[dns-operations] [DNSOP] DNS test protocol

Patrik Wallstrom pawal at blipp.com
Tue Nov 13 10:52:14 UTC 2007 

Sorry, the attachment was missing.

-- 
Patrik Wallström
Project Manager, R&D
.SE (Stiftelsen för Internetinfrastruktur)
E-mail: patrik.wallstrom at iis.se
Web: http://www.iis.se/
-------------- next part --------------
DNS test protocol for SOHO-routers

************************************************************
*** Is the router EDNS0 capable
************************************************************

*** Does the router give the client ENDS0 traffic

A.1.1: dig +retry=0 +bufsize=512 +qr small.nxdomain.se TXT
A.1.2: dig +retry=0 +bufsize=512 +qr medium.nxdomain.se TXT 
A.1.3: dig +retry=0 +bufsize=512 +qr large.nxdomain.se TXT 
A.1.4: dig +retry=0 +bufsize=512 +qr huge.nxdomain.se TXT

A.2.1: dig +retry=0 +bufsize=1024 +qr small.nxdomain.se TXT
A.2.2: dig +retry=0 +bufsize=1024 +qr medium.nxdomain.se TXT 
A.2.3: dig +retry=0 +bufsize=1024 +qr large.nxdomain.se TXT 
A.2.4: dig +retry=0 +bufsize=1024 +qr huge.nxdomain.se TXT

A.3.1: dig +retry=0 +bufsize=4096 +qr small.nxdomain.se TXT
A.3.2: dig +retry=0 +bufsize=4096 +qr medium.nxdomain.se TXT 
A.3.3: dig +retry=0 +bufsize=4096 +qr large.nxdomain.se TXT 
A.3.4: dig +retry=0 +bufsize=4096 +qr huge.nxdomain.se TXT

A.4.1: dig +retry=0 +bufsize=8192 +qr small.nxdomain.se TXT
A.4.2: dig +retry=0 +bufsize=8192 +qr medium.nxdomain.se TXT 
A.4.3: dig +retry=0 +bufsize=8192 +qr large.nxdomain.se TXT 
A.4.4: dig +retry=0 +bufsize=8192 +qr huge.nxdomain.se TXT


************************************************************
**** AD=1 in the reply
************************************************************

*** Does the router accept replies with AD=1

B.1: dig +retry=0 @validator-with-BIND_9.4.1 +qr dnssec.se SOA


*** Does the router accept replies with AD=0

B.2: dig +retry=0 @validator-with-BIND_9.4.2 +qr dnssec.se SOA


************************************************************
**** DO=1 in query
************************************************************

*** Does the router accept queries with DO=1, replies with AD=1

C.1: dig +retry=0 @validator-with-BIND_9.4.2 +qr +dnssec dnssec.se SOA


*** Does the router accept queries with DO=1, replies with AD=0

C.2: dig +retry=0 @validator-with-BIND_9.4.2 +qr +dnssec iis.se SOA


************************************************************
**** DO=1, CD=1 in query
************************************************************

*** Does the router accept queries with DO=1, CD=1

D.1: dig +retry=0 @validator-with-BIND_9.4.2 +qr +dnssec +cdflag dnssec.se SOA


*** Does the router accept queries with DO=1, CD=1

D.2: dig +retry=0 @validator-with-BIND_9.4.2 +qr +dnssec +cdflag iis.se SOA


************************************************************
**** AD=1 in query
************************************************************

*** Does the router accept queries with AD=1, replies with AD=1

E.1: dig +retry=0 @validator-with-BIND_9.4.1 +qr +adflag dnssec.se SOA

*** Does the router accept queries with AD=1, replies with AD=0

E.2: dig +retry=0 @validator-with-BIND_9.4.2 +qr +adflag dnssec.se SOA


************************************************************
**** Open resolver in the router? (test from the "outside")
************************************************************

F.1: dig +retry=0 @router nonexisting.dnssec.se TXT

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20071113/46dafd58/attachment.sig>

More information about the dns-operations mailing list