Commit 19eda751 authored by Stephen Morris's avatar Stephen Morris Committed by Michał Kępień

Add test for reduction in number of fetches

Add a system test that counts how many address fetches are made
for different numbers of NS records and checks that the number
are successfully limited.
parent 3ee5ea2f
......@@ -17,8 +17,7 @@ rm -f */named.memstats
rm -f */named.run
rm -f */ans.run
rm -f */*.jdb
rm -f dig.out dig.out.*
rm -f dig.*.out.*
rm -f dig.out dig.out.* dig.*.out.*
rm -f dig.*.foo.*
rm -f dig.*.bar.*
rm -f dig.*.prime.*
......@@ -28,6 +27,7 @@ rm -f ns6/example.net.db.signed ns6/example.net.db
rm -f ns6/ds.example.net.db.signed ns6/ds.example.net.db
rm -f ns6/dsset-ds.example.net*
rm -f ns6/dsset-example.net* ns6/example.net.db.signed.jnl
rm -f ns6/named.stats*
rm -f ns6/to-be-removed.tld.db ns6/to-be-removed.tld.db.jnl
rm -f ns7/server.db ns7/server.db.jnl
rm -f resolve.out.*.test*
......
......@@ -50,6 +50,11 @@ zone "broken" {
file "broken.db";
};
zone "sourcens" {
type master;
file "sourcens.db";
};
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
......
......@@ -26,3 +26,7 @@ no-questions. NS ns.no-questions.
ns.no-questions. A 10.53.0.8
formerr-to-all. NS ns.formerr-to-all.
ns.formerr-to-all. A 10.53.0.8
sourcens. NS ns.sourcens.
ns.sourcens. A 10.53.0.4
targetns. NS ns.targetns.
ns.targetns. A 10.53.0.6
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
; This zone contains a set of delegations with varying numbers of NS
; records. This is used to check that BIND is limiting the number of
; NS records it follows when resolving a delegation. It tests all
; numbers of NS records up to twice the number followed.
$TTL 60
@ IN SOA marka.isc.org. ns.server. (
2010 ; serial
600 ; refresh
600 ; retry
1200 ; expire
600 ; minimum
)
@ NS ns
ns A 10.53.0.4
target1 NS ns.fake11.targetns.
target2 NS ns.fake21.targetns.
NS ns.fake22.targetns.
target3 NS ns.fake31.targetns.
NS ns.fake32.targetns.
NS ns.fake33.targetns.
target4 NS ns.fake41.targetns.
NS ns.fake42.targetns.
NS ns.fake43.targetns.
NS ns.fake44.targetns.
target5 NS ns.fake51.targetns.
NS ns.fake52.targetns.
NS ns.fake53.targetns.
NS ns.fake54.targetns.
NS ns.fake55.targetns.
target6 NS ns.fake61.targetns.
NS ns.fake62.targetns.
NS ns.fake63.targetns.
NS ns.fake64.targetns.
NS ns.fake65.targetns.
NS ns.fake66.targetns.
target7 NS ns.fake71.targetns.
NS ns.fake72.targetns.
NS ns.fake73.targetns.
NS ns.fake74.targetns.
NS ns.fake75.targetns.
NS ns.fake76.targetns.
NS ns.fake77.targetns.
target8 NS ns.fake81.targetns.
NS ns.fake82.targetns.
NS ns.fake83.targetns.
NS ns.fake84.targetns.
NS ns.fake85.targetns.
NS ns.fake86.targetns.
NS ns.fake87.targetns.
NS ns.fake88.targetns.
target9 NS ns.fake91.targetns.
NS ns.fake92.targetns.
NS ns.fake93.targetns.
NS ns.fake94.targetns.
NS ns.fake95.targetns.
NS ns.fake96.targetns.
NS ns.fake97.targetns.
NS ns.fake98.targetns.
NS ns.fake99.targetns.
target10 NS ns.fake101.targetns.
NS ns.fake102.targetns.
NS ns.fake103.targetns.
NS ns.fake104.targetns.
NS ns.fake105.targetns.
NS ns.fake106.targetns.
NS ns.fake107.targetns.
NS ns.fake108.targetns.
NS ns.fake109.targetns.
NS ns.fake1010.targetns.
......@@ -48,4 +48,11 @@ zone "delegation-only" {
type delegation-only;
};
include "trusted.conf";
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls {
inet 10.53.0.5 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
......@@ -22,6 +22,7 @@ options {
recursion no;
dnssec-validation no;
querylog yes;
statistics-file "named.stats";
/*
* test that named loads with root-delegation-only that
* has a exclude list.
......@@ -72,3 +73,17 @@ zone "fetch.tld" {
type master;
file "fetch.tld.db";
};
zone "targetns" {
type master;
file "targetns.db";
};
key rndc_key {
secret "1234abcd8765";
algorithm hmac-sha256;
};
controls {
inet 10.53.0.6 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
};
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
; In the test for checking how many NS records BIND will follow, this
; zone marks the server as the one to which the NS lookups will be
; directed.
$TTL 300
@ IN SOA marka.isc.org. ns.server. (
2010 ; serial
600 ; refresh
600 ; retry
1200 ; expire
600 ; minimum
)
NS ns
ns A 10.53.0.6
......@@ -255,6 +255,40 @@ grep "foo.glue-in-answer.example.org.*192.0.2.1" dig.ns1.out.${n} > /dev/null ||
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo_i "check that the resolver limits the number of NS records it follows in a referral response ($n)"
# ns5 is the recusor being tested. ns4 holds the sourcens zone containing names with varying numbers of NS
# records pointing to non-existent nameservers in the targetns zone on ns6.
ret=0
$RNDCCMD 10.53.0.5 flush || ret=1 # Ensure cache is empty before doing this test
for nscount in 1 2 3 4 5 6 7 8 9 10
do
# Verify number of NS records at source server
$DIG $DIGOPTS +norecurse @10.53.0.4 target${nscount}.sourcens ns > dig.ns4.out.${nscount}.${n}
sourcerecs=`grep NS dig.ns4.out.${nscount}.${n} | grep -v ';' | wc -l`
test $sourcerecs -eq $nscount || ret=1
test $sourcerecs -eq $nscount || echo_i "NS count incorrect for target${nscount}.sourcens"
# Expected queries = 2 * number of NS records, up to a maximum of 10.
expected=`expr 2 \* $nscount`
if [ $expected -gt 10 ]; then expected=10; fi
# Work out the queries made by checking statistics on the target before and after the test
$RNDCCMD 10.53.0.6 stats || ret=1
initial_count=`awk '/responses sent/ {print $1}' ns6/named.stats`
mv ns6/named.stats ns6/named.stats.initial.${nscount}.${n}
$DIG $DIGOPTS @10.53.0.5 target${nscount}.sourcens A > dig.ns5.out.${nscount}.${n} || ret=1
$RNDCCMD 10.53.0.6 stats || ret=1
final_count=`awk '/responses sent/ {print $1}' ns6/named.stats`
mv ns6/named.stats ns6/named.stats.final.${nscount}.${n}
# Check number of queries during the test is as expected
actual=`expr $final_count - $initial_count`
if [ $actual -ne $expected ]; then
echo_i "query count error: $nscount NS records: expected queries $expected, actual $actual"
ret=1
fi
done
if [ $ret != 0 ]; then echo_i "failed"; fi
status=`expr $status + $ret`
n=`expr $n + 1`
echo_i "RT21594 regression test check setup ($n)"
ret=0
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment