CloudHost/zonemaster.es
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d4eaa1489fb7026efebc842d0a1cec488fd31f7
zonemaster.es/zonemaster/docs/public/specifications/tests/Address-TP/address01.md
Malin 8d4eaa1489 feat: add full Zonemaster stack with Docker and Spanish UI 
- Clone all 5 Zonemaster component repos (LDNS, Engine, CLI, Backend, GUI)
- Dockerfile.backend: 8-stage multi-stage build LDNS→Engine→CLI→Backend
- Dockerfile.gui: Astro static build served via nginx
- docker-compose.yml: backend (internal) + frontend (port 5353)
- nginx.conf: root redirects to /es/, /api/ proxied to backend
- zonemaster-gui/config.ts: defaultLanguage set to 'es' (Spanish)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 08:19:24 +02:00

154 lines
7.1 KiB
Markdown
Raw Blame History

# ADDRESS01: Name server address must be globally reachable
## Test case identifier
**ADDRESS01**
## Table of contents
* [Objective](#Objective)
* [Scope](#Scope)
* [Inputs](#Inputs)
* [Summary](#Summary)
* [Test procedure](#Test-procedure)
* [Outcome(s)](#Outcomes)
* [Intercase dependencies](#Intercase-dependencies)
## Objective
In order for the domain and its resources to be accessible, authoritative
name servers must have addresses in the reachable public addressing space.
IANA is responsible for global coordination of the IP addressing system.
Aside its address allocation activities, it maintains reserved address ranges
for special uses. These ranges can be categorized into two types:
[Special purpose IPv4 addresses] and [Special purpose IPv6 addresses].
This test checks the name server IP addresses, both those derived from delegation and those
derived from the name servers listed in the zone (NS records). Each address is compared against
the IANA databases. If an address is not globally reachable, a message is outputted.
## Scope
This test case does not do any actual connectivity test, which is done by other test cases.
## Inputs
* "Child Zone" -- the domain name to be tested.
* [Special purpose IPv4 addresses]
* [Special purpose IPv6 addresses]
## Summary
| Message Tag | Level | Arguments | Message ID for message tag |
|:--------------------------------|:---------|:----------|:-----------------------------------------------------------------------------------------|
| A01_ADDR_NOT_GLOBALLY_REACHABLE | ERROR | ns_list | IP address(es) not listed as globally reachable: "{ns_list}". |
| A01_DOCUMENTATION_ADDR | ERROR | ns_list | IP address(es) intended for documentation purposes: "{ns_list}". |
| A01_GLOBALLY_REACHABLE_ADDR | INFO | ns_list | Globally reachable IP address(es): "{ns_list}". |
| A01_LOCAL_USE_ADDR | ERROR | ns_list | IP address(es) intended for local use on network or service provider level: "{ns_list}". |
| A01_NO_GLOBALLY_REACHABLE_ADDR | ERROR | | None of the name servers IP addresses are listed as globally reachable. |
| A01_NO_NAME_SERVERS_FOUND | CRITICAL | | No name servers found. |
The value in the Level column is the default severity level of the message. The
severity level can be changed in the [Zonemaster-Engine profile]. Also see the
[Severity Level Definitions] document.
The argument names in the Arguments column lists the arguments used in the
message. The argument names are defined in the [Argument list].
## Test procedure
1. Create the following empty sets:
1. Name server name and IP address ("Name Server IP").
2. Name server name and IP address ("Documentation Address").
3. Name server name and IP address ("Local Use Address").
4. Name server name and IP address ("Not Globally Reachable").
5. Name server name and IP address ("Globally Reachable").
2. Retrieve all name server names and IP addresses for *Child Zone* using
methods [Get-Del-NS-Names-and-IPs] and [Get-Zone-NS-Names-and-IPs],
and add them to the *Name Server IP* set.
3. If the *Name Server IP* set is empty, output *[A01_NO_NAME_SERVERS_FOUND]*
and exit the test.
4. For each name server in *Name Server IP* do:
1. Match the IP address against the IP ranges specified in
[Special purpose IPv4 addresses] and [Special purpose IPv6 addresses]
1. If the IP address falls within any of the address ranges reserved for
*Documentation*, add the name server name and IP address to the
*Documentation Address* set,
2. Else, if it falls within an address range belonging to any of the
following categories, add the name server name and IP address to the
*Local Use Adddress* set:
- *Private-Use (IPv4)*
- *Loopback (IPv4)*
- *Loopback Address (IPv6)*
- *Link Local (IPv4)*
- *Link-Local Unicast* (IPv6)
- *Unique-Local* (IPv6)
- *Shared Address Space* (IPv6)
3. Else, if it falls within any other range that is not registered as
*Globally Reachable*, add the name server name and IP address to
the *Not Globally Reachable* set.
4. Else, add the name server name and IP address to the
*Globally Reachable* set.
2. Go to the next server.
5. If the *Documentation Address* set is non-empty, then output
*[A01_DOCUMENTATION_ADDR]* with a list of name server names and IP addresses
from the set.
6. If the *Local Use Address* set is non-empty, then output
*[A01_LOCAL_USE_ADDR]* with a list of name server names and IP addresses
from the set.
7. If the *Not Globally Reachable* set is non-empty, then output
*[A01_ADDR_NOT_GLOBALLY_REACHABLE]* with a list of name server names and
IP addresses from the set.
8. If the *Globally Reachable* set is non-empty, then output
*[A01_GLOBALLY_REACHABLE_ADDR]* with a list of name server names and
IP addresses from the set.
9. If the *Globally Reachable* set is empty, then output
*[A01_NO_GLOBALLY_REACHABLE_ADDR]*
## Outcome(s)
The outcome of this Test Case is "fail" if there is at least one message
with the severity level *[ERROR]* or *[CRITICAL]*.
The outcome of this Test Case is "warning" if there is at least one message
with the severity level *[WARNING]*, but no message with severity level
*[ERROR]* or *[CRITICAL]*.
In other cases, no message or only messages with severity level
*[INFO]* or *[NOTICE]* the outcome of this Test Case is "pass".
## Special procedural requirements
The registries [Special purpose IPv4 addresses] and
[Special purpose IPv6 addresses] have to be fetched prior to testing.
## Intercase dependencies
None.
[A01_GLOBALLY_REACHABLE_ADDR]: #summary
[A01_NO_GLOBALLY_REACHABLE_ADDR]: #summary
[A01_ADDR_NOT_GLOBALLY_REACHABLE]: #summary
[A01_DOCUMENTATION_ADDR]: #summary
[A01_LOCAL_USE_ADDR]: #summary
[A01_NO_NAME_SERVERS_FOUND]: #summary
[Argument list]: ../ArgumentsForTestCaseMessages.md
[CRITICAL]: ../SeverityLevelDefinitions.md#critical
[ERROR]: ../SeverityLevelDefinitions.md#error
[Get-Del-NS-Names-and-IPs]: ../MethodsV2.md#method-get-delegation-ns-names-and-ip-addresses
[Get-Zone-NS-Names-and-IPs]: ../MethodsV2.md#method-get-zone-ns-names-and-ip-addresses
[INFO]: ../SeverityLevelDefinitions.md#info
[NOTICE]: ../SeverityLevelDefinitions.md#notice
[Special purpose IPv4 addresses]: https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xml
[Special purpose IPv6 addresses]: https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xml
[Severity Level Definitions]: ../SeverityLevelDefinitions.md
[WARNING]: ../SeverityLevelDefinitions.md#warning
[Zonemaster-Engine profile]: ../../../configuration/profiles.md
Reference in New Issue View Git Blame Copy Permalink