Pointer 0xC02B) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.40 |
- 6th packet.
|
Standard query from DNS Server1 (NUT) to Server4 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
SV4_NETY |
| UDP Header |
Src Port |
ANY |
| Dst Port |
53 |
| DNS Header |
ID |
ANY |
| QR |
0 |
| OPCODE |
0 |
| AA |
ANY |
| TC |
0 |
| RD |
0 |
| RA |
ANY |
| Z |
ANY |
| RCODE |
ANY |
| QDCOUNT |
1 |
| ANCOUNT |
0 |
| NSCOUNT |
0 |
| ARCOUNT |
ANY |
| DNS Question section |
QNAME |
A.example.org |
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
- 7th packet.
|
Standard query response from DNS Server4 (TN) to Server1 (NUT)
|
| IP Header |
Source Address |
SV4_NETY |
| Destination Address |
NUT_NETZ |
| UDP Header |
Src Port |
Value that NUT uses |
| Dst Port |
53 |
| DNS Header |
ID |
Value that NUT uses |
| QR |
1 |
| OPCODE |
0 |
| AA |
1 |
| TC |
0 |
| RD |
0 |
| RA |
1 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
2 |
| NSCOUNT |
1 |
| ARCOUNT |
1 |
| DNS Question section |
QNAME |
A.example.org
|
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
| DNS Answer section |
NAME |
A.example.org (Pointer 0xC00C) |
| TYPE |
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
600 |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.10 |
| DNS Answer section |
NAME |
A.example.org (Pointer 0xC00C) |
| TYPE |
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
300 |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.11 |
| DNS Authority section |
NAME |
example.org (Pointer 0xC00E) |
| TYPE |
NS (0x0002) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
6 |
| NSDNAME |
NS4.example.org (NS4 + Pointer 0xC00E) |
| DNS Additional section |
NAME |
NS4.example.org (Pointer 0xC04B) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.40 |
- 8th packet.
|
Standard query response from DNS Server1 (NUT) to Client1 (TN)
|
| IP Header |
Source Address |
NUT_NETZ |
| Destination Address |
CL1_NETZ |
| UDP Header |
Src Port |
53 |
| Dst Port |
2000 |
| DNS Header |
ID |
0x1000 |
| QR |
1 |
| OPCODE |
0 |
| AA |
0 |
| TC |
0 |
| RD |
1 |
| RA |
1 |
| Z |
0 |
| RCODE |
0 |
| QDCOUNT |
1 |
| ANCOUNT |
1 |
| NSCOUNT |
1 |
| ARCOUNT |
2 |
| DNS Question section |
QNAME |
A.example.org |
| QTYPE |
A (0x0001) |
| QCLASS |
IN (0x0001) |
| DNS Answer section |
NAME |
A.example.org (Pointer 0xC00C) |
| TYPE |
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
300 |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.10 |
| DNS Answer section |
NAME |
A.example.org (Pointer 0xC00C) |
| TYPE |
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
300 |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.11 |
| DNS Authority section |
NAME |
example.org (Pointer 0xC00E) |
| TYPE |
NS (0x0002) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
6 |
| NSDNAME |
NS4.example.org (NS4 + Pointer 0xC00E) |
| DNS Additional section |
NAME |
NS4.example.org (Pointer 0xC04B) |
TYPE
|
A (0x0001) |
| CLASS |
IN (0x0001) |
| TTL |
1 day (86400) |
| RDLENGTH |
4 |
| ADDRESS |
192.168.1.40 |
- Exp.
| NUT_NETZ |
DNS Server1's (NUT) Net-z address |
| CL1_NETZ |
DNS Client1's (TN) Net-z address |
| SV2_NETY |
DNS Server2's (TN) Net-y address |
| SV3_NETY |
DNS Server3's (TN) Net-y address |
| SV4_NETY |
DNS Server4's (TN) Net-y address |
2. Received standard query including QNAME=A.example.org, QTYPE=A.
4. Received standard query including QNAME=A.example.org, QTYPE=A.
6. Received standard query including QNAME=A.example.org, QTYPE=A.
8. Received standard query response that has TTLs=300.
None
RFC2181 Clarifications to the DNS Specification
5.2. TTLs of RRs in an RRSet