NAME

        SV_RFC2308_2_1_Name_error - Name error (RCODE=NXDOMAIN)

VERIFICATION POINTS

        Verify that a NUT transmits the response with Name error(NXDOMAIN).

Name errors (NXDOMAIN) are indicated by the presence of "Name Error" in the RCODE field. In this case the domain referred to by the QNAME does not exist. Note: the answer section may have SIG and CNAME RRs and the authority section may have SOA, NXT [RFC2065] and SIG RRsets

Name servers authoritative for a zone MUST include the SOA record of the zone in the authority section of the response when reporting an NXDOMAIN or indicating that no data of the requested type exists. This is required so that the response may be cached. The TTL of this record is set from the minimum of the MINIMUM field of the SOA record and the TTL of the SOA itself, and indicates how long a resolver may cache the negative answer.

TARGET

        Authoritative Server

SYNOPSIS

	SV_RFC2308_2_1_Name_error.seq [-tooloption ...]: KOI tool option
	See also DNSConfig.pm

INITIALIZATION

Network Topology

        AP Server1 (TN)
          |3ffe:501:ffff:101::10
          |192.168.1.10
          |
Net-y   --+--------+-------------------------- 3ffe:501:ffff:101::/64 
                   |                           192.168.1/24
                   |
                   |
                 Router (TN)
                   |3ffe:501:ffff:100::1
                   |192.168.0.1
                   |
                   |
Net-z   --+--------+-----------------+-------- 3ffe:501:ffff:100::/64 
          |                          |          192.168.0/24
          |                          |
        DNS Server1 (NUT)            DNS Client1 (TN)
           3ffe:501:ffff:100::XXXX     3ffe:501:ffff:100::20 
           192.168.0.10                192.168.0.20
	

	XXXX: EUI64

Setup

Set the DNS Server1's (NUT) address as above mentioned Network Topology.

Configure the Server1's (NUT) zone file to response query from TN.

Example of example.com zone file:

$TTL    86400           ; TTL of 1 day
@ IN SOA NS1.example.com. root.example.com. (
	2005081600	; serial
	3600		; refresh every 1 hr
	900		; retry every 15 min
	604800		; expire after a week
	3600		; Minimum TTL of a 1 hr
)
;
	IN	NS	NS1.example.com.
NS1	IN	A	192.168.0.10
;
A	IN	A	192.168.1.10
B	IN	CNAME	invalid.example.com.

TEST PROCEDURE

        This test sequence is following.

    DNS Client1 (TN)                       DNS Server1 (NUT)
        |                                      |
        |------------------------------------->|
        |   1. Send standard query             |
        |       QNAME=B.example.com            |
        |       QTYPE=A                        |
        |                                      |
        |<-------------------------------------|
        |   2. Standard query response         |
        |       NXDOMAIN                       |
        |                                      |
        v                                      v

        1. TN send standard query QNAME=B.example.com, QTYPE=A to NUT.
        2. NUT reply query response w/ SOA record authority section to TN. (Judgment *2)

Packet Description

1st packet.

Standard query from DNS Client1 (TN) to Server1 (NUT)
IP Header	Source Address	CL1_NETZ
IP Header	Destination Address	NUT_NETZ
UDP Header	Src Port	2000
UDP Header	Dst Port	53
DNS Header	ID	0x1000
	QR	0
	OPCODE	0
	AA	0
	TC	0
	RD	1
	RA	0
	Z	0
	RCODE	0
	QDCOUNT	1
	ANCOUNT	0
	NSCOUNT	0
	ARCOUNT	0
DNS Question section	QNAME	B.example.com
	QTYPE	A (0x0001)
	QCLASS	IN (0x0001)

2nd packet.

Standard query response from DNS Server1 (NUT) to Client1 (TN)
IP Header	Source Address	NUT_NETZ
IP Header	Destination Address	CL1_NETZ
UDP Header	Src Port	53
UDP Header	Dst Port	2000
DNS Header	ID	0x1000
	QR	1
	OPCODE	0
	AA	1
	TC	0
	RD	1
	RA	ANY
	Z	0
	RCODE	3
	QDCOUNT	1
	ANCOUNT	1
	NSCOUNT	1
	ARCOUNT	0
DNS Question section	QNAME	B.example.com
	QTYPE	A (0x0001)
	QCLASS	IN (0x0001)
DNS Answer section	NAME	B.example.com (Pointer 0xC00C)
	TYPE	CNAME (0x0005)
	CLASS	IN (0x0001)
	TTL	1 day (86400)
	RDLENGTH	10
	CNAME	invalid.example.com (invalid + Pointer 0xC00E)
DNS Authority section	NAME	example.com (Pointer 0xC00E)
	TYPE	SOA (0x0006)
	CLASS	IN (0x0001)
	TTL	1 hour (3600)
	RDLENGTH	33
	NSDNAME	NS1.example.com (NS1 + Pointer 0xC00E)
	RNAME	root.example.com (root + Pointer 0xC00E)
	SERIAL	2005081600
	REFRESH	1 hour
	RETRY	15 minutes
	EXPIRE	1 week
	MINIMUM	1 hour (3600)

Exp.

NUT_NETZ	DNS Server1's (NUT) Net-z address
CL1_NETZ	DNS Client1's (TN) Net-z address

JUDGMENT

        2. Received standard query response(NXDOMAIN) w/ SOA record in Authority section.

TERMINATION

        None

REFERENCE

        RFC2308 Negative Caching of DNS Queries (DNS NCACHE)
        2.1 - Name Error
        2.1.1 Special Handling of Name Error
        3 - Negative Answers from Authoritative Servers