NAME

        SV_RFC2181_7_1_Placement_SOA - SOA records are to be placed in the authority section

VERIFICATION POINTS

        Verify that a NUT places SOA record into the authority section.

RFC1034, in section 3.7, indicates that the authority section of an authoritative answer may contain the SOA record for the zone from which the answer was obtained. When discussing negative caching, RFC1034 section 4.3.4 refers to this technique but mentions the additional section of the response. The former is correct, as is implied by the example shown in section 6.2.5 of RFC1034. SOA records, if added, are to be placed in the authority section.

TARGET

        Authoritative Server

SYNOPSIS

	SV_RFC2181_7_1_Placement_SOA.seq [-tooloption ...]: KOI tool option
	See also DNSConfig.pm

INITIALIZATION

Network Topology

        AP Server1 (TN)
          |3ffe:501:ffff:101::10
          |192.168.1.10
          |
Net-y   --+--------+-------------------------- 3ffe:501:ffff:101::/64 
                   |                           192.168.1/24
                   |
                   |
                 Router (TN)
                   |3ffe:501:ffff:100::1
                   |192.168.0.1
                   |
                   |
Net-z   --+--------+-----------------+-------- 3ffe:501:ffff:100::/64 
          |                          |          192.168.0/24
          |                          |
        DNS Server1 (NUT)            DNS Client1 (TN)
           3ffe:501:ffff:100::XXXX     3ffe:501:ffff:100::20 
           192.168.0.10                192.168.0.20
	

	XXXX: EUI64

Setup

Set the DNS Server1's (NUT) address as above mentioned Network Topology.

Configure the Server1's (NUT) zone file to response query from TN.

Example of example.com zone file:

$TTL    86400           ; TTL of 1 day
@ IN SOA NS1.example.com. root.example.com. (
	2005081600	; serial
	3600		; refresh every 1 hr
	900		; retry every 15 min
	604800		; expire after a week
	3600		; Minimum TTL of a 1 hr
)
;
	IN	NS	NS1.example.com.
NS1	IN	A	192.168.0.10
;
A	IN	A	192.168.1.10

TEST PROCEDURE

        This test sequence is following.

    DNS Client1 (TN)                       DNS Server1 (NUT)
        |                                      |
        |------------------------------------->|
        |   1. Send standard query             |
        |       QNAME=invalid.example.com      |
        |       QTYPE=A                        |
        |                                      |
        |<-------------------------------------|
        |   2. Standard query response         |
        |       NXDOMAIN                       |
        |                                      |
        v                                      v

        1. TN send standard query QNAME=invalid.example.com, QTYPE=A to NUT.
        2. NUT reply query response w/ SOA record authority section to TN. (Judgment *2)

Packet Description

1st packet.

Standard query from DNS Client1 (TN) to Server1 (NUT)
IP Header	Source Address	CL1_NETZ
IP Header	Destination Address	NUT_NETZ
UDP Header	Src Port	2000
UDP Header	Dst Port	53
DNS Header	ID	0x1000
	QR	0
	OPCODE	0
	AA	0
	TC	0
	RD	1
	RA	0
	Z	0
	RCODE	0
	QDCOUNT	1
	ANCOUNT	0
	NSCOUNT	0
	ARCOUNT	0
DNS Question section	QNAME	invalid.example.com
	QTYPE	A (0x0001)
	QCLASS	IN (0x0001)

2nd packet.

Standard query response from DNS Server1 (NUT) to Client1 (TN)
IP Header	Source Address	NUT_NETZ
IP Header	Destination Address	CL1_NETZ
UDP Header	Src Port	53
UDP Header	Dst Port	2000
DNS Header	ID	0x1000
	QR	1
	OPCODE	0
	AA	1
	TC	0
	RD	1
	RA	ANY
	Z	0
	RCODE	3
	QDCOUNT	1
	ANCOUNT	0
	NSCOUNT	1
	ARCOUNT	0
DNS Question section	QNAME	invalid.example.com
	QTYPE	A (0x0001)
	QCLASS	IN (0x0001)
DNS Authority section	NAME	example.com (Pointer 0xC00E)
	TYPE	SOA (0x0006)
	CLASS	IN (0x0001)
	TTL	1 hour (3600)
	RDLENGTH	33
	NSDNAME	NS1.example.com (NS1 + Pointer 0xC00E)
	RNAME	root.example.com (root + Pointer 0xC00E)
	SERIAL	2005081600
	REFRESH	1 hour
	RETRY	15 minutes
	EXPIRE	1 week
	MINIMUM	1 hour (3600)

Exp.

NUT_NETZ	DNS Server1's (NUT) Net-z address
CL1_NETZ	DNS Client1's (TN) Net-z address

JUDGMENT

        2. Received standard query response w/ SOA record in Authority section.

TERMINATION

        None

REFERENCE

        RFC2181 Clarifications to the DNS Specification
        7.1. Placement of SOA RRs in authoritative answers