git.ipfire.org Git - thirdparty/bind9.git/commit

author	Michał Kępień <michal@isc.org>
	Mon, 29 Jul 2019 19:44:31 +0000 (21:44 +0200)
committer	Michał Kępień <michal@isc.org>
	Mon, 29 Jul 2019 19:45:06 +0000 (21:45 +0200)
commit	6563ee9c7d23ea19489f4af53d8e77afde546918
tree	85186a0901b4a91f0b9020d3fde64294c3ed262a	tree \| snapshot
parent	b96796bbf1bb5b9c94eda92206fcb0702bcfd5f7	commit \| diff

Make root hints consistent with authoritative data

Resolvers in the "filter-aaaa" system test are configured with a single
root hint: "ns.rootservers.net", pointing to 10.53.0.1. However,
querying ns1 for "ns.rootservers.net" results in NXDOMAIN answers.
Since the TTL for the root hint is set to 0, it may happen that a
resolver's ADB will be asked to return any known addresses for
"ns.rootservers.net", but it will only have access to a cached NXDOMAIN
answer for that name and an expired root hint, which will result in a
resolution failure, triggering a false positive for the "filter-aaaa"
system test. Prevent this from happening by making all the root hints
consistent with authoritative data served by ns1.

(cherry picked from commit c19ebde14bb64739d01670170f76d2cc3d2e2a29)

bin/tests/system/filter-aaaa/ns2/hints		diff \| blob \| blame \| history
bin/tests/system/filter-aaaa/ns3/hints		diff \| blob \| blame \| history
bin/tests/system/filter-aaaa/ns5/hints		diff \| blob \| blame \| history