Check dns64 + server-stale short timeout

Check that named correctly returns a synthesized DNS64 answer when the
server stale timer triggers for the A lookup.  Use a small value for
stale-answer-client-timeout (2ms) and delay the A response by 1 second.

diff --git a/bin/tests/system/serve-stale/ans2/ans.pl b/bin/tests/system/serve-stale/ans2/ans.pl
index 3fdc1fc9aac56b0431cee2e6ee0f6b2146ce705f..a223876b7ae74014dc025a4c6302c98dfdfc5adf 100644 (file)
--- a/bin/tests/system/serve-stale/ans2/ans.pl
+++ b/bin/tests/system/serve-stale/ans2/ans.pl
@@ -162,6 +162,16 @@ sub reply_handler {
            push @auth, $rr;
        }
        $rcode = "NOERROR";
+    } elsif ($qname eq "a-only-slow.example") {
+       if ($qtype eq "A") {
+           sleep(1);
+           my $rr = new Net::DNS::RR("a-only-slow.example 2 IN A $localaddr");
+           push @ans, $rr;
+       } else {
+           my $rr = new Net::DNS::RR($negSOA);
+           push @auth, $rr;
+       }
+       $rcode = "NOERROR";
     } elsif ($qname eq "cname.example") {
        if ($qtype eq "A") {
            my $rr = new Net::DNS::RR($CNAME);

diff --git a/bin/tests/system/serve-stale/ns3/named9.conf.in b/bin/tests/system/serve-stale/ns3/named9.conf.in
new file mode 100644 (file)
index 0000000..f875da4
--- /dev/null
+++ b/bin/tests/system/serve-stale/ns3/named9.conf.in
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * SPDX-License-Identifier: MPL-2.0
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0.  If a copy of the MPL was not distributed with this
+ * file, you can obtain one at https://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+key rndc_key {
+       secret "1234abcd8765";
+       algorithm @DEFAULT_HMAC@;
+};
+
+controls {
+       inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+options {
+       query-source address 10.53.0.3;
+       notify-source 10.53.0.3;
+       transfer-source 10.53.0.3;
+       port @PORT@;
+       pid-file "named.pid";
+       listen-on { 10.53.0.3; };
+       listen-on-v6 { none; };
+       recursion yes;
+       dnssec-validation no;
+       stale-answer-enable yes;
+       stale-cache-enable yes;
+       stale-answer-client-timeout 2;
+       dns64 2001:aaaa::/96 {
+               clients { any; };
+               mapped { any; };
+       };
+};
+
+zone "." {
+       type secondary;
+       primaries { 10.53.0.1; };
+       file "root.bk";
+};

diff --git a/bin/tests/system/serve-stale/tests.sh b/bin/tests/system/serve-stale/tests.sh
index b9e5888f10a109e5ce38407367c9a0db7f718390..a5e24018e7d93d131e234b346970fc6a438b606d 100755 (executable)
--- a/bin/tests/system/serve-stale/tests.sh
+++ b/bin/tests/system/serve-stale/tests.sh
@@ -2666,6 +2666,23 @@ grep "2001:aaaa" dig.out.2.test$n >/dev/null || ret=1
 if [ $ret != 0 ]; then echo_i "failed"; fi
 status=$((status + ret))
 
+n=$((n + 1))
+echo_i "check DNS64 processing of a stale negative answer (short serve-stale-client-timeout) ($n)"
+ret=0
+# configure ns3 with dns64
+copy_setports ns3/named9.conf.in ns3/named.conf
+$RNDCCMD 10.53.0.3 reload >rndc.out.test$n.1 2>&1 || ret=1
+# flush cache, enable ans2 responses, make sure serve-stale is on
+$RNDCCMD 10.53.0.3 flush >rndc.out.test$n.1 2>&1 || ret=1
+$DIG -p ${PORT} @10.53.0.2 txt enable >/dev/null
+$RNDCCMD 10.53.0.3 serve-stale on >rndc.out.test$n.2 2>&1 || ret=1
+#
+$DIG -p ${PORT} @10.53.0.3 a-only-slow.example AAAA >dig.out.test$n || ret=1
+grep "status: NOERROR" dig.out.test$n >/dev/null || ret=1
+grep "2001:aaaa" dig.out.test$n >/dev/null || ret=1
+if [ $ret != 0 ]; then echo_i "failed"; fi
+status=$((status + ret))
+
 ###########################################################
 # Test serve-stale's interaction with prefetch processing #
 ###########################################################