CloudHost/zonemaster.es
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
816a4757c0dffc68fe1849ff29de3da91cb81813
zonemaster.es/zonemaster/docs/public/specifications/tests/Nameserver-TP/nameserver13.md
Malin 8d4eaa1489 feat: add full Zonemaster stack with Docker and Spanish UI 
- Clone all 5 Zonemaster component repos (LDNS, Engine, CLI, Backend, GUI)
- Dockerfile.backend: 8-stage multi-stage build LDNS→Engine→CLI→Backend
- Dockerfile.gui: Astro static build served via nginx
- docker-compose.yml: backend (internal) + frontend (port 5353)
- nginx.conf: root redirects to /es/, /api/ proxied to backend
- zonemaster-gui/config.ts: defaultLanguage set to 'es' (Spanish)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 08:19:24 +02:00

96 lines
3.4 KiB
Markdown
Raw Blame History

# NAMESERVER13: Test for truncated response on EDNS query
## Test case identifier
**NAMESERVER13**
## Objective
EDNS is a mechanism to announce capabilities of a DNS implementation,
and is now basically required by any new functionality in DNS such as
DNSSEC ([RFC 6891]).
[RFC 6891, section 7] states that an OPT record must be included
in a truncated response, if the query includes an OPT pseudo record.
This Test Case will try to verify that if the response to a query with an OPT
record is truncated, then the response will contain an OPT record.
To trigger a truncated response, the OPT pseudo record 'DO' bit is set and the
buffer size is limited to 512 bytes. If the zone is not signed with DNSSEC, the
response will probably not be truncated anyway.
## Scope
It is assumed that *Child Zone* is also tested by [Connectivity01]. This test
case will set DEBUG level on messages for non-responsive name servers.
## Inputs
"Child Zone" - The domain name to be tested.
## Ordered description of steps to be taken to execute the test case
1. Create a DNSKEY query for the *Child Zone* that is signed with 'DO' bit
set to '1' and setting the buffer size to 512 bytes
2. Obtain the set of name server IP addresses using [Method4] and [Method5]
("Name Server IP").
3. For each name server in *Name Server IP* do:
1. Send the query to the name server and collect the response.
2. If there is no DNS response, output *[NO_RESPONSE]* and go to
next server.
3. Else, if the DNS response has the RCODE "FORMERR" then output
*[NO_EDNS_SUPPORT]* and go to the next server.
4. Else, if the DNS response meet the following criteria output
*[MISSING_OPT_IN_TRUNCATED]*:
1. The DNS response is truncated (the "TC" flag is set).
2. The DNS response has no OPT record.
5. Else, if the DNS response meet the following criteria,
then just go to the next name server (no error):
1. The DNS response has the RCODE "NOERROR".
2. The pseudo-section response has an OPT record with version set to 0.
6. Else output *[NS_ERROR]*.
## Outcome(s)
The outcome of this Test Case is "fail" if there is at least one message
with the severity level *ERROR* or *CRITICAL*.
The outcome of this Test Case is "warning" if there is at least one message
with the severity level *WARNING*, but no message with severity level
*ERROR* or *CRITICAL*.
The outcome of this Test case is "pass" in all other cases.
Message | Default severity level (when message is outputted)
:---------------------------------|:--------------------------------------------------
NO_RESPONSE | DEBUG
NO_EDNS_SUPPORT | WARNING
NS_ERROR | WARNING
MISSING_OPT_IN_TRUNCATED | WARNING
## Special procedural requirements
If either IPv4 or IPv6 transport is disabled, ignore the evaluation of the
result of any test using this transport protocol and log a message reporting
the ignored result.
## Intercase dependencies
None.
[Connectivity01]: ../Connectivity-TP/connectivity01.md
[MISSING_OPT_IN_TRUNCATED]: #outcomes
[Method4]: ../Methods.md#method-4-obtain-glue-address-records-from-parent
[Method5]: ../Methods.md#method-5-obtain-the-name-server-address-records-from-child
[NO_EDNS_SUPPORT]: #outcomes
[NO_RESPONSE]: #outcomes
[NS_ERROR]: #outcomes
[RFC 6891, section 7]: https://datatracker.ietf.org/doc/html/rfc6891#section-7
[RFC 6891]: https://datatracker.ietf.org/doc/html/rfc6891
Reference in New Issue View Git Blame Copy Permalink