+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2010081000 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns2
-ns2 A 10.53.0.2
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 3600
-@ SOA ns2.example. . 1 3600 1200 86400 1200
-@ NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 3600
-@ SOA ns2.example. . 1 3600 1200 86400 1200
-@ NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 3600
-@ SOA ns2.example. . 1 3600 1200 86400 1200
-@ NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 3600
-@ SOA ns2.example. . 1 3600 1200 86400 1200
-@ NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 3600
-@ SOA ns2.example. . 1 3600 1200 86400 1200
-@ NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2006081400 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
-@ IN NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2006081400 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
-@ IN NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns2.example.
-a A 10.0.0.1
$TTL 3600 ; 1 hour
@ IN SOA mname1. . (
2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
+ 20 ; refresh (20 seconds)
+ 20 ; retry (20 seconds)
+ 1814400 ; expire (3 weeks)
+ 3600 ; minimum (1 hour)
)
NS ns2
NS ns3
foo TXT "testing"
foo A 10.0.1.0
-bad-cname CNAME a
-bad-dname DNAME @
+bad-cname CNAME a
+bad-dname DNAME @
; Used for testing CNAME queries
cname1 CNAME cname1-target
ns3.secure A 10.53.0.3
; An insecure subdomain
-insecure NS ns.insecure
-ns.insecure A 10.53.0.3
+insecure NS ns3.insecure
+ns3.insecure A 10.53.0.3
-; A second insecure subdomain
-insecure2 NS ns.insecure2
-ns.insecure2 A 10.53.0.3
+; A subdomain with an extra DNSKEY in the wrong place
+extrakey NS ns3.extrakey
+ns3.extrakey A 10.53.0.3
; A secure subdomain we're going to inject bogus data into
-bogus NS ns.bogus
-ns.bogus A 10.53.0.3
+bogus NS ns3.bogus
+ns3.bogus A 10.53.0.3
; A subdomain with a corrupt DS
-badds NS ns.badds
-ns.badds A 10.53.0.3
+badds NS ns3.badds
+ns3.badds A 10.53.0.3
; A subdomain with a corrupt DS, but locally trusted by the forwarder
-localkey NS ns.localkey
-ns.localkey A 10.53.0.3
+localkey NS ns3.localkey
+ns3.localkey A 10.53.0.3
; A dynamic secure subdomain
-dynamic NS dynamic
-dynamic A 10.53.0.3
+dynamic NS ns3.dynamic
+ns3.dynamic A 10.53.0.3
; A subdomain with expired signatures
-expired NS ns.expired
-ns.expired A 10.53.0.3
+expired NS ns3.expired
+ns3.expired A 10.53.0.3
; A rfc2535 signed zone w/ CNAME
rfc2535 NS ns.rfc2535
-ns.rfc2535 A 10.53.0.3
+ns.rfc2535 A 10.53.0.2
z A 10.0.0.26
-keyless NS ns.keyless
-ns.keyless A 10.53.0.3
+keyless NS ns3.keyless
+ns3.keyless A 10.53.0.3
-nsec3 NS ns.nsec3
-ns.nsec3 A 10.53.0.3
+nsec3 NS ns3.nsec3
+ns3.nsec3 A 10.53.0.3
-optout NS ns.optout
-ns.optout A 10.53.0.3
+optout NS ns3.optout
+ns3.optout A 10.53.0.3
-nsec3-unknown NS ns.nsec3-unknown
-ns.nsec3-unknown A 10.53.0.3
+nsec3-unknown NS ns3.nsec3-unknown
+ns3.nsec3-unknown A 10.53.0.3
-optout-unknown NS ns.optout-unknown
-ns.optout-unknown A 10.53.0.3
+optout-unknown NS ns3.optout-unknown
+ns3.optout-unknown A 10.53.0.3
-dnskey-unknown NS ns.dnskey-unknown
-ns.dnskey-unknown A 10.53.0.3
+dnskey-unknown NS ns3.dnskey-unknown
+ns3.dnskey-unknown A 10.53.0.3
-dnskey-unsupported NS ns.dnskey-unsupported
-ns.dnskey-unsupported A 10.53.0.3
+dnskey-unsupported NS ns3.dnskey-unsupported
+ns3.dnskey-unsupported A 10.53.0.3
-dnskey-unsupported-2 NS ns.dnskey-unsupported
-ns.dnskey-unsupported-2 A 10.53.0.3
+dnskey-unsupported-2 NS ns3.dnskey-unsupported
+ns3.dnskey-unsupported-2 A 10.53.0.3
-ds-unsupported NS ns.ds-unsupported
-ns.ds-unsupported A 10.53.0.3
+ds-unsupported NS ns3.ds-unsupported
+ns3.ds-unsupported A 10.53.0.3
-digest-alg-unsupported NS ns.digest-alg-unsupported
-ns.digest-alg-unsupported A 10.53.0.3
+digest-alg-unsupported NS ns3.digest-alg-unsupported
+ns3.digest-alg-unsupported A 10.53.0.3
-dnskey-nsec3-unknown NS ns.dnskey-nsec3-unknown
-ns.dnskey-nsec3-unknown A 10.53.0.3
+dnskey-nsec3-unknown NS ns3.dnskey-nsec3-unknown
+ns3.dnskey-nsec3-unknown A 10.53.0.3
-multiple NS ns.multiple
-ns.multiple A 10.53.0.3
+multiple NS ns3.multiple
+ns3.multiple A 10.53.0.3
*.wild A 10.0.0.27
-rsasha256 NS ns.rsasha256
-ns.rsasha256 A 10.53.0.3
+rsasha256 NS ns3.rsasha256
+ns3.rsasha256 A 10.53.0.3
-rsasha512 NS ns.rsasha512
-ns.rsasha512 A 10.53.0.3
+rsasha512 NS ns3.rsasha512
+ns3.rsasha512 A 10.53.0.3
-kskonly NS ns.kskonly
-ns.kskonly A 10.53.0.3
+kskonly NS ns3.kskonly
+ns3.kskonly A 10.53.0.3
-update-nsec3 NS ns.update-nsec3
-ns.update-nsec3 A 10.53.0.3
+update-nsec3 NS ns3.update-nsec3
+ns3.update-nsec3 A 10.53.0.3
-auto-nsec NS ns.auto-nsec
-ns.auto-nsec A 10.53.0.3
+auto-nsec NS ns3.auto-nsec
+ns3.auto-nsec A 10.53.0.3
-auto-nsec3 NS ns.auto-nsec3
-ns.auto-nsec3 A 10.53.0.3
+auto-nsec3 NS ns3.auto-nsec3
+ns3.auto-nsec3 A 10.53.0.3
below-cname CNAME some.where.else.
-insecure.below-cname NS ns.insecure.below-cname
-ns.insecure.below-cname A 10.53.0.3
+insecure.below-cname NS ns3.insecure.below-cname
+ns3.insecure.below-cname A 10.53.0.3
-secure.below-cname NS ns.secure.below-cname
-ns.secure.below-cname A 10.53.0.3
+secure.below-cname NS ns3.secure.below-cname
+ns3.secure.below-cname A 10.53.0.3
-ttlpatch NS ns.ttlpatch
-ns.ttlpatch A 10.53.0.3
+ttlpatch NS ns3.ttlpatch
+ns3.ttlpatch A 10.53.0.3
-split-dnssec NS ns.split-dnssec
-ns.split-dnssec A 10.53.0.3
+split-dnssec NS ns3.split-dnssec
+ns3.split-dnssec A 10.53.0.3
-split-smart NS ns.split-smart
-ns.split-smart A 10.53.0.3
+split-smart NS ns3.split-smart
+ns3.split-smart A 10.53.0.3
-upper NS ns.upper
-ns.upper A 10.53.0.3
+upper NS ns3.upper
+ns3.upper A 10.53.0.3
-LOWER NS NS.LOWER
-NS.LOWER A 10.53.0.3
+LOWER NS NS3.LOWER
+NS3.LOWER A 10.53.0.3
-expiring NS ns.expiring
-ns.expiring A 10.53.0.3
+expiring NS ns3.expiring
+ns3.expiring A 10.53.0.3
-future NS ns.future
-ns.future A 10.53.0.3
+future NS ns3.future
+ns3.future A 10.53.0.3
-managed-future NS ns.managed-future
-ns.managed-future A 10.53.0.3
+managed-future NS ns3.managed-future
+ns3.managed-future A 10.53.0.3
-revkey NS ns.revkey
-ns.revkey A 10.53.0.3
+revkey NS ns3.revkey
+ns3.revkey A 10.53.0.3
-rsasha1 NS ns.rsasha1
-ns.rsasha1 A 10.53.0.3
+rsasha1 NS ns3.rsasha1
+ns3.rsasha1 A 10.53.0.3
-rsasha1-1024 NS ns.rsasha1-1024
-ns.rsasha1-1024 A 10.53.0.3
+rsasha1-1024 NS ns3.rsasha1-1024
+ns3.rsasha1-1024 A 10.53.0.3
dname-at-apex-nsec3 NS ns3
-rsasha256oid NS ns.rsasha256oid
-ns.rsasha256oid A 10.53.0.3
+rsasha256oid NS ns3.rsasha256oid
+ns3.rsasha256oid A 10.53.0.3
-rsasha512oid NS ns.rsasha512oid
-ns.rsasha512oid A 10.53.0.3
+rsasha512oid NS ns3.rsasha512oid
+ns3.rsasha512oid A 10.53.0.3
-unknownoid NS ns.unknownoid
-ns.unknownoid A 10.53.0.3
+unknownoid NS ns3.unknownoid
+ns3.unknownoid A 10.53.0.3
-extradsoid NS ns.extradsoid
-ns.extradsoid A 10.53.0.3
+extradsoid NS ns3.extradsoid
+ns3.extradsoid A 10.53.0.3
-extradsunknownoid NS ns.extradsunknownoid
-ns.extradsunknownoid A 10.53.0.3
+extradsunknownoid NS ns3.extradsunknownoid
+ns3.extradsunknownoid A 10.53.0.3
-extended-ds-unknown-oid NS ns.extended-ds-unknown-oid
-ns.extended-ds-unknown-oid A 10.53.0.3
+extended-ds-unknown-oid NS ns3.extended-ds-unknown-oid
+ns3.extended-ds-unknown-oid A 10.53.0.3
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 30 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 30 ; minimum (1 hour)
- )
- NS ns2
-ns2 A 10.53.0.2
-ns3 A 10.53.0.3
-
-a A 10.0.0.1
-*.a A 10.0.0.3
-b A 10.0.0.2
-d A 10.0.0.4
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.2
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-private2secure-nxdomain CNAME r.example.
-*.wild CNAME s.example.
cp "../ns3/dsset-target.peer-ns-spoof." .
+# Set up some unsigned zones:
+# insecure
+zone=insecure.secure.
+infile=template.db.in
+zonefile=insecure.secure.example.db
+cp $infile $zonefile
+
+# delegated child of an nsec3 zone
+zone=child.nsec3.secure.
+infile=template.db.in
+zonefile=child.nsec3.secure.example.db
+cp $infile $zonefile
+
+# delegated child of an optout zone
+zone=child.nsec3.secure.
+infile=template.db.in
+zonefile=child.nsec3.secure.example.db
+cp $infile $zonefile
+
+# zone pre-signed with RFC2335 signatures
+zone=rfc2335.example.
+infile=rfc2335.example.db.in
+zonefile=rfc2335.example.db
+cp $infile $zonefile
+
# Sign the "trusted." and "managed." zones.
zone=managed.
infile=key.db.in
# Sign the badparam secure file
zone=badparam.
-infile=badparam.db.in
+infile=template.db.in
zonefile=badparam.db
keyname1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
"$SIGNER" -3 - -A -H 1 -g -o "$zone" -k "$key1" "$zonefile" "$key2" >/dev/null 2>&1
zone=cds.secure
-infile=cds.secure.db.in
+infile=template.db.in
zonefile=cds.secure.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
"$SIGNER" -g -o "$zone" "$zonefile" >/dev/null 2>&1
zone=cds-x.secure
-infile=cds.secure.db.in
+infile=template.db.in
zonefile=cds-x.secure.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
"$SIGNER" -g -x -o "$zone" "$zonefile" >/dev/null 2>&1
zone=cds-update.secure
-infile=cds-update.secure.db.in
+infile=template.db.in
zonefile=cds-update.secure.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
keyfile_to_key_id "$key1" >cds-update.secure.id
zone=cds-auto.secure
-infile=cds-auto.secure.db.in
+infile=template.db.in
zonefile=cds-auto.secure.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
cat "$infile" >"$zonefile.signed"
zone=cdnskey.secure
-infile=cdnskey.secure.db.in
+infile=template.db.in
zonefile=cdnskey.secure.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
"$SIGNER" -g -o "$zone" "$zonefile" >/dev/null 2>&1
zone=cdnskey-x.secure
-infile=cdnskey.secure.db.in
+infile=template.db.in
zonefile=cdnskey-x.secure.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
"$SIGNER" -g -x -o "$zone" "$zonefile" >/dev/null 2>&1
zone=cdnskey-update.secure
-infile=cdnskey-update.secure.db.in
+infile=template.db.in
zonefile=cdnskey-update.secure.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
keyfile_to_key_id "$key1" >cdnskey-update.secure.id
zone=cdnskey-auto.secure
-infile=cdnskey-auto.secure.db.in
+infile=template.db.in
zonefile=cdnskey-auto.secure.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
cat "$infile" >"$zonefile.signed"
zone=updatecheck-kskonly.secure
-infile=template.secure.db.in
+infile=template.db.in
zonefile=${zone}.db
key1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
key2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A zone with a secure chain of trust of two KSKs, only one KSK is not signing.
#
zone=lazy-ksk
-infile=lazy-ksk.db.in
+infile=template.db.in
zonefile=lazy-ksk.db
ksk1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
ksk2=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
$TTL 3600
@ SOA ns2.example. . 1 3600 1200 86400 1200
-@ NS ns2.example.
+@ NS ns2
+ns2 A 10.53.0.2
+
+a A 10.0.0.1
+*.a A 10.0.0.3
+b A 10.0.0.2
+d A 10.0.0.4
+z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 3600
-@ SOA ns2.example. . 1 3600 1200 86400 1200
-@ NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
-nosoa NS ns.nosoa
-ns.nosoa A 10.53.0.6
-
-normalthenrrsig A 10.0.0.28
-rrsigonly A 10.0.0.29
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
-nosoa NS ns.nosoa
-ns.nosoa A 10.53.0.6
-
-normalthenrrsig A 10.0.0.28
-rrsigonly A 10.0.0.29
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-c A 10.0.0.3
-d A 10.0.0.4
-z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-a A 10.0.0.1
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.e A 10.0.0.6
-child NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.e A 10.0.0.6
-child NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.e A 10.0.0.6
-child NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.e A 10.0.0.6
-child NS ns2.example.
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-a A 10.0.0.1
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-; This has the NS and glue at the apex because testing RT #2399
-; requires we have only one name in the zone at a certain point
-; during the test.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
-@ NS @
-@ A 10.53.0.3
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 3600 ; 1 hour
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
- MX 10 mx
-ns A 10.53.0.3
-mx A 10.0.0.30
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
-nosoa NS ns.nosoa
-ns.nosoa A 10.53.0.6
-
-normalthenrrsig A 10.0.0.28
-rrsigonly A 10.0.0.29
-
-
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 3600 ; 1 hour
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
- MX 10 mx
-ns A 10.53.0.3
-mx A 10.0.0.30
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.wild A 10.0.0.6
-child NS ns2.example.
-insecure NS ns.insecure
-ns.insecure A 10.53.0.3
-secure NS ns.secure
-ns.secure A 10.53.0.3
-nsec3 NS ns.nsec3
-ns.nsec3 A 10.53.0.3
-optout NS ns.optout
-ns.optout A 10.53.0.3
-02HC3EM7BDD011A0GMS3HKKJT2IF5VP8 A 10.0.0.17
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
- NS ns
-ns A 10.53.0.3
+ NS ns3
+ns3 A 10.53.0.3
a A 10.0.0.1
b A 10.0.0.2
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.wild A 10.0.0.6
-insecure NS ns.insecure
-ns.insecure A 10.53.0.3
-secure NS ns.secure
-ns.secure A 10.53.0.3
-nsec3 NS ns.nsec3
-ns.nsec3 A 10.53.0.3
-optout NS ns.optout
-ns.optout A 10.53.0.3
-child NS ns2.example.
-insecure.empty NS ns.insecure.empty
-ns.insecure.empty A 10.53.0.3
-foo.*.empty-wild NS ns
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a.b A 10.0.0.1
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-x DNSKEY 258 3 5 Cg==
-z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-x CNAME a
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA MNAME1. . (
- 2012042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
-@ NS NS
-NS A 10.53.0.3
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.wild A 10.0.0.6
-insecure NS ns.insecure
-ns.insecure A 10.53.0.3
-secure NS ns.secure
-ns.secure A 10.53.0.3
-nsec3 NS ns.nsec3
-ns.nsec3 A 10.53.0.3
-optout NS ns.optout
-ns.optout A 10.53.0.3
-child NS ns2.example.
-insecure.empty NS ns.insecure.empty
-ns.insecure.empty A 10.53.0.3
-foo.*.empty-wild NS ns
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.e A 10.0.0.6
-child NS ns2.example.
allow-update { any; };
};
-zone "insecure2.example" {
+zone "extrakey.example" {
type primary;
- file "insecure2.example.db";
+ file "extrakey.example.db";
allow-update { any; };
};
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.e A 10.0.0.6
-child NS ns2.example.
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
- NS ns
-ns A 10.53.0.3
+ NS ns3
+ns3 A 10.53.0.3
a A 10.0.0.1
b A 10.0.0.2
ns.insecure A 10.53.0.3
secure NS ns.secure
ns.secure A 10.53.0.3
-nsec3 NS ns.nsec3
-ns.nsec3 A 10.53.0.3
+nsec3 NS ns3.nsec3
+ns3.nsec3 A 10.53.0.3
optout NS ns.optout
ns.optout A 10.53.0.3
02HC3EM7BDD011A0GMS3HKKJT2IF5VP8 A 10.0.0.17
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.e A 10.0.0.6
-child NS ns2.example.
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
- NS ns
-ns A 10.53.0.3
+ NS ns3
+ns3 A 10.53.0.3
a A 10.0.0.1
b A 10.0.0.2
z A 10.0.0.26
a.a.a.a A 10.0.0.3
*.wild A 10.0.0.6
-insecure NS ns.insecure
-ns.insecure A 10.53.0.3
-secure NS ns.secure
-ns.secure A 10.53.0.3
-nsec3 NS ns.nsec3
-ns.nsec3 A 10.53.0.3
-optout NS ns.optout
-ns.optout A 10.53.0.3
+insecure NS ns3.insecure
+ns3.insecure A 10.53.0.3
+secure NS ns3.secure
+ns3.secure A 10.53.0.3
+nsec3 NS ns3.nsec3
+ns3.nsec3 A 10.53.0.3
+optout NS ns3.optout
+ns3.optout A 10.53.0.3
child NS ns2.example.
insecure.empty NS ns.insecure.empty
ns.insecure.empty A 10.53.0.3
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-; File written on Tue Jan 11 18:07:57 2022
-; dnssec_signzone version 9.17.21
-rsasha1-1024.example. 300 IN SOA mname1. . 2000042407 20 20 1814400 3600
-rsasha1-1024.example. 300 IN RRSIG SOA 5 2 300 20900129082204 20220111060757 22290 rsasha1-1024.example. kM6ztqAaLkxcRxYWrw2oe3qofzoIRjDv/tLD/A5edreqzzwj7H6Ihm0s JHfzqVOWBTwYzX0XgD0PXCqMdkXP7QlcWGYK7uCWnisayZIwNCdkywPC sS2ky1d0eK1A7kJ9nEH/eOgLba5uFZcAo8+9dD/6o6Rt1jTeTQkL4RHI UC8=
-; resign=20900129082204
-rsasha1-1024.example. 300 IN NS ns.rsasha1-1024.example.
-rsasha1-1024.example. 300 IN RRSIG NS 5 2 300 20900129082204 20220111060757 22290 rsasha1-1024.example. jxbsZlgK4B6IkCrZuNDVv/EIqgCU8pTOyWEt2DqvzRI8AeL3I+U9Nbcz 9gmQRaNEtffLVR/sfht6v1ms4AFJKd0xLSZj9ywsZKCmG12UxfNIoZ49 4d1ono8hGYU8xr1Qh1BU2HwgGY1JF4OyO28cgrkT2F9dAvG8MSMEW5Sg 9A8=
-; resign=20900129082204
-rsasha1-1024.example. 300 IN NSEC a.rsasha1-1024.example. NS SOA RRSIG NSEC DNSKEY
-rsasha1-1024.example. 300 IN RRSIG NSEC 5 2 300 20900129082204 20220111060757 22290 rsasha1-1024.example. AfEX9beXrft4d1moQD1VP3Em9cMgJmx2EYBKMlW5e5XFNk2Z5Wj1N//3 sBuUPNppxUilUEydqH5psVw7IMhrz8Q1+bhABNV7cPm1EOuq0NuQJ2LN JNlTnjfaRT6IAtY7d+NOCO2eKlDzMC/q8t2oaB+iHhgO7yc5+fxMGyQ/ PVc=
-; resign=20900129082204
-rsasha1-1024.example. 300 IN DNSKEY 256 3 5 AwEAAaYD3SqsLtFHSfDhA8HhNKQJOToRptRmFhsYbqre+lq/BLpLQNkA 7Kq+chsUhOe+8OHMfkNXfr3XFyuUA3rBg15kq57NZ5gLzkHyeGqB9Ths M5pdwDCqPjJKP43W2+EXXHWsg5P94yldWcvMx1v80vrxGvUimfiQSznE hok/6oqR
-rsasha1-1024.example. 300 IN DNSKEY 257 3 5 AwEAAeEe/ohrvXtDqYgrz5Q1WAKRstnnH0xi/4Mne49PLO56TcVPf6sg xpv/SaHSlQGJnVbQBLebPemKDAC1vVOUqdTDxHJbLuO28brIWMzf0pc1 5G2RNtrQf44E4yaibSROhyBmWoerUHTPGJw6BGDI4fb/CVWujFQ1ieBy WC0p1NWH
-rsasha1-1024.example. 300 IN RRSIG DNSKEY 5 2 300 20900129082204 20220111060757 22290 rsasha1-1024.example. nBLPJfoZe4G3wOe17bBSMooRZHe523pjdaTAK2PmXEa8exXH+OWCHh7f Jnh/SI89Hp9a2ru1Skze3FcUcTj/SlwtEuWpxOs9B1R29P1xVPCwkAfb xsmtmE6u5+oeLGrt88zA/kpjx6t0sFbU7A8/qxlpuoH+hdAu1jI2tlP4 d30=
-rsasha1-1024.example. 300 IN RRSIG DNSKEY 5 2 300 20900129082204 20220111060757 1151 rsasha1-1024.example. 0oNrcBsFySVjBT60SX3m7cKIPmuCOUH0ZFucrmEVXJLGpNOXe37aXbnC Iz+NHcaaeZQP/w4aYSTyQvZs6Vl5Tufeic3SWalzTGv0f01mIIk24v1a h4ePUB8w0b0+/qq89zl6Ccr2/PgTaLvjuSGYcgX15cigqPRcKQNYCwO1 Vsk=
-; resign=20900129082204
-z.rsasha1-1024.example. 300 IN A 10.0.0.26
-z.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. Zf/ynA7APXpNjcMPusIjRan0/ITLmeeY7GJfhCLeD3lEjnAd7dWRl7sC N5sBzUG78Mtgm39Ov/Kj2EwQjFcwcMUmppan3NzS+1YtYuZqlN9iAW+b UUfv8UQUHvM3x/hW4kNCPd2PHIzV2uedIp7VG3Lz72FvjHxECbI7g79V 18c=
-; resign=20900129082204
-z.rsasha1-1024.example. 300 IN NSEC rsasha1-1024.example. A RRSIG NSEC
-z.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. FPlYMJ41r79tkhIkDTX9/uVtcKXfHa+5oXb8fdo7/2CugjBfp5uihn57 3gMmY7Mi2aVsW64hRkehPJr+sTUOk5+ILhO2Qhjdrm2DpHgeSK29BTQr Okn9ruvpLhRFHwI/DllnKvBOyCmKSzJZE7PDOrqouGclNue07IXz+K2R bME=
-; resign=20900129082204
-b.rsasha1-1024.example. 300 IN A 10.0.0.2
-b.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. gQmhCIwai57iscF2s5CJ5DbSy0Z9TiOWYGeFeZITxQ/koFOOjyuZXAZn 6f7mTUcFPhNm4AT/PJAs/L/tzcE16pcVwwDnHszdY28XwEU6OqaXUB3E T/Qu4Sh0BWet9U6JcSSqLG5317qJxqSGfnIJOXMucYi3MH3W8uSpapr+ 4Qk=
-; resign=20900129082204
-b.rsasha1-1024.example. 300 IN NSEC d.rsasha1-1024.example. A RRSIG NSEC
-b.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. Do6VghMEcHk35Q7fI2VrrQBYhChT4pnw791qUFhHZeol5fIKtEnrlviA RN2fbEY+7OrQQXo7Ywxo7nTD9sYsFgOwGKqKJ+yLNPcr++0csbkgt5rU ch1Lv+t7jOUuUX8IzgjOoCH5j9eoU5QtGkEBxf6z0nvlsLJaTWwTqvbr 7aU=
-; resign=20900129082204
-a.rsasha1-1024.example. 300 IN A 10.0.0.1
-a.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. CaPXSTPLNeQ4MyRylYP/Ztb6kRT9/QdgpTnZxUHCjSdWEBXsrkEr55/z dBSQ8zGGOfCxlOkmgH/UrR7JmHTQrIqsb/iVq+6D0mfvNJDyNpT92bo8 r+C62/9NXLlkS5zcpyNG8Ls66EQ7dcFa6SxwdxF1qaoeBjJvkrGUMnzP UFo=
-; resign=20900129082204
-a.rsasha1-1024.example. 300 IN NSEC b.rsasha1-1024.example. A RRSIG NSEC
-a.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. DJlfCVMSPZ6KUIUhWUBt7LOCB8vBbxOFaR4PoHs/fLpGBWrQj46sjLKO W/TImquBg3ygYTOIyWEzVb177HryRmx65AKnfGLbzaTdTgHzcELwg88t EYFT4ODalqTn68o2RfWtNl95FNqJR/kguxxzFVgpN4zfGKXdhTWAA4JW zG0=
-; resign=20900129082204
-a.a.a.a.a.a.a.a.a.a.e.rsasha1-1024.example. 300 IN A 10.0.0.27
-a.a.a.a.a.a.a.a.a.a.e.rsasha1-1024.example. 300 IN RRSIG A 5 13 300 20900129082204 20220111060757 22290 rsasha1-1024.example. PVFCHIXgDCZOHsTsr3G9wMnPPmiY4CfOXC3b1ZF2qEDqloIT+YX5oKKE uiT6fCBteS6Cq8XTXdezXjqTqxrdY4qMMOBDnIZhf8eOxjFzMEUKKZuH 9c5rt8u35TihuIdKv9OPXdWuTJ4dVSEZjNNxvh3VoMW6XFagYmu3f8Gr 0rg=
-; resign=20900129082204
-a.a.a.a.a.a.a.a.a.a.e.rsasha1-1024.example. 300 IN NSEC ns.rsasha1-1024.example. A RRSIG NSEC
-a.a.a.a.a.a.a.a.a.a.e.rsasha1-1024.example. 300 IN RRSIG NSEC 5 13 300 20900129082204 20220111060757 22290 rsasha1-1024.example. VOOEksRwMWNO2ESMrcMyPFAHuXyYgeLVODy46DwDx8PTli3/UwOH1e3l qd3Poh2K/OFP2v8TuzkXXnPW48Lg90haHtG9yLr5UUNoKntmBC9PFeqt P/qdOBiHszvcyyjJ4gabEX2gn+o/sL/klQV4m3mB4Vf5sg2dfX8Qyuw6 nDQ=
-; resign=20900129082204
-d.rsasha1-1024.example. 300 IN A 10.0.0.4
-d.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. XcxbM4wA+yTOAwPePwRIg6E58HuMr5qIkdghNn/R5ck1JdirLbMB/Wpp Si+5a4q9F02Bs8uZv2YXtXRIa32i1/L6OPeU3RFQfvkpHbQNTvPtsuAL bmFGB/zdR6XQpqC6G+ip9qY+mk2hXwCZZ24NW90O9qYlE8Rp145/dIVM DPo=
-; resign=20900129082204
-d.rsasha1-1024.example. 300 IN NSEC a.a.a.a.a.a.a.a.a.a.e.rsasha1-1024.example. A RRSIG NSEC
-d.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. fmBjPGTNWOXAs51XO1fIRCKAbf9TLTV04TmlgLm50oOouEXsXpwKo6tb MbCGI2f+u986mtzLW4gWY+rcAPrMCndu5BPIYPk/Ngd6zqylWJzAfKyg PIqO0lf6jg0J3FfP39fw9bf+xB+AI1PWBrVZ55LotBYgIBZYhQ1LKPZ2 iyU=
-; resign=20900129082204
-ns.rsasha1-1024.example. 300 IN A 10.53.0.3
-ns.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. beHl0WxLgPYkzKs/tdQnphXDzHx6FqdQRlVtJIYHGoWmWe4X6JWg4ENB a0xPeOGFQPBMgNuKbwyjAVmX0B3Su4LiBM7GcmfJbd4YRNCa4hQvhDpG o5A54Pxo2Qdo9Cffhzva5z4iO+DNnmBsfKGPna4sO2lRNfIxXlxCTbnE zps=
-; resign=20900129082204
-ns.rsasha1-1024.example. 300 IN NSEC z.rsasha1-1024.example. A RRSIG NSEC
-ns.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20900129082204 20220111060757 22290 rsasha1-1024.example. aZTImJ5QFufIQEIuX+5ZYVW2Yq4ctxeX9zm9yrQaUODvVRm3X3WjncrU hkgDaW3a/j8RRG0cdAnzSWCzIMz0Yv4kWxrxCEJyIgmVUQ3fzxzpGwMF ZwCtNb9aWmImcAugTnjocn5+iCiyTEVipZmTASEyN0Bgp5Q4oFChnzIj kjk=
-; resign=20900129082204
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
+; File written on Sat Jul 5 14:07:41 2025
+; dnssec-signzone version 9.21.10-dev
+rsasha1-1024.example. 300 IN SOA mname1. . 2000042407 20 20 1814400 3600
+rsasha1-1024.example. 300 IN RRSIG SOA 5 2 300 20930723222148 20250705200741 58758 rsasha1-1024.example. PJOZW7DeXBMB3VJ3RGFHbq5sWGc8zas7y8BKaEz4rWmScEfJrmt5ZGtm XPuQ08roCQjirb6ltLGMBorOZ5PrKkF998FhihCzUjJm9FSAVu3VW0FH 0AHGRuoErR7goE8kp3mQtqDjQfKN3RYisffzXC8K8WDb9AXNo6tdPl6d efA=
+; resign=20930723222148
+rsasha1-1024.example. 300 IN NS ns3.rsasha1-1024.example.
+rsasha1-1024.example. 300 IN RRSIG NS 5 2 300 20930723222148 20250705200741 58758 rsasha1-1024.example. 7bxj7Z1i+Yfn9GzJg7eYbx46KPQOybj/aqhJUDp4ajlYKHrHHtlhHiez DfDj5RlgLGdAzRQPBs51L9KWWl+S6+MPujeVOIT+8SLWbkAWiaY2xLl4 YvZOFFelI1msoBPsXHt28OZz395Iun0VRTnOYAVR/M8lFAwhwYKxnK6S pD8=
+; resign=20930723222148
+rsasha1-1024.example. 300 IN NSEC a.rsasha1-1024.example. NS SOA RRSIG NSEC DNSKEY
+rsasha1-1024.example. 300 IN RRSIG NSEC 5 2 300 20930723222148 20250705200741 58758 rsasha1-1024.example. ranydIBWyrsp6gvreVGLy8jlHnQh6fL36grp1Rqp6OBNsSn+WegQP5uQ alksR/mDvSAFAeCEX6jJ+GbZan9SUYpkrqbyZtrX1+xKnbbu12ogx/lc Egph/QTXsD6iFBXRB7psiqV1mJx2PjmSHEsDN6zxbOvCrSBSoUQZOkeJ ePc=
+; resign=20930723222148
+rsasha1-1024.example. 300 IN DNSKEY 256 3 5 AwEAAfrnP/8ng5St8Ok9VOJ4QWrOIfAp1pzT0quT8+Else7jAOI55qAB qcWOOMfkgF3AGfmD/OkTo17fq4HeoULrnOw8mTPjbQFowrnPRWpClj3N lRUVfYpVaKOzy3WnUSiqtegktKMaZgvBz5BgAeJOkG6IpHCqYab5135K JplSUlBz
+rsasha1-1024.example. 300 IN DNSKEY 257 3 5 AwEAAfF0adqZOjSh1ADpmABpTwEAD/cWy/+9R42G+DqZK/8pkxfvC6N9 b9zWsa9LhyBge97aq7LyzlKO4HJvYK7su16y3ZeEQUplrwIwD6OPoffu X7vjNA+O7vikjdSN6sXI/x7eKwU+ZQbLyCao4COGy+Xl8VowWmIGJ3DZ wEhwOd+t
+rsasha1-1024.example. 300 IN RRSIG DNSKEY 5 2 300 20930723222148 20250705200741 29488 rsasha1-1024.example. qGZmNE1DZMvZ/OwZXuRtebtpIIE3pzYUQngQD9VUHyA9D1cLuElyevgl /pjOh5Vpt0nid1Y0HrLrXYe6xRsT8a+hhp+5ybUqjOpusBDkj/LYnlev y27Nor/GcHNy03R+B/Piu+1T3UA+dxvYc+YJrmmx7XU5tMpqFyV4C4if IyU=
+rsasha1-1024.example. 300 IN RRSIG DNSKEY 5 2 300 20930723222148 20250705200741 58758 rsasha1-1024.example. eMnV0gdwLW5SY+gL5CsTilyz3qN9YJBnD/EgaK4xXxnV8hoTXB/QgtAP +/jylOSIMqCT+VA9UlV2q2WyQd3n2ycdAaXIrZhMJDo/ErXcNrfi4h2G aKLVr/NiX6VlNhyNgbYgz0dM6CjcMbFQSr43hFJ4oWbOrEAS5a708/6t uUU=
+; resign=20930723222148
+a.rsasha1-1024.example. 300 IN A 10.0.0.1
+a.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. 41BzMHFHRo79n2jipZYetBEeJ2tb/HD2wj28I++yPLmVbn2IUnA0qOQV ypYQmAjhIKgDD+KHq0SB+WbPnVj6buV7WZ8mlknFDNxmMc6erdStBwsO shtL5kNUv33QTsyRGtreCnEjjWSSMzC63sdBXyjN5+ZWVqxKIFKGwMJZ uwg=
+; resign=20930723222148
+a.rsasha1-1024.example. 300 IN NSEC b.rsasha1-1024.example. A RRSIG NSEC
+a.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. KXNm/3ISKA9TJqFUAgrFVVwrRqIMZ9IhaLALTD8nZl5guNfq1NUnjKQW kbM24C2b9Wb3ID+lIlz8NygSdVyGpUsxvyn3s72wxRHyAQjWSgXMsxHH K7OlPMWKOKEaa27uGjbXkcITPstqveaZNdCdNba7hrjiBuETsLBRQoyi pO8=
+; resign=20930723222148
+b.rsasha1-1024.example. 300 IN A 10.0.0.2
+b.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. sFXNp9u1KLmGALRtBygUQa4jNug25BWHJlBjKiaIQHal4YN2wpNMBfP5 8pwAfTJHpMZmnIfTQKpYHFYI+AZ0VUh8KRjkUfZYtgviu6BqPshuhNVa hKYpSzpUDCjjg29oYPC36sIZSnZDbhbRYLzERXMVB/tLujDgjoGD4z3b dzM=
+; resign=20930723222148
+b.rsasha1-1024.example. 300 IN NSEC a.b.rsasha1-1024.example. A RRSIG NSEC
+b.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. mz7zYeNU967NoqNLTbi9ggh+jG8c4AQK8nfkP6f09EuH76BcU9T/BzKI lLPws1PYmBeT+WXmcwuFyDxPlSntO/xlU/t5wMGOjMwHWRPaFiaAx3H9 PZj9JC4UDfEKOB/2icS9HQrBqzsPlzYVWrdqkAgm4ErVl4DNU0zUhv6y Xpk=
+; resign=20930723222148
+a.b.rsasha1-1024.example. 300 IN A 10.0.0.1
+a.b.rsasha1-1024.example. 300 IN RRSIG A 5 4 300 20930723222148 20250705200741 58758 rsasha1-1024.example. e4R1G9oEo5I2kPqVsbUYBgP0Bv5Eyp9BTesgKqAJ0q9NfZGtjh/03kCr A8CPw7mwL3qLEVo/oupkzpLj/gt5Zszdlmu7Bw81cJfV+x5cPyLjXJty Z9+T9KZIFa/tqW8FFF3/owEecTjcPjJs/mrlNy7lbp1kLXBIk6S7yt+c dpo=
+; resign=20930723222148
+a.b.rsasha1-1024.example. 300 IN NSEC d.rsasha1-1024.example. A RRSIG NSEC
+a.b.rsasha1-1024.example. 300 IN RRSIG NSEC 5 4 300 20930723222148 20250705200741 58758 rsasha1-1024.example. Y3N3uY1kIyY9WlgWF8ZQ9gmo3Xi74G+UF195ljexwkjlU7LOX7TuaJpJ PyaqASJBGNF6aLbcwR89rItxJknSdNk4oqvQiwykZ0e02MXb/zPeqqkG +y9jS9M+ygKjMcyY+qHVgjy5UaldUqOV/bjg7cq2Z2FsCjkD+lCmGzfl pd4=
+; resign=20930723222148
+d.rsasha1-1024.example. 300 IN A 10.0.0.4
+d.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. 1jqKrIB7M9la2A8cRVdy92TV19elq3pGvu19DGz77sbn3HYrb3lF+zSl O2g+75RxuwzN8yoGe5P6/EfaZviOPNBV5s5e+xKHQwAxE0RCdnLUcuE9 8PAuNBogBvhrDzZJQh0p1ap4vyuxCEH3jDYua9Ul7VMy8UmGcBO0BuaS f+A=
+; resign=20930723222148
+d.rsasha1-1024.example. 300 IN NSEC ns3.rsasha1-1024.example. A RRSIG NSEC
+d.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. JA2sayAAdp9pCtOSsv66hD6LlgA8IFC2gzVSIjYVnz5vevoXHcok7HTi UbaaWoE0UaCI5DrMTSc9x6IOMe0OTC4PLPl3dntnaiOZJfe1Fr97zyme jaMzqd61Tla/dGM58KUKKSL30hj/5o5DwW7ppdHKIW0sq3YXufnDOCgx TT8=
+; resign=20930723222148
+ns3.rsasha1-1024.example. 300 IN A 10.53.0.3
+ns3.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. NTFkNDGrOnrz1BvHEgqq3I02y+unDlUmkd2RM5pFz4wMWlZm7b2sPFsi kGH8AwE7U5RBR4Pi6YLS7im+GKXRKEChYbHy7QU2XyvGueQ0AK8jLN3+ daSr0vK5RGSDihl3lWELQPGF4/qrYYVQI8itrewvYWA2EKmPjgJAtjKV DO4=
+; resign=20930723222148
+ns3.rsasha1-1024.example. 300 IN NSEC z.rsasha1-1024.example. A RRSIG NSEC
+ns3.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. Dx7nC3ZCVV+BTR06WOG6vh9mt81aQijpKH7N03GopNejfbEN3dtGR2n4 cEnc/rofcy0HaDiRGKptrxYNDez6g9awh73p9FDQgE/gnnOJ1WAOIyVi XE4OHSwxfRRdYNV5oDY5Dsl9/ZNuewwc22hfEHTALKDv5ncOeGlk4r/U cds=
+; resign=20930723222148
+z.rsasha1-1024.example. 300 IN A 10.0.0.26
+z.rsasha1-1024.example. 300 IN RRSIG A 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. RO5OYSdypaZuuB+cYQLfj9nZ6PgCpd3iSOZETdY0/RYcH31dX/mDWa/s ODefiUOcyZNJYbJmcZXbOboBQOsHSB2+SsYwc6hfkKiACvB564/6u/5v hujJJQqEpJfuGEaGfJtQHjPgXQoa33juX7k+4zOQJFAs0z4loIb5s9d2 Gyw=
+; resign=20930723222148
+z.rsasha1-1024.example. 300 IN NSEC rsasha1-1024.example. A RRSIG NSEC
+z.rsasha1-1024.example. 300 IN RRSIG NSEC 5 3 300 20930723222148 20250705200741 58758 rsasha1-1024.example. hLdkoNjYFvJ0xYYOp2D0mqoZntJ8M0crDboQ5CGQ5fZD3eIFWG/uWqky 9tt6udqkqrVv7cniTlyoD1GQqBpx4FR9P5qgMXDQ5EvZ7WncjfVg2IFV PYZAqV1iFiQXackDd3jipKGFgx8NKvfl/jr1tdNR+5LqxHFM51zb7Hak J08=
+; resign=20930723222148
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-; File written on Tue Jan 4 17:29:34 2022
-; dnssec_signzone version 9.17.20
-rsasha1.example. 300 IN SOA mname1. . 2000042407 20 20 1814400 3600
-rsasha1.example. 300 IN RRSIG SOA 5 2 300 20900122074341 20220104052934 30286 rsasha1.example. wg8k4y/Cs/+u2QfUnBURhD4isSFTzCofpdhMzVJEUfBqu1DBVO+FECQ4 U80NCg9iksxm7xsWAZiQx6Rzvh1rUqEA7OhCy7XiPuz+jR1TYHXJhRMu t9gu7aCdTkcXYCMtppd49/2vT+WPKB98QIKD6wgl4LFFhwbUCoXavin4 babUiJrJeAnuxmIeD5HtM5a+++p0F8QemdP5FkX3WCRBHNFGnoVYJjc7 PZ+L8ZpKElah47XzJwAYWDr34TwqU9llCOcXlXYKBqDKO9fEtJJ1hyk9 Sf4fGOdzZD9Pj4Zz83UlHumeZPfIC1N0xVBYvGPu8LU41WZ4BgZfKSoS UIpbPQ==
-; resign=20900122074341
-rsasha1.example. 300 IN NS ns.rsasha1.example.
-rsasha1.example. 300 IN RRSIG NS 5 2 300 20900122074341 20220104052934 30286 rsasha1.example. VqOKkNo7CRH2uquL/46cIVoIPvFYT2WrpwpG6ienlJoLF/mZn0ReoMaK G29R8Q0tklalk14CGShiD409lXDRynyHgmLGIFjkXMd6aNRQOdD1O+7C wEhAj4/FEz+qpk/xRGMslxCCF1P7DxpX5ZPI9DuPVVvTRk4131CALaFQ EPblDzEgd7JeoO0tKnPjpzXLdr86NDeDVZXonimjEhQNrvrrurQ5/u2F x7jVmovN47Z06+XCbleC2ag8ZazNkYfU8GlFvkozZMGZtnpja1/SllNJ ZdURisd3JFMw/xsZd1v2MspKYcZePTfzyk/keXSJ0AlO7TA1X2sjiFOo 1fhSnQ==
-; resign=20900122074341
-rsasha1.example. 300 IN NSEC a.rsasha1.example. NS SOA RRSIG NSEC DNSKEY
-rsasha1.example. 300 IN RRSIG NSEC 5 2 300 20900122074341 20220104052934 30286 rsasha1.example. U7SEGuJ95CKk6+sWNCNHfPuvjJ2KChhutImWmSTc9lgb3uSfptzwbYnP UZ3xG0IqkayRJhBSizLb5kntvBZbcz4pEWZ+o7ZJdiBHcCARj82OJaLF d147VB3XJa6rIi+o/Zm8SIbxU7gugqRds7KfSTxAIjHzLpCcu12hlgfc Qso1LYiVeU5GVnmfuNJQL7QvS3BQuTylTI1+HQpiY6W8Bzev/TcbhoDJ Ywp4hvgF4VGCvrO2glSO4VycLjluawKSlrNaLbAtWIYYUSPbvtktM8tQ GBqOij4l7eMCTGRCoExWEnr+CzWAauoemhLDh27Bq6VNjD5iIvjzt3Ym uGDQUg==
-; resign=20900122074341
-rsasha1.example. 300 IN DNSKEY 256 3 5 AwEAAe31msH3kL5cIQ6C1vTnB8GvbFDm0t/j5XWnLonaKDSUoHtKLlRq pBPuwlORRUZxRSs7VDAaKE0YGky/YklSCqvo8gBD4dkNjWD/6XGkmtEq DOL8XCz1KO+djs7WLCuCyGIkG282+sntuZJj4IMd+ZDW1urCwaP94t3u W9N+PgrSacK9Ff1bwLR9KIgkRFpJ+JxPeaFYnVEyB4ZaZ8DgPWYNJ+aC awL0nATybC8asPeCGvft3lSS99z55IMfkpjF1rwHIVybqhiukRighazQ ljjVQdlXj3YxFgD0fpscJ6yN0QXdseagxiT4PahnwaHYHUhgGm+HB1zA pA49L9dg2RE=
-rsasha1.example. 300 IN DNSKEY 257 3 5 AwEAAcQdnpcda8XlNxllEGbWy9EGkD5TtHEbxThaB9c6ZNQPTf3gJw0A LpIZ787sepWND7vPcq6Qb/xZEmC6ER5OfaYbDznUh8q5NaaTbSwv0tng gE8KPwtvlgH+4eUmOcEkGrfR9G6J9S8JTT5bUWKTUbprxE65/8xcY33S cEeOpi34DLR9GLNvPLTSLuWQcYrq1YZFHbivQ45oFD9PvWPJWOoAN68N T28e0ZV8QHuXqW0IEheeW+AEemywupdaxun6Cvvolfz2EMYFnYX8YycE 0qUoDC4W9w3xB4nOllWQfJzgQkSTr/I4XCgepFunBeuAHZhCoQHPt9fK IfPUYxQzaa8=
-rsasha1.example. 300 IN RRSIG DNSKEY 5 2 300 20900122074341 20220104052934 30286 rsasha1.example. tODh3LiRuG/ao3ZtJSLBPCy74pkfHXMPRUgFP7MhNR3X6gq75daTVHLi ApTesgAXPAbHI404ps/8M2Z84dkMKBhRDdp1e9OwR8IB4Iw0IOGp2rV7 oZSYNzgnlwRfQ2G75G3xbCjiQhY0H+7IlSiys3sAaI67plvI3nDC3C/r zyDKiY90pK31e+q72SSK+1t/MlsRm0nAYHyUZGLuBMoXYHwonLImeH9Q jwy+cXLwhzOfPfm97ailNifEk38+P+H+Yq35Cp1ezpMzxAi67AcY83sR XB7RVRCf/4uUErh5rYcl6EcnHFh1xA9oSHsaPQbd39PO2fNanyvdPH+p b0ey0A==
-rsasha1.example. 300 IN RRSIG DNSKEY 5 2 300 20900122074341 20220104052934 9662 rsasha1.example. Ksyrf1lseBMSQGyPWrSve/X09Nb1CWB//Yvjw9HAEBwna9wseI6cH6mi B1G2JyFmTFzxGgVmf0wB+oec2w7nt5/uUJbyVfLQvCs9RXBGEpKAwhVf GKIwcSF1VTyVfx+PYPHvCpeN01Qm3C/5pJ28dkT65Hry2a7f39kk/8YZ 4zVM1nYaTsBUQdQWvR5UlSm0S3SUMBc2MIEUGUFBhtBJ10W8VkIfNzma ONjMHthu8vLAfwuBYX8zzJIVB31XvnxZDa4LSM4PesyPZ+KVR27o5dlL gQS62u3PWJDgEhUNFIa8A+5kDENC24p7DSfG+Aipe3upefBpBAW3VEdN A/nwQQ==
-; resign=20900122074341
-b.rsasha1.example. 300 IN A 10.0.0.2
-b.rsasha1.example. 300 IN RRSIG A 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. ivXu+xAyZThIsY2T1c1wczdeeIG/37z+nO9sbUOzcUyf4+T9lX+6rU0D gxQTxHVdcsw3ge/C+dU2qcrs3EHHW4JcpT1yZMbXcyo+w5ocj5oHGYD2 L3iKLCEZrzdkIwmY4GXNyTznk0X5GKuaP7P6PeNrwWEBficB6xLSiLm7 tsswVcc4XyHa+zKBbxevIt2bKvRUfruyztgENZXJ5125Kx1Ee70Hwvgw bNc2J7lqpJw5c5O8yUaXq5gsxcaLBuONbQ4ANL5PtFQJJY7B5GhqlRTy gVrThJsoZj66pfa8gK92yn8uRG6sFpAbtPrTMQaReiExOhCUdBZRBmA+ RWUTKQ==
-; resign=20900122074341
-b.rsasha1.example. 300 IN NSEC d.rsasha1.example. A RRSIG NSEC
-b.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. hHtS5Bev1RkOJhsz4QnWJzzn/BBRLJil1l1RCbX+nbVbPE93l/2aDi12 jgctWKIfAiVfdFn93uno11+7Lq+bJaiMvaozJ+f7XWMAPsITOlKGNtiw l9kqZJExugH3q0RC1W0xxnb6HlIbwYGn6refUexaZKjgBsUg302pY7bh 6z4WuPakuxAqsaI6KLxLAlm7CWmdXvpFMCc1dnIVDplxOAvEINTrEesY sffjfmRbP3YAXC6/xvu0WVlikgklJjjiRqdeiSqPLGlnb79OAF5whHSL nYvWscX00/f+SOiniFoAFH2KeSb7VdJ2jvpTaqWjrYxxvwuZMsKNzwRI 4pnH/w==
-; resign=20900122074341
-a.a.a.a.a.a.a.a.a.a.e.rsasha1.example. 300 IN A 10.0.0.27
-a.a.a.a.a.a.a.a.a.a.e.rsasha1.example. 300 IN RRSIG A 5 13 300 20900122074341 20220104052934 30286 rsasha1.example. BQT+sZ6SJUbGDJ0eG6WBM19+UoBGZEie96E7EXaeS4It3M+EaMkIWIGD hp0MwiC0yW8u0zWjlA57t3yRpVhvCic8kl4SPs5tOmDXyy5RRJ7YOHNx 3PCuAbkoTfoLt5ReVtGcs5LTz+lmPUKZw/dwols5x8v1PIC2O/Ud6Yep TE9Qeymj1/C3GxxLVPLxXQhirkhT6LfMmFH6fNwec6U7bVRyMo3twcvK TDxkEZu5qA0+6bSrLC/xdyZYE38RQOlicmmGfYAIkDWKDdDXYbfBeJq6 zP8aFvdqOckDBvXQcnP9Cq+IvQX1noO90ePYf5AzNxAEQFJ4S1LUm/0q mQqNLA==
-; resign=20900122074341
-a.a.a.a.a.a.a.a.a.a.e.rsasha1.example. 300 IN NSEC ns.rsasha1.example. A RRSIG NSEC
-a.a.a.a.a.a.a.a.a.a.e.rsasha1.example. 300 IN RRSIG NSEC 5 13 300 20900122074341 20220104052934 30286 rsasha1.example. jvJup/Pg4BpAjh+eLMKEYFkpK/iOVt3QggGL7CRMxzxkYYMJNPwXqdAt 5MovIAFjFKBQm0RDe8/tqav/zdOZrDTyRZ2Zsh9qOp7hlOhy4oqQF+4n Wqg3x8v9gSgrzSAsiJAhb3fbbfdAb3Esc1R0Ec/RcLYEUXiD1eLTG0cB qtVmX3McwXTmu0OGpn0Dsg8CTSuQnrvo24bvsah5SEL1/NVkPtEE7KDT Q8orR7LNM0EeIL1CHxT5dqCAo5MvUm9L8GL/YIOZgtifD/uL23T0ej4j 0JYN7EYoDyFT0fyGeBoS2jkCZTsQZivfnkE5J4Ch1nAU5bUmSeX1eZHK nvce9Q==
-; resign=20900122074341
-d.rsasha1.example. 300 IN A 10.0.0.4
-d.rsasha1.example. 300 IN RRSIG A 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. 1mZnG0HsIygSfEue9vMlqWpIQ59EmrktvFrGBzNUEDQDjsoGHv+syMFi A8BtRPkrHZzGaYTqy4L8ZL6V5vZPN1icETNVebx7teBTNFIwlvubdKoQ Zg/37W8gW6U1PN4khQlfX7W5XMFifF4qfCfI3XhkPgKacVaucHQhvGth ZzgCbhCQBVMooRb+v+nzknin0qpIWm7pVPh94BaajxQJ0mNwVQ8hjdJP jy16PH4z/aQ6oPjPKMbnMwTQOdWVUKsZtEkBGcAjJWLFmUJYpR5PPdRB /VsEtjexNKZtDwn0/QUIqUi4GcSp0ISTDBTNDjImJhWVJUoFh6S6zuRW tPYZGA==
-; resign=20900122074341
-d.rsasha1.example. 300 IN NSEC a.a.a.a.a.a.a.a.a.a.e.rsasha1.example. A RRSIG NSEC
-d.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. oWJRAhXbXUA84Nc56NyMocBq93bn3k4uGeqv+XL2L5l6yjxQYxKzjqq1 O5m72K6GiIjoIeun5TxJlEI7/o1EivTxdGYVP4Fsb//Wrv422QcHwS27 xNsFhLMFQglBCOaZzj1v3G2nXRRjP8x81ysg048THlhH5Jm7cW3aUmuS P6kXebWVwIc2nywLHVr/U4dCT2sHOk2gkUuaj8p6rMLVYwj/5dBRijVl Wm131ZeimetxrrRVxXtOfof7W4pqx3bpYRqb/Exdh035Hen+QesxRYTA zcxY7CywJY59afc9/abQBWGkPLfF7rgfJjPIc3MpJlP4SPf0SV4bTNUU nptZ/A==
-; resign=20900122074341
-ns.rsasha1.example. 300 IN A 10.53.0.3
-ns.rsasha1.example. 300 IN RRSIG A 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. ONQph6nkFWSS6dqe/agbVnbjwTtA8ZZATpTCqoRJp2QoEgIjZ/0Yh7Fl Axz4PnpMYsEoie0IZ0/g+xTH7nXYphZzzzgedK8WK0vdTW3Pspyoiek/ tWjiGshqq1atHgi+jjRiuhnEvkaX0UDipMCQvI7oFHMOJxmnwZBCNWMc kBu9vbqtr/+HM4y+jGywg5l2XVkmHC5RZv1CoYc5PhfvV4zMI2RCb/Km i5eNCrUZefRfAq4fK9M67Jh/WnfRWfnHZKZN3O0yiRdnKOh2tOQP3X46 fIuNldCeg1PPnkbs4R+ekqJYhpEydNuWKEoKw2ZgeIrmbcRqepD6y3SZ UP/TAw==
-; resign=20900122074341
-ns.rsasha1.example. 300 IN NSEC z.rsasha1.example. A RRSIG NSEC
-ns.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. s7P7k9FDJrO1JhUVjgVUDQXNXfNOJrYVt44OoD45e7w4Q7QkyeZe+6z1 Arj9tW1bI9nIVNo63DT51bsJmj4vPf4SuJgHO05ElkLFSvHn17qMdw8Q Kpx8MQa7plAISqzl9hJip0exMuV+1IHujO9VGE42CxKl0q6l2b/x3+Il afx47bcEePkdhHXyhOSdrtxFTayzjMd/7uSy6p1jFSEVrheejQ/r44t3 9uxEc4EYfiP+HVfnjJ178j2Xa4dZyi3ljhJjaH5oleiy5c2Y5kXRIuXH OcIQ2axO7LT/yupRcBPlo7ulwI9iEVd2Q2gueMqaJ9YEWlcoOSFu1H75 7IRAbA==
-; resign=20900122074341
-z.rsasha1.example. 300 IN A 10.0.0.26
-z.rsasha1.example. 300 IN RRSIG A 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. nuqG+ILECKKCQockETu4yLRKZzv9qjXJpfD0/yw5Cw7nSrZFvAjpkQR2 f+xmzbcxP4xiYqs1I+nz8cnHs6NNkJA8vcmk9dnzRu78X0x8MFFV0Yha jQKK/cSzhEhys7GMYv3Jz6lKfmFOAoq1et9PaQT6w8zQD8Q5vBzKrvZm pg+QzZvvgToZfj4e5J7nrhnyOVo7Jec5l/aBCGJbgRMDxjyyC0ufOjnm POvsTZk+wM3+wuN6zYwDpproPiH/6vC/yPlDHeh6kDt971dMsdvRv+kS KAzPyN8rweptJ/HRprb9x6zcAJOrK0T1sJ+EhMbYMgC/py6aAn+T7G5D FGY1tg==
-; resign=20900122074341
-z.rsasha1.example. 300 IN NSEC rsasha1.example. A RRSIG NSEC
-z.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. Wj5DkrGppeMFn8bWLUMfFPCzDAO2HeabbEIMaAHBH/g0hdn+2PPkQc8D D6WCSc4q5gyGNRSXj2Kik2TojD9n/5WuwDAA3W2AOso+4d616lSy9pyj x+e4WZ6y6tAYRRIGIVTdDEOxrZ8KspclWk7H6OAAPIYvgZeYjox21qXN BknpIifVoaYUoxi3e81k25erm/Xww4uU2SMQgvq3sBrs0YGANembfxas BRVmSmBykpugHgS1/Fl19Hp40y/JTBzqOLrHgPgHO4aH89dgta0WlMhb 8uCUOjHNjcR+KO3KUpKDZkH8IuJHWWFd0TabdV0KBhpInQh6Yorhpjg7 qNBbgA==
-; resign=20900122074341
-a.rsasha1.example. 300 IN A 10.0.0.1
-a.rsasha1.example. 300 IN RRSIG A 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. eJyAqMArSagK54kSFvJxE5qYXFSDYxj6Vt8l4gi58BQigO7p5v0BUWcS icToRx3a9+rSdhnBuGbOWGNlrKFfCKrLmqYrlI9GFSAFLAFj7DETSKDJ X5dQ0KnpyGL3SneQsDWAvAof0y9B17dnBHQMSjeVqqQLjYEnq3ZIdT3c b6emCGMhcbfIAOYWt7t9nk/J2tsTsdoKtTCHP1SHjn5sE++BPXOce49X gFnNMD+pOcoLH8Z07RcTQ8IeNIa9hO8UaypyicaHQ2F0JtsiL1pqREXf QsBeLC12Gbi0rxJX3gdj0LXsmSerVl6BgaNjPTp3840WKrW3nTG/8Lre bxgkow==
-; resign=20900122074341
-a.rsasha1.example. 300 IN NSEC b.rsasha1.example. A RRSIG NSEC
-a.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20900122074341 20220104052934 30286 rsasha1.example. 6fZ5/GXrFAc9lEspMNlPa40F8O/tGq1oaSZXVstwLH124TNWxRK+i8eT H77Kq80vZkDus8rkLr4fiLP3ApXVBffCRHZWecGrYaPGDbQXALQEktld NhmLr9Nf30Jq7KvVV9Qf4daPC7ZwkB8EsikJxjpQ/paHlU/Pua7ZonnH /x9HHRJBLWb/PPQWEc++8SSjA79+HZVbB8rBwXyxHO1tFBCbBpK/JNwu KpRqNp/mwxPpSaJGZIuhHlzfbLsS4WoXjdG+fob4RqsPPwrf/uAAzKM2 dHVuqZ1erH3ryb4JdRo+MhqD0+vC/7+eNccEXraBsE5xGw4M62Se37WC kyQDQA==
-; resign=20900122074341
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
+; File written on Sat Jul 5 14:07:24 2025
+; dnssec-signzone version 9.21.10-dev
+rsasha1.example. 300 IN SOA mname1. . 2000042407 20 20 1814400 3600
+rsasha1.example. 300 IN RRSIG SOA 5 2 300 20930723222131 20250705200724 56181 rsasha1.example. HD26wOumxWQ/epo0958sjThZr0yfTMHnIn5hC2ZdOia9uuBBnHR0kPyS ++zd/Q9lFb6MRzkfLEHGexv2fXIHnWcCLp93gYvMm/HWf0/MhUzhabzO YJfcDKRT3PUEgDvuE0tiHEGWHYAb0iXQi1cjpZhvw6yikAQ2o3UUn3e2 QTQ0JO7EnG4wNxPnr92VPcTLTqajczCz63cvCvJpkaUCjAFyTKvCpgyl /eRKagX0UA8lv+DmOwFCTG0p1JeIQMQoW7xZELEWb9mAR/o1VmcJnYT3 Awi35hTj9XhM+bPCK4qqOkq6JNMSnOA4Xxg1baTEqjrFJZmEG+iyImoL 5d1DLQ==
+; resign=20930723222131
+rsasha1.example. 300 IN NS ns3.rsasha1.example.
+rsasha1.example. 300 IN RRSIG NS 5 2 300 20930723222131 20250705200724 56181 rsasha1.example. KAZovbd0Urp3LIrLsCV7UldT5ze4fYG8iaXWpyrw7/JmZIZOWA3X4rgF hlhxes8xD73qrV96dWuNZmTMs+mp665bAbX78sjfZZdmWGWrpPzse6G3 YEm6EGSOWjrsb/kOmKPiRTaVUhTanAjJC17rhixEYRBrvekpnDx/3PjX HnJRR8a75DXVrhm47u4/hHD7cS2hOfZj4xqNyWOlpNIaH7ZWPzO34SR9 iuPReF4Q06NG741TdAfsl3h9YeCfZWBH1DQ7jwrq5hRGPTtZmq7OTyMm dH0ovRF6ntYYbU0aOanS4l7sjEVwr+AkrFG8Pu9Ipey5Tlgn3bx40cAn 5TDkfg==
+; resign=20930723222131
+rsasha1.example. 300 IN NSEC a.rsasha1.example. NS SOA RRSIG NSEC DNSKEY
+rsasha1.example. 300 IN RRSIG NSEC 5 2 300 20930723222131 20250705200724 56181 rsasha1.example. DIhZ8/JkklG9nAC0CB98mmOVnXy7KS+CbG4vC8OrnOSi8nyyHuNC2Zt7 p2taM2KshEJ3piXUsICLbQDpHwrbbRx5RbctaLQz5S3lhx+0j3TNZWaT 2kWP5jMyhNDxaNn35xh7yTamDEKC20Bk5YyN76YClEkwqAr9ksj/FUNY RYIG9+4jjOt962Vj/5e0pgK+1ZbM3lF8WvJAh44YgWD9U4D1nBmyrkTq gBwJUbCvEmyoCxOQfSQhTwaAqKQ3IalnC2hfHfYQsEwpbVwfvt4LGEy+ b0vNnBGHKriM2T/p59vtblWirsxDc8QNpYmtOvjVket4nvzBuA7eqUFt /QijRQ==
+; resign=20930723222131
+rsasha1.example. 300 IN DNSKEY 256 3 5 AwEAAYnqt4hwxo/oi63pCLz4EQaUyQU1viMhQ6EVnIXKdPdymJ51tKuh qJ+uT1MxcMwH97b/2CtqTtbI4MP7ksxDWh7JE4R2kzdKrtb1darcvSiy Ewh73TG+1wvt1f7ZC8Hw2TdiU+mLL3vFBfmnUN1Q0xSULKckdlOwH9I/ 20xeS6mz8tYxOC/N9N3AH8gPF4pxoEHkX2XpzdmBSKlgD4Sp1Iqqnebg U/JK2JK2SUZr2ZmCeSMmAmPCt5rT6B6hN8XQkhqPLG3vygqsoLbGngVV nBXFpziMi3VyQ48yvjnNTpzrkfNo/3vrRyrLpBw9I8ZtZNOrypwayBdu fgbfk7veeqk=
+rsasha1.example. 300 IN DNSKEY 257 3 5 AwEAAcWJul/er9Gsevi3PxbuJV2iGlbCC1WF1PZ9dluBKZFFCRbl45Mt D32nMBjpr0TkwVRVoTa2tNYdPIo/GrS6EZfUzM6coA3IEK68j0tgqz9b S8fJAaBYMTWlcvho/o9aEZjcnVW3c6IwjxAqUq+4wdokgjV64s+RBPZF 1zRbJz8ONINHmxvKHBzZzVa2Cq7FaHoQpF0NVrHhEuic8IXrW5F9Djah 0svAdethvpfpwVIsthfkv8/E4CfLDFymSe93g4mwMgcIBCZs1ikk1tbG 2oTrUjFui+iXJWIAoKZ8PqfBAWnxckTt1FJCg2cNrxtWAo1WncJdX3py hK7TjQ+DIKc=
+rsasha1.example. 300 IN RRSIG DNSKEY 5 2 300 20930723222131 20250705200724 55127 rsasha1.example. qrWtbMhGFKeRoXgphkmpTQJxI04Cl/hmtE81YuB9Em7F/cNAu7yFi0O4 ZDmm8qRyV4a7itK0Ce/WzFBrCp3CuyJ9MG3hyvJDtIoLTHtCL0QeMwDA j9V68ajgTBNYC1ZwhbDTiD53EJDjplU2U6lCB0zxzJkEE4wPdkotddjG Q6LOy0qSej4raIoOwptaTIkRXa0fAYXz696A2S8bDq74Z9Bw6qcYoj0X EwqFnngFS2Wf4scpeoplR/psRP6n345inw8duF+XieGdt8XSaBw3Qf/E h0eReXQcA/GFpRj4Rvevj+vN1LSBnuwZMd5aC3+xHYf99jAzPYdglScc Rv19qw==
+rsasha1.example. 300 IN RRSIG DNSKEY 5 2 300 20930723222131 20250705200724 56181 rsasha1.example. hvncQdiu+zpcYQRPG19nmbpPPCCGFAT5s4dITGslA5/V764XGvuowX24 CuZMMTefS1KkR79GzRYuTOw/T+vbinMZcU1KvSWaSNsKwYUIsP6cYZXG DX8ug0X+eijggV2bm+43yGjjNKe00e+Aoj8xHNDJhyy+qbKOHUp87Fbc mAKwpq35gEeuBt13PaJxkuQZVxAe88F9TXwhmaUOrlGrj+5XASJR6Cz0 DmlW4p26X//Uvs44bbyDN/hxF1rGOu/D470Q4Lkhsu9B3wtG3vPoNwSv BaMoFU717YJ3a2li7mean6IXIvyCmS1YQk+EvNfcpiW9yPWHjB/0kycH 37HSDw==
+; resign=20930723222131
+a.rsasha1.example. 300 IN A 10.0.0.1
+a.rsasha1.example. 300 IN RRSIG A 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. V0TqYXv83i25Ir50MPgxnWrdhhE1nIMCpAca7e7FKUrLkGlsypFzbTX+ 5hBHaYENXYr+Risr7B4ZdV0LQk4aXfmKqvPLqU0nYfsh/g86bq9wklaU R3QywkOEJqOfirpTWz/wybAE1ELasFncx/VaPrYQ8Zqw6H/Vb1yVSJWs ZqnfDFbZ7mYfEF4wgfc4St3UzjpuoDwfAhbwWg91t85UbYs0SvgYpgbS QLNL+/ltG0hLKNsIzp/aYQQ3IOeeiofDCDOZSl9k3KAezJofJUy3YRBb YVpbe89h6Gb6m4/kO17rLrwQLg7I90ctPgdqQSCKk8x0WzK3N1gfhxxM fcFnsw==
+; resign=20930723222131
+a.rsasha1.example. 300 IN NSEC b.rsasha1.example. A RRSIG NSEC
+a.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. MxKko8nlw+QysAsrOjR7UtXgHsEsvsDMji/riMT0PbSEDMPJv22hQHbs hDhBD7xNygGZ6bSIX6gXd2uBVfUePzmXCk5tBraXywZ173SvFy/cMJu/ Q9FAFkPKvyEAhswiYUnrXWnujyNmDUK8JFrjI7TSLzQ6mXh4+PO+7b4E GpRCyhArL0Ov1iDipA1CpxCGfLJNaY+kvA+8VPcxob78Ly7cv81kwafY oV635DUp6D4tqSYgPMgwJyOuiek9D7bZJIHPiH/59jWZ0Ik9TNC4EVNF 1Fy4VjdMAFGnW9KIAUWMfSIxImzbh7V17H3H4C96LMNZIWJJG9zxOtMf r6fS2Q==
+; resign=20930723222131
+b.rsasha1.example. 300 IN A 10.0.0.2
+b.rsasha1.example. 300 IN RRSIG A 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. dM6MhQGCqyBNdEbr0YMS/+sUjNDrdkkBcKhrtZ271WDx07838oY9XbpZ v+cKtLuhk69Gm0xErN32k+Qaa+LhqP1YPdqmnyAEycUJXUE7HsH6E9Fz 8AKp/BDQshb209++d3JQxlbch9sqodpIRkxYIkTVJfBt6vsAstYwZHCF I8+PbjTn2zNkBZz0rmj5+AxDDNfnRmcPOoXVJXKNkasQgagSWr1bieb8 15CMDnk/PJhFpHdJ5NiQck8Y9bUMaz8mPBJpFeJwwssY3jCe2qb96IaJ e+XLRpJntHpZvBy3DpO0jA2WHf9WkS1/4toVh4ePHc+FgJBEUXJyPqXc OzjGog==
+; resign=20930723222131
+b.rsasha1.example. 300 IN NSEC a.b.rsasha1.example. A RRSIG NSEC
+b.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. VV6Z1mhegfATU+mN9gEqrL9oJNpPeZY+Ld7p9kp4oBL+omWo5c/DQ1LR xFUUA6mp1fm81vQwxkxqSwfixABF40lX82ooKQZkgOMKEDvsfkZR4dE5 bN5Dp0JUQTH9fuEX4mo9jrto0gPVKuI0PihHzNfgo8aBFIiXZA86D3/w phVgC+x/o/kZ5Keau01kY8DRxK8Fb1dU3FMjJB8gQFpPwv2wde8yxYgn HUql7sSkmFpQO9heh9+lPqQTwThaiM+PnYY7D96O/28Y4FTfS3D/RCnS Xb4gGM//gkbTmXPlFsaYqYeBdFJbkh0cI4YZxk4ynVXsWL1D0Nb2FqqS XnjBAQ==
+; resign=20930723222131
+a.b.rsasha1.example. 300 IN A 10.0.0.1
+a.b.rsasha1.example. 300 IN RRSIG A 5 4 300 20930723222131 20250705200724 56181 rsasha1.example. Ctc9dyCVDi7ptbp/g2H5NmCmPSGhYTKcES2bCXz6xnByyISpjyrJjG9X 71RVB1ZfF9FIiaHu97K96zmYB0GsvhHiYx+WV0En3gYhzWEze3IoCrYf wxYkYwhYeaqRksl4utpDlzURUsxlqGbKw0XFT8vV8lm9nAg7E0hI10Bj VAVvc2Wuf3niV+GE0t2wXa17ccPeL78B7ab59extwCKG/gYLm8gJ547u 9kAdnw2Hi7FWBSXSoM02PESZLcN+GEWJ9Jc6O/m2aGSryer6W4UV8HLF TtN72HJvog1ky3RArlkUwvuwD2w8eiVHARN85t0hnykVT25K0q1dwIR+ d3B2Mw==
+; resign=20930723222131
+a.b.rsasha1.example. 300 IN NSEC d.rsasha1.example. A RRSIG NSEC
+a.b.rsasha1.example. 300 IN RRSIG NSEC 5 4 300 20930723222131 20250705200724 56181 rsasha1.example. U48IEvy4W8MhJaTxZvemh31MxAU6Xwn5K2MCJhu9MenDRWQqrmPSBKfo nIMSp+a1Wcjsu9UQgBDzoOTuNWKCSI5H2YwhGQsIpCYpIiK/j8X4DCqm cIS0ipTipTbLGPBHfgvwA1KFJhtMi0FOaqe9OXODZFJ3vCz5J/uvmG4H O8PADlUX1clFR4iipLhCa4bvfojUGMM401oDIIxaQLpsrbm1iOqjTvrm glnDQFvFvO3+3J4wLRuVDtV5Z21AhzLIgIXwhh1P4zI4B5aELHB8rrec W6CWkbb6WdZ/rHIiMspe03dby7aW5qbP5pwXwhiycqCqkIvlQAGaxphj 1Hcd3g==
+; resign=20930723222131
+d.rsasha1.example. 300 IN A 10.0.0.4
+d.rsasha1.example. 300 IN RRSIG A 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. fMn2pTXdK3X+l5cwvP/Lk+luqWhC12mxkvK2GNScLGWG6xq9PZzzLUPU mAiEvzUnFPswZzKDgN99OORpPRJXNN7c0S3qqejBhEpz1kkDM1zTaFdY yGwzuNn9I5O6O+//adYkFZu/qCD90ggVA71KSUQVkHfdWt0WiqUdZExY sRbxDf36moVaJ+PtWnnvbXPcdlALouSv3msyf3FwIrfQcr9PpV9bE+rZ jKN+sab4n1/YkSBdFyTht2MSUzxKyfn+TgxCzBdGeSk00JNzyKBlDau8 ebmR7oYLQcAhj43v4u+wPbuilDw4tyhxcgrRMr5ZnjG7XzaivcoLpZMA umrQLw==
+; resign=20930723222131
+d.rsasha1.example. 300 IN NSEC ns3.rsasha1.example. A RRSIG NSEC
+d.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. G+FZFvRZm4GXf/zfkLH7gWKuTxIhZ3rO/iP9e4Xg2Dcz9Jt/yCIXVkr4 I7bbBOnE8NGS43E55NILYS3aA7llzJtutENqBw9TRW3EcqFlYsFUBUeK T/FCV3zEYlEPeiO82jK7l+1CpiVeVvbX3pLYDrME/lbYeu8KUYsj/fBa Iq5S8mnWD7ZzR7KiSBQU97bn0YAi9pyhA4t3YqrR1MClf3/lpzLq5Rv9 YSzW+7O/jpvCGUotr3bgOpZWtZ0v5QxKdf8Anx6KHgH9n6ZdbareopeO y8mKVk0FmtuYZefMm/0n8uU0aYrwf38bpLMQMcqrT9gVaAPullFC9D/R Z670cw==
+; resign=20930723222131
+ns3.rsasha1.example. 300 IN A 10.53.0.3
+ns3.rsasha1.example. 300 IN RRSIG A 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. V/B0gi6v54YeufttfGwEVEy8+UivueXqqb2BOj+U4wMpFcunT71Y5Sqf iTs5uH42EkyKbBrz+wXyx4ar4VNSp0ONA3oPx0rZTFA6FV18L7BkYPtW Mh2Fs2qxc4XdGUgHqt4K3LT4ond7a2hek0aBA7EWc0hggs2YflE60766 zmjK/OWaUinG/bZqM1KaaMMlporXaGp9yDyvs6ikgI0YKaQd5GtOK5XC xEJPsIovvyvChXPP/OFPnqOjcXS7zZtxey4krqFUe3Ttbb7sQGrAqv2f 59cB7TO5O/uMZ+iy4Q4sih1FPuDYoBCVT/9LzyOp7glyHyvq4Emp9QkA zlYGKg==
+; resign=20930723222131
+ns3.rsasha1.example. 300 IN NSEC z.rsasha1.example. A RRSIG NSEC
+ns3.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. NpqZAR5fkDzDzqBYzeKD+FbAtMWHj0rcKsJloAsO4bNqAH5575v07oAz CtqIU8QD55zSya6glTWXOImUtPZia7KQAq84k85UmEnI7idDezpO5g5a gwDb8p6/L8a5YFL0i7QmjVjxGxWha7E2dDma3fDIICaF/sMqixE6Qi06 NBXvVwbPYsI27tXEDugigEEoO6mmwUxih8O0ifOjy9rVh8zA7UTT0NtI ZavRYz5grUZ6Otrqf6q1d27PaGxRvBjltmXBZTSmQvHVexkjPlrLcIIN LygvWnYIZfY8csF+5gOlYN6jR6eTnMgjy0Xf4kitUjXAI4apeBe1/nRO P3HlQw==
+; resign=20930723222131
+z.rsasha1.example. 300 IN A 10.0.0.26
+z.rsasha1.example. 300 IN RRSIG A 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. K8Cz5MTHdD6loMbfXOSCuwTwsuwGUmqmI7BlKhRULTk5RZRDrXPfiBQa Hr2umtzrnclgm+LSpuFrRPoQOWaJ1cAXzpM8bF+WvL8UKasIxBD5rxzW en/QvmfpgQQH/LwUW+MnsIMuDxs8P5GQ4267crMPfZ7kwaA69FIz/TCJ B0mt5bw/6I7MABqxD3YfZ69uxh04WtjhHFGTBV9CUhsvB1IXgSU7udKg 2+ZTJJqRf4+6hy3ztJFy28HRcBHPkdcJ1AR++pPb8PTFTIUdBqzZQ8h7 kFYQP6jOP34rw8HuvNB6El5scCr7emhMt0yuEdA4+hbQc8UUU7qo1z4C l/gj+A==
+; resign=20930723222131
+z.rsasha1.example. 300 IN NSEC rsasha1.example. A RRSIG NSEC
+z.rsasha1.example. 300 IN RRSIG NSEC 5 3 300 20930723222131 20250705200724 56181 rsasha1.example. eJ35f6tSE8yUMR+z+vnJwdg8eAS/VM2e0oVaGLD5JBwboocJW45IaRv0 DIbq62NBt+BHSv2LZlKXaZwA+rNGmcDXqhlscTMYoqIu2AItNBRJaQwj 3aF3AySSOADG1obymVM+HLVO12kifQTJBSPHUcpuvtBtnz1o4POaBFAa icCJf33cNirEDIYWGTmc2MejhrvfU/uuy3YIHUFYkAiX6WISva9pmNiJ pPq+5zRUZpsFISHc0W6coUuwgyQlVLmziTVesfgxSER0rp0BJ/B7M14+ xvWPSoHHhSU0fR8DkzUWJA6hbEpgB7sLNDL4NPnaUDiZGdTXCGzXbnum Ttcm8Q==
+; resign=20930723222131
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
insecure NS ns2.insecure
ns2.insecure A 10.53.0.2
-nosoa NS ns.nosoa
-ns.nosoa A 10.53.0.6
+nosoa NS ns6.nosoa
+ns6.nosoa A 10.53.0.6
normalthenrrsig A 10.0.0.28
rrsigonly A 10.0.0.29
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2012042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
-@ NS ns
-ns A 10.53.0.3
zone=rsasha1-1024.example
k1=$("$KEYGEN" -a rsasha1 -b 1024 $zone)
k2=$("$KEYGEN" -a rsasha1 -b 1024 -f KSK $zone)
-cat $zone.db.in $k1.key $k2.key >$zone.tmp
-# use maximum expirey period (-e 2^31-1-3600)
+cat template.db.in $k1.key $k2.key >$zone.tmp
+# use maximum expiry period (-e 2^31-1-3600)
# use output format full for easy extraction of KSK (-O full)
"$SIGNER" -e +2147480047 -o $zone -f $zone.db -O full $zone.tmp
rm -f $k1.key $k1.private $k2.key $k2.private $zone.tmp
zone=rsasha1.example
k1=$("$KEYGEN" -a rsasha1 $zone)
k2=$("$KEYGEN" -a rsasha1 -f KSK $zone)
-cat $zone.db.in $k1.key $k2.key >$zone.tmp
-# use maximum expirey period (-e 2^31-1-3600)
+cat template.db.in $k1.key $k2.key >$zone.tmp
+# use maximum expiry period (-e 2^31-1-3600)
# use output format full for easy extraction of KSK (-O full)
-"$SIGNER" +2147480047 -o $zone -f $zone.db -O full $zone.tmp
+"$SIGNER" -e +2147480047 -o $zone -f $zone.db -O full $zone.tmp
rm -f $k1.key $k1.private $k2.key $k2.private $zone.tmp
echo_i "ns3/sign.sh: example zones"
+# first set up some insecure zones:
+cp template.db.in insecure.example.db
+cp template.db.in insecure.below-cname.example.db
+cp template.db.in insecure.nsec3.example.db
+cp template.db.in insecure.optout.example.db
+cp extrakey.example.db.in extrakey.example.db
+
+# now the signed zones:
zone=secure.example.
infile=secure.example.db.in
zonefile=secure.example.db
mv "$zonefile".tmp "$zonefile".signed
zone=bogus.example.
-infile=bogus.example.db.in
+infile=template.db.in
zonefile=bogus.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
"$SIGNER" -z -o "$zone" "$zonefile" >/dev/null
zone=dynamic.example.
-infile=dynamic.example.db.in
+infile=template.db.in
zonefile=dynamic.example.db
keyname1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
"$SIGNER" -o "$zone" "$zonefile" >/dev/null
zone=keyless.example.
-infile=generic.example.db.in
+infile=template.db.in
zonefile=keyless.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# NSEC3/NSEC test zone
#
zone=secure.nsec3.example.
-infile=secure.nsec3.example.db.in
+infile=template.db.in
zonefile=secure.nsec3.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# NSEC3/NSEC3 test zone
#
zone=nsec3.nsec3.example.
-infile=nsec3.nsec3.example.db.in
+infile=template.db.in
zonefile=nsec3.nsec3.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# OPTOUT/NSEC3 test zone
#
zone=optout.nsec3.example.
-infile=optout.nsec3.example.db.in
+infile=template.db.in
zonefile=optout.nsec3.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# OPTOUT/NSEC test zone
#
zone=secure.optout.example.
-infile=secure.optout.example.db.in
+infile=template.db.in
zonefile=secure.optout.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# OPTOUT/NSEC3 test zone
#
zone=nsec3.optout.example.
-infile=nsec3.optout.example.db.in
+infile=template.db.in
zonefile=nsec3.optout.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# OPTOUT/OPTOUT test zone
#
zone=optout.optout.example.
-infile=optout.optout.example.db.in
+infile=template.db.in
zonefile=optout.optout.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A nsec3 zone (non-optout) with unknown nsec3 hash algorithm (-U).
#
zone=nsec3-unknown.example.
-infile=nsec3-unknown.example.db.in
+infile=template.db.in
zonefile=nsec3-unknown.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A optout nsec3 zone with a unknown nsec3 hash algorithm (-U).
#
zone=optout-unknown.example.
-infile=optout-unknown.example.db.in
+infile=template.db.in
zonefile=optout-unknown.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# Algorithm 7 is replaced by 100 in the zone and dsset.
#
zone=dnskey-unknown.example
-infile=dnskey-unknown.example.db.in
+infile=template.db.in
zonefile=dnskey-unknown.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# Algorithm 7 is replaced by 255 in the zone and dsset.
#
zone=dnskey-unsupported.example
-infile=dnskey-unsupported.example.db.in
+infile=template.db.in
zonefile=dnskey-unsupported.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# digest for another DNSKEY
#
zone=digest-alg-unsupported.example.
-infile=digest-alg-unsupported.example.db.in
+infile=template.db.in
zonefile=digest-alg-unsupported.example.db
cnameandkey=$("$KEYGEN" -T KEY -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "cnameandkey.$zone")
# to mimic unsupported DS digest (see ns5/many_anchors).
#
zone=ds-unsupported.example.
-infile=ds-unsupported.example.db.in
+infile=template.db.in
zonefile=ds-unsupported.example.db
cnameandkey=$("$KEYGEN" -T KEY -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "cnameandkey.$zone")
# Different from above because this key is not intended for signing.
#
zone=dnskey-unsupported-2.example
-infile=dnskey-unsupported-2.example.db.in
+infile=template.db.in
zonefile=dnskey-unsupported-2.example.db
ksk=$("$KEYGEN" -f KSK -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
zsk=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
-cat "$infile" "$ksk.key" "$zsk.key" unsupported-algorithm.key >"$zonefile"
+cat "$infile" "$ksk.key" "$zsk.key" unsupported-algorithm.key.in >"$zonefile"
"$SIGNER" -3 - -o "$zone" -f ${zonefile}.signed "$zonefile" >/dev/null
# Algorithm 7 is replaced by 100 in the zone and dsset.
#
zone=dnskey-nsec3-unknown.example
-infile=dnskey-nsec3-unknown.example.db.in
+infile=template.db.in
zonefile=dnskey-nsec3-unknown.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A multiple parameter nsec3 zone.
#
zone=multiple.example.
-infile=multiple.example.db.in
+infile=template.db.in
zonefile=multiple.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
cat "$infile" "$keyname.key" >"$zonefile"
"$SIGNER" -z -O full -o "$zone" "$zonefile" >/dev/null
-awk '$4 == "NSEC" || ( $4 == "RRSIG" && $5 == "NSEC" ) { print }' "$zonefile".signed >NSEC
+awk '$4 == "NSEC" || ( $4 == "RRSIG" && $5 == "NSEC" ) { print }' "$zonefile".signed >NSEC.db
"$SIGNER" -z -O full -u3 - -o "$zone" "$zonefile" >/dev/null
-awk '$4 == "NSEC3" || ( $4 == "RRSIG" && $5 == "NSEC3" ) { print }' "$zonefile".signed >NSEC3
+awk '$4 == "NSEC3" || ( $4 == "RRSIG" && $5 == "NSEC3" ) { print }' "$zonefile".signed >NSEC3.db
"$SIGNER" -z -O full -u3 AAAA -o "$zone" "$zonefile" >/dev/null
-awk '$4 == "NSEC3" || ( $4 == "RRSIG" && $5 == "NSEC3" ) { print }' "$zonefile".signed >>NSEC3
+awk '$4 == "NSEC3" || ( $4 == "RRSIG" && $5 == "NSEC3" ) { print }' "$zonefile".signed >>NSEC3.db
"$SIGNER" -z -O full -u3 BBBB -o "$zone" "$zonefile" >/dev/null
-awk '$4 == "NSEC3" || ( $4 == "RRSIG" && $5 == "NSEC3" ) { print }' "$zonefile".signed >>NSEC3
+awk '$4 == "NSEC3" || ( $4 == "RRSIG" && $5 == "NSEC3" ) { print }' "$zonefile".signed >>NSEC3.db
"$SIGNER" -z -O full -u3 CCCC -o "$zone" "$zonefile" >/dev/null
-awk '$4 == "NSEC3" || ( $4 == "RRSIG" && $5 == "NSEC3" ) { print }' "$zonefile".signed >>NSEC3
+awk '$4 == "NSEC3" || ( $4 == "RRSIG" && $5 == "NSEC3" ) { print }' "$zonefile".signed >>NSEC3.db
"$SIGNER" -z -O full -u3 DDDD -o "$zone" "$zonefile" >/dev/null
-cat NSEC NSEC3 >>"$zonefile".signed
+cat NSEC.db NSEC3.db >>"$zonefile".signed
#
# A RSASHA256 zone.
#
zone=rsasha256.example.
-infile=rsasha256.example.db.in
+infile=template.db.in
zonefile=rsasha256.example.db
keyname=$("$KEYGEN" -q -a RSASHA256 "$zone")
# A RSASHA512 zone.
#
zone=rsasha512.example.
-infile=rsasha512.example.db.in
+infile=template.db.in
zonefile=rsasha512.example.db
keyname=$("$KEYGEN" -q -a RSASHA512 "$zone")
# A RSASHA256OID zone.
#
zone=rsasha256oid.example.
-infile=rsasha256oid.example.db.in
+infile=template.db.in
zonefile=rsasha256oid.example.db
keyname=$("$KEYGEN" -q -a RSASHA256OID "$zone")
# A RSASHA512OID zone.
#
zone=rsasha512oid.example.
-infile=rsasha512oid.example.db.in
+infile=template.db.in
zonefile=rsasha512oid.example.db
keyname=$("$KEYGEN" -q -a RSASHA512OID "$zone")
# 1.2.840.113549.1.1.14
#
zone=unknownoid.example
-infile=unknownoid.example.db.in
+infile=template.db.in
zonefile=unknownoid.example.db
keyname=$("$KEYGEN" -q -a RSASHA512OID "$zone")
# A PRIVATEOID zone with a extra DS record for a non-existent DNSKEY.
#
zone=extradsoid.example.
-infile=extradsoid.example.db.in
+infile=template.db.in
zonefile=extradsoid.example.db
keyname=$("$KEYGEN" -q -a RSASHA512OID "$zone")
# the DNSKEY RRset with using this unknown OID.
#
zone=extradsunknownoid.example
-infile=extradsunknownoid.example.db.in
+infile=template.db.in
zonefile=extradsunknownoid.example.db
keyname=$("$KEYGEN" -q -a RSASHA512OID "$zone")
# match the DNSKEY RRset with using this unknown OID.
#
zone=extended-ds-unknown-oid.example
-infile=extended-ds-unknown-oid.example.db.in
+infile=template.db.in
zonefile=extended-ds-unknown-oid.example.db
keyname=$("$KEYGEN" -q -a RSASHA512OID "$zone")
# A zone with the DNSKEY set only signed by the KSK
#
zone=kskonly.example.
-infile=kskonly.example.db.in
+infile=template.db.in
zonefile=kskonly.example.db
kskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
# A zone with the expired signatures
#
zone=expired.example.
-infile=expired.example.db.in
+infile=template.db.in
zonefile=expired.example.db
kskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -fk "$zone")
# A NSEC3 signed zone that will have a DNSKEY added to it via UPDATE.
#
zone=update-nsec3.example.
-infile=update-nsec3.example.db.in
+infile=template.db.in
zonefile=update-nsec3.example.db
kskname=$("$KEYGEN" -q -3 -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -fk "$zone")
# extra keys not in the initial signed zone.
#
zone=auto-nsec.example.
-infile=auto-nsec.example.db.in
+infile=template.db.in
zonefile=auto-nsec.example.db
kskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -fk "$zone")
# extra keys not in the initial signed zone.
#
zone=auto-nsec3.example.
-infile=auto-nsec3.example.db.in
+infile=template.db.in
zonefile=auto-nsec3.example.db
kskname=$("$KEYGEN" -q -3 -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -fk "$zone")
# Secure below cname test zone.
#
zone=secure.below-cname.example.
-infile=secure.below-cname.example.db.in
+infile=template.db.in
zonefile=secure.below-cname.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
cat "$infile" "$keyname.key" >"$zonefile"
# Patched TTL test zone.
#
zone=ttlpatch.example.
-infile=ttlpatch.example.db.in
+infile=template.db.in
zonefile=ttlpatch.example.db
signedfile=ttlpatch.example.db.signed
patchedfile=ttlpatch.example.db.patched
# Separate DNSSEC records.
#
zone=split-dnssec.example.
-infile=split-dnssec.example.db.in
+infile=template.db.in
zonefile=split-dnssec.example.db
signedfile=split-dnssec.example.db.signed
# Separate DNSSEC records smart signing.
#
zone=split-smart.example.
-infile=split-smart.example.db.in
+infile=template.db.in
zonefile=split-smart.example.db
signedfile=split-smart.example.db.signed
# Zone with signatures about to expire, but no private key to replace them
#
zone="expiring.example."
-infile="expiring.example.db.in"
+infile="template.db.in"
zonefile="expiring.example.db"
signedfile="expiring.example.db.signed"
kskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A zone where the signer's name has been forced to uppercase.
#
zone="upper.example."
-infile="upper.example.db.in"
+infile="template.db.in"
zonefile="upper.example.db"
lower="upper.example.db.lower"
signedfile="upper.example.db.signed"
kskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
zskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
cp "$infile" "$zonefile"
-"$SIGNER" -P -S -o "$zone" -f $lower "$zonefile" >/dev/null
-$CHECKZONE -D upper.example $lower 2>/dev/null \
+"$SIGNER" -P -S -o "$zone" -f "$lower" "$zonefile" >/dev/null
+$CHECKZONE -D upper.example "$lower" 2>/dev/null \
| sed '/RRSIG/s/ upper.example. / UPPER.EXAMPLE. /' >$signedfile
#
# upper case.
#
zone="LOWER.EXAMPLE."
-infile="lower.example.db.in"
+infile="template.db.in"
zonefile="lower.example.db"
signedfile="lower.example.db.signed"
+sed -e 's/ns3/NS3/' -e 's/mname1/MNAME1/' "$infile" >"$zonefile"
kskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
zskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
-cp "$infile" "$zonefile"
"$SIGNER" -P -S -o "$zone" "$zonefile" >/dev/null
#
# An inline signing zone
#
zone=inline.example.
+cp template.db.in inline.example.db
kskname=$("$KEYGEN" -q -3 -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -fk "$zone")
zskname=$("$KEYGEN" -q -3 -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A zone which will change its signatures-validity
#
zone=siginterval.example
-infile=siginterval.example.db.in
+infile=template.db.in
zonefile=siginterval.example.db
kskname=$("$KEYGEN" -q -3 -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -fk "$zone")
zskname=$("$KEYGEN" -q -3 -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
#
# A zone with a bad DS in the parent
-# (sourced from bogus.example.db.in)
#
zone=badds.example.
-infile=bogus.example.db.in
+infile=template.db.in
zonefile=badds.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# Same as badds, but locally trusted by the forwarder
#
zone=localkey.example.
-infile=bogus.example.db.in
+infile=template.db.in
zonefile=localkey.example.db
keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A zone with future signatures.
#
zone=future.example
-infile=future.example.db.in
+infile=template.db.in
zonefile=future.example.db
kskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
zskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A zone with future signatures.
#
zone=managed-future.example
-infile=managed-future.example.db.in
+infile=template.db.in
zonefile=managed-future.example.db
kskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone")
zskname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" "$zone")
# A zone with a revoked key
#
zone=revkey.example.
-infile=generic.example.db.in
+infile=template.db.in
zonefile=revkey.example.db
ksk1=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -3fk "$zone")
# We only need to generate the dsset.
#
zone=rsasha1.example
+infile=rsasha1.example.db.in
zonefile=rsasha1.example.db
+cp $infile $zonefile
awk '$4 == "DNSKEY" && $5 == 257 { print }' "$zonefile" \
| $DSFROMKEY -f - "$zone" >"dsset-${zone}."
zone=rsasha1-1024.example
+infile=rsasha1-1024.example.db.in
zonefile=rsasha1-1024.example.db
+cp $infile $zonefile
awk '$4 == "DNSKEY" && $5 == 257 { print }' "$zonefile" \
| $DSFROMKEY -f - "$zone" >"dsset-${zone}."
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.wild A 10.0.0.6
-child NS ns2.example.
-insecure NS ns.insecure
-ns.insecure A 10.53.0.3
-secure NS ns.secure
-ns.secure A 10.53.0.3
-nsec3 NS ns.nsec3
-ns.nsec3 A 10.53.0.3
-optout NS ns.optout
-ns.optout A 10.53.0.3
-02HC3EM7BDD011A0GMS3HKKJT2IF5VP8 A 10.0.0.17
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a A 10.0.0.3
-*.wild A 10.0.0.6
-child NS ns2.example.
-insecure NS ns.insecure
-ns.insecure A 10.53.0.3
-secure NS ns.secure
-ns.secure A 10.53.0.3
-nsec3 NS ns.nsec3
-ns.nsec3 A 10.53.0.3
-optout NS ns.optout
-ns.optout A 10.53.0.3
-02HC3EM7BDD011A0GMS3HKKJT2IF5VP8 A 10.0.0.17
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
- NS ns2
-ns2 A 10.53.0.2
+ NS ns3
+ns3 A 10.53.0.3
a A 10.0.0.1
+a.b A 10.0.0.1
b A 10.0.0.2
d A 10.0.0.4
z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2009102722 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2000042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
- NS ns
-ns A 10.53.0.3
-
-a A 10.0.0.1
-b A 10.0.0.2
-d A 10.0.0.4
-z A 10.0.0.26
-a.a.a.a.a.a.a.a.a.a.e A 10.0.0.27
-x CNAME a
-
-private NS ns.private
-ns.private A 10.53.0.2
-
-insecure NS ns.insecure
-ns.insecure A 10.53.0.2
-
-nosoa NS ns.nosoa
-ns.nosoa A 10.53.0.6
-
-normalthenrrsig A 10.0.0.28
-rrsigonly A 10.0.0.29
+++ /dev/null
-; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
-;
-; SPDX-License-Identifier: MPL-2.0
-;
-; This Source Code Form is subject to the terms of the Mozilla Public
-; License, v. 2.0. If a copy of the MPL was not distributed with this
-; file, you can obtain one at https://mozilla.org/MPL/2.0/.
-;
-; See the COPYRIGHT file distributed with this work for additional
-; information regarding copyright ownership.
-
-$TTL 300 ; 5 minutes
-@ IN SOA mname1. . (
- 2012042407 ; serial
- 20 ; refresh (20 seconds)
- 20 ; retry (20 seconds)
- 1814400 ; expire (3 weeks)
- 3600 ; minimum (1 hour)
- )
-@ NS ns
-ns A 10.53.0.3
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
-@ IN NS ns
-ns IN A 10.53.0.6
+@ IN NS ns6
+ns6 IN A 10.53.0.6
a IN A 1.2.3.4
echo_i "ns6/sign.sh"
+# set up unsigned zone first
+zone=nosoa.secure.example.
+infile=nosoa.secure.example.db.in
+zonefile=nosoa.secure.example.db
+cp "$infile" "$zonefile"
+
+# now sign the others
zone=optout-tld
infile=optout-tld.db.in
zonefile=optout-tld.db
from dns import flags
+import pytest
+
import isctest
+pytestmark = pytest.mark.extra_artifacts(
+ [
+ "*/K*",
+ "*/dsset-*",
+ "*/*.bk",
+ "*/*.conf",
+ "*/*.db",
+ "*/*.id",
+ "*/*.jnl",
+ "*/*.jbk",
+ "*/*.key",
+ "*/*.signed",
+ "*/settime.out.*",
+ "ans*/ans.run",
+ "*/trusted.keys",
+ "*/*.bad",
+ "*/*.next",
+ "*/*.stripped",
+ "*/*.tmp",
+ "*/*.stage?",
+ "*/*.patched",
+ "*/*.lower",
+ "*/*.upper",
+ "*/*.unsplit",
+ ]
+)
+
+
def test_misconfigured_validation():
# check that validation fails with a misconfigured trust anchor
msg = isctest.query.create("example.", "SOA")
import isctest
-pytestmark = pytest.mark.skipif(bool(os.getenv("TSAN_OPTIONS", "")), reason="TSAN")
+pytestmark = [
+ pytest.mark.skipif(bool(os.getenv("TSAN_OPTIONS", "")), reason="TSAN"),
+ pytest.mark.extra_artifacts(
+ [
+ "*/K*",
+ "*/dsset-*",
+ "*/*.bk",
+ "*/*.conf",
+ "*/*.db",
+ "*/*.id",
+ "*/*.jnl",
+ "*/*.jbk",
+ "*/*.key",
+ "*/*.signed",
+ "*/settime.out.*",
+ "ans*/ans.run",
+ "*/trusted.keys",
+ "*/*.bad",
+ "*/*.next",
+ "*/*.stripped",
+ "*/*.tmp",
+ "*/*.stage?",
+ "*/*.patched",
+ "*/*.lower",
+ "*/*.upper",
+ "*/*.unsplit",
+ ]
+ ),
+]
# helper functions
from dns import rdatatype
+import pytest
+
import isctest
+pytestmark = pytest.mark.extra_artifacts(
+ [
+ "*/K*",
+ "*/dsset-*",
+ "*/*.bk",
+ "*/*.conf",
+ "*/*.db",
+ "*/*.id",
+ "*/*.jnl",
+ "*/*.jbk",
+ "*/*.key",
+ "*/*.signed",
+ "*/settime.out.*",
+ "ans*/ans.run",
+ "*/trusted.keys",
+ "*/*.bad",
+ "*/*.next",
+ "*/*.stripped",
+ "*/*.tmp",
+ "*/*.stage?",
+ "*/*.patched",
+ "*/*.lower",
+ "*/*.upper",
+ "*/*.unsplit",
+ ]
+)
+
+
def is_rrsig_soa(rrset):
return rrset.rdtype == rdatatype.RRSIG and rrset.covers == rdatatype.SOA
import isctest
+pytestmark = pytest.mark.extra_artifacts(
+ [
+ "*/K*",
+ "*/dsset-*",
+ "*/*.bk",
+ "*/*.conf",
+ "*/*.db",
+ "*/*.id",
+ "*/*.jnl",
+ "*/*.jbk",
+ "*/*.key",
+ "*/*.signed",
+ "*/settime.out.*",
+ "ans*/ans.run",
+ "*/trusted.keys",
+ "*/*.bad",
+ "*/*.next",
+ "*/*.stripped",
+ "*/*.tmp",
+ "*/*.stage?",
+ "*/*.patched",
+ "*/*.lower",
+ "*/*.upper",
+ "*/*.unsplit",
+ ]
+)
+
+
# helper functions
def grep_c(regex, filename):
with open(filename, "r", encoding="utf-8") as f:
# check that the NSEC3 record for the apex is properly signed
# when a DNSKEY is added via UPDATE
key = keygen(
- "-q3fk", "-a", os.environ["DEFAULT_ALGORITHM"], "update-nsec3.example."
+ "-Kns3", "-q3fk", "-a", os.environ["DEFAULT_ALGORITHM"], "update-nsec3.example."
)
- with open(f"{key}.key", "r", encoding="utf-8") as f:
+ with open(f"ns3/{key}.key", "r", encoding="utf-8") as f:
dnskey = f.read().splitlines()[-1]
dnskey = " ".join(dnskey.split()[3:])
from dns import edns
+import pytest
+
import isctest
+pytestmark = pytest.mark.extra_artifacts(
+ [
+ "*/K*",
+ "*/dsset-*",
+ "*/*.bk",
+ "*/*.conf",
+ "*/*.db",
+ "*/*.id",
+ "*/*.jnl",
+ "*/*.jbk",
+ "*/*.key",
+ "*/*.signed",
+ "*/settime.out.*",
+ "ans*/ans.run",
+ "*/trusted.keys",
+ "*/*.bad",
+ "*/*.next",
+ "*/*.stripped",
+ "*/*.tmp",
+ "*/*.stage?",
+ "*/*.patched",
+ "*/*.lower",
+ "*/*.upper",
+ "*/*.unsplit",
+ ]
+)
+
+
def test_tat_queries(servers):
ns1 = servers["ns1"]
ns6 = servers["ns6"]
import pytest
-pytest.importorskip("dns", minversion="2.0.0")
import isctest
import isctest.mark
from isctest.util import param
+pytest.importorskip("dns", minversion="2.0.0")
+pytestmark = pytest.mark.extra_artifacts(
+ [
+ "*/K*",
+ "*/dsset-*",
+ "*/*.bk",
+ "*/*.conf",
+ "*/*.db",
+ "*/*.id",
+ "*/*.jnl",
+ "*/*.jbk",
+ "*/*.key",
+ "*/*.signed",
+ "*/settime.out.*",
+ "ans*/ans.run",
+ "*/trusted.keys",
+ "*/*.bad",
+ "*/*.next",
+ "*/*.stripped",
+ "*/*.tmp",
+ "*/*.stage?",
+ "*/*.patched",
+ "*/*.lower",
+ "*/*.upper",
+ "*/*.unsplit",
+ ]
+)
+
+
# helper functions
def grep_q(regex, filename):
with open(filename, "r", encoding="utf-8") as f:
isctest.check.rr_count_eq(res.answer, 1)
isctest.check.rr_count_eq(res.authority, 1)
isctest.check.rr_count_eq(res.additional, 1)
- assert str(res.additional[0].name) == "ns.insecure.example."
+ assert str(res.additional[0].name) == "ns3.insecure.example."
addrs = [str(a) for a in res.additional[0]]
assert "10.53.0.3" in addrs
isctest.check.noadflag(res)
-def test_pending_ds():
+def test_pending_ds(servers):
# check that a query against a validating resolver succeeds when there is
# a negative cache entry with trust level "pending" for the DS. prime
# with a +cd DS query to produce the negative cache entry, then send a
# query that uses that entry as part of the validation process.
+ ns4 = servers["ns4"]
ns4.rndc("flush", log=False)
msg = isctest.query.create("insecure.example", "DS", cd=True)
res = isctest.query.tcp(msg, "10.53.0.4")
projects / thirdparty / bind9.git / commitdiff
