From 70fbbedc247ea94d55c5b73e1fd2b2a907624a28 Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Thu, 4 Feb 2021 15:07:40 +0100 Subject: [PATCH] Adjust serve-stale test The number of queries to use in the burst can be reduced, as we have a very low fetch limit of 1. The dig command in 'wait_for_fetchlimits()' should time out sooner as we expect a SERVFAIL to be returned promptly. Enabling serve-stale can be done before hitting fetch-limits. This reduces the chance that the resolver queries time out and fetch count is reset. The chance of that happening is already slim because 'resolver-query-timeout' is 10 seconds, but better to first let the data become stale rather than doing that while attempting to resolve. (cherry picked from commit 00f575e7ef8c94f5894fe8b669ef3817af8a105f) --- bin/tests/system/serve-stale/tests.sh | 60 ++++++++++++++++----------- 1 file changed, 35 insertions(+), 25 deletions(-) diff --git a/bin/tests/system/serve-stale/tests.sh b/bin/tests/system/serve-stale/tests.sh index 72af34037c5..532473544bd 100755 --- a/bin/tests/system/serve-stale/tests.sh +++ b/bin/tests/system/serve-stale/tests.sh @@ -2016,6 +2016,9 @@ status=$((status+ret)) #################################################################### echo_i "test stale data with fetch-limits" +# We update the named configuration to enable fetch-limits. The fetch-limits +# are set to 1, which is ridiciously low, but that is because for this test we +# want to reach the fetch-limits. n=$((n+1)) echo_i "updating ns3/named.conf ($n)" ret=0 @@ -2030,7 +2033,8 @@ rndc_reload ns3 10.53.0.3 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) -# Disable responses from authoritative server. +# Disable responses from authoritative server. If we can't resolve the example +# zone, fetch limits will be reached. n=$((n+1)) echo_i "disable responses from authoritative server ($n)" ret=0 @@ -2040,21 +2044,44 @@ grep "TXT.\"0\"" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) -# Hit the fetch-limits. +# Allow RRset to become stale. +sleep 2 + +# Turn on serve-stale. +n=$((n+1)) +echo_i "running 'rndc serve-stale on' ($n)" +ret=0 +$RNDCCMD 10.53.0.3 serve-stale on || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status+ret)) + +n=$((n+1)) +echo_i "check 'rndc serve-stale status' ($n)" +ret=0 +$RNDCCMD 10.53.0.3 serve-stale status > rndc.out.test$n 2>&1 || ret=1 +grep '_default: on (rndc) (stale-answer-ttl=3 max-stale-ttl=3600 stale-refresh-time=4)' rndc.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=$((status+ret)) + +# Hit the fetch-limits. We burst the name server with a small batch of queries. +# Only 2 queries are required to hit the fetch-limits. The first query will +# start to resolve, the second one hit the fetch-limits. burst() { num=${1} rm -f burst.input.$$ while [ $num -gt 0 ]; do num=`expr $num - 1` - echo "${num}.data.example A" >> burst.input.$$ + echo "fetch${num}.example A" >> burst.input.$$ done $PERL ../ditch.pl -p ${PORT} -s 10.53.0.3 burst.input.$$ rm -f burst.input.$$ } wait_for_fetchlimits() { - burst 20 - $DIG -p ${PORT} @10.53.0.3 data.example A > dig.out.test$n + burst 2 + # We expect a query for nx.example to fail because fetch-limits for + # the domain 'example.' (and everything below) has been reached. + $DIG -p ${PORT} +tries=1 +timeout=1 @10.53.0.3 nx.example > dig.out.test$n grep "status: SERVFAIL" dig.out.test$n > /dev/null || return 1 } @@ -2065,26 +2092,9 @@ retry_quiet 10 wait_for_fetchlimits || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=$((status+ret)) -# Allow RRset to become stale. -sleep 2 - -# Turn on serve-stale. -n=$((n+1)) -echo_i "running 'rndc serve-stale on' ($n)" -ret=0 -$RNDCCMD 10.53.0.3 serve-stale on || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi -status=$((status+ret)) - -n=$((n+1)) -echo_i "check 'rndc serve-stale status' ($n)" -ret=0 -$RNDCCMD 10.53.0.3 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: on (rndc) (stale-answer-ttl=3 max-stale-ttl=3600 stale-refresh-time=4)' rndc.out.test$n > /dev/null || ret=1 -if [ $ret != 0 ]; then echo_i "failed"; fi -status=$((status+ret)) - -# Expect stale data now. +# Expect stale data now (because fetch-limits for the domain 'example.' (and +# everything below) has been reached. But we have a stale RRset for +# 'data.example/TXT' that can be used. n=$((n+1)) ret=0 echo_i "check stale data.example comes from cache (fetch-limits) ($n)" -- 2.47.3