From b77606d167eebd70996e7ec165b649b80d05b6f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Thu, 23 May 2024 19:12:40 +0200 Subject: [PATCH] Add test for not-loading and not-transfering huge RRSets Add two new masterformat tests - the 'huge' zone fits within the ns1 limit and loads on the primary ns1 server, but must not transfer to the ns2 secondary, and the 'uber' zone should not even load on the primary ns1 server. (cherry picked from commit cee9ad81db6e5a1167b311e5c2f42cf65ba457cd) --- bin/tests/system/doth/ns1/named.conf.in | 1 + bin/tests/system/limits/ns1/named.conf.in | 1 + bin/tests/system/masterformat/ns1/compile.sh | 2 + bin/tests/system/masterformat/ns1/huge.db.in | 22 +++++++ .../system/masterformat/ns1/named.conf.in | 15 +++++ bin/tests/system/masterformat/ns1/uber.db.in | 22 +++++++ .../system/masterformat/ns2/named.conf.in | 8 +++ bin/tests/system/masterformat/setup.sh | 19 +++++- bin/tests/system/masterformat/tests.sh | 60 ++++++++++++++++++- 9 files changed, 146 insertions(+), 4 deletions(-) create mode 100644 bin/tests/system/masterformat/ns1/huge.db.in create mode 100644 bin/tests/system/masterformat/ns1/uber.db.in diff --git a/bin/tests/system/doth/ns1/named.conf.in b/bin/tests/system/doth/ns1/named.conf.in index 6a8bcdbda5..e302fbcbe7 100644 --- a/bin/tests/system/doth/ns1/named.conf.in +++ b/bin/tests/system/doth/ns1/named.conf.in @@ -98,6 +98,7 @@ options { tcp-initial-timeout 1200; transfers-in 100; transfers-out 100; + max-records-per-type 0; }; zone "." { diff --git a/bin/tests/system/limits/ns1/named.conf.in b/bin/tests/system/limits/ns1/named.conf.in index 780f9e21cb..2332acf1f1 100644 --- a/bin/tests/system/limits/ns1/named.conf.in +++ b/bin/tests/system/limits/ns1/named.conf.in @@ -23,6 +23,7 @@ options { notify yes; minimal-responses no; dnssec-validation no; + max-records-per-type 0; }; zone "." { diff --git a/bin/tests/system/masterformat/ns1/compile.sh b/bin/tests/system/masterformat/ns1/compile.sh index 9ea1740ae2..7b2ff56b2f 100755 --- a/bin/tests/system/masterformat/ns1/compile.sh +++ b/bin/tests/system/masterformat/ns1/compile.sh @@ -27,6 +27,8 @@ $CHECKZONE -D -F raw=0 -o example.db.compat example-compat \ $CHECKZONE -D -F raw -L 3333 -o example.db.serial.raw example \ example.db >/dev/null 2>&1 $CHECKZONE -D -F raw -o large.db.raw large large.db >/dev/null 2>&1 +$CHECKZONE -D -F raw -o huge.db.raw huge huge.db >/dev/null 2>&1 +$CHECKZONE -D -F raw -o uber.db.raw uber uber.db >/dev/null 2>&1 $KEYGEN -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK signed >/dev/null 2>&1 $KEYGEN -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" signed >/dev/null 2>&1 diff --git a/bin/tests/system/masterformat/ns1/huge.db.in b/bin/tests/system/masterformat/ns1/huge.db.in new file mode 100644 index 0000000000..5a818632a8 --- /dev/null +++ b/bin/tests/system/masterformat/ns1/huge.db.in @@ -0,0 +1,22 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 1D + +@ IN SOA ns hostmaster ( + 1 + 3600 + 1800 + 1814400 + 3 + ) + NS ns +ns A 10.53.0.1 diff --git a/bin/tests/system/masterformat/ns1/named.conf.in b/bin/tests/system/masterformat/ns1/named.conf.in index a0d054fc6e..656d4c4716 100644 --- a/bin/tests/system/masterformat/ns1/named.conf.in +++ b/bin/tests/system/masterformat/ns1/named.conf.in @@ -23,6 +23,7 @@ options { session-keyfile "session.key"; servfail-ttl 0; dnssec-validation no; + max-records-per-type 2050; }; key rndc_key { @@ -78,6 +79,20 @@ zone "large" { allow-transfer { any; }; }; +zone "huge" { + type primary; + file "huge.db.raw"; + masterfile-format raw; + allow-transfer { any; }; +}; + +zone "uber" { + type primary; + file "uber.db.raw"; + masterfile-format raw; + allow-transfer { any; }; +}; + zone "signed" { type primary; file "signed.db.raw"; diff --git a/bin/tests/system/masterformat/ns1/uber.db.in b/bin/tests/system/masterformat/ns1/uber.db.in new file mode 100644 index 0000000000..5a818632a8 --- /dev/null +++ b/bin/tests/system/masterformat/ns1/uber.db.in @@ -0,0 +1,22 @@ +; Copyright (C) Internet Systems Consortium, Inc. ("ISC") +; +; SPDX-License-Identifier: MPL-2.0 +; +; This Source Code Form is subject to the terms of the Mozilla Public +; License, v. 2.0. If a copy of the MPL was not distributed with this +; file, you can obtain one at https://mozilla.org/MPL/2.0/. +; +; See the COPYRIGHT file distributed with this work for additional +; information regarding copyright ownership. + +$TTL 1D + +@ IN SOA ns hostmaster ( + 1 + 3600 + 1800 + 1814400 + 3 + ) + NS ns +ns A 10.53.0.1 diff --git a/bin/tests/system/masterformat/ns2/named.conf.in b/bin/tests/system/masterformat/ns2/named.conf.in index db68aef4d0..1b28b0cb0e 100644 --- a/bin/tests/system/masterformat/ns2/named.conf.in +++ b/bin/tests/system/masterformat/ns2/named.conf.in @@ -22,6 +22,7 @@ options { notify no; servfail-ttl 0; dnssec-validation no; + max-records-per-type 2000; }; zone "example" { @@ -62,3 +63,10 @@ zone "large" { masterfile-format raw; file "large.bk"; }; + +zone "huge" { + type secondary; + primaries { 10.53.0.1; }; + masterfile-format raw; + file "huge.bk"; +}; diff --git a/bin/tests/system/masterformat/setup.sh b/bin/tests/system/masterformat/setup.sh index c2bc0f646c..cc90f5a692 100755 --- a/bin/tests/system/masterformat/setup.sh +++ b/bin/tests/system/masterformat/setup.sh @@ -24,8 +24,23 @@ cp ns1/example.db ns2/ cp ns2/formerly-text.db.in ns2/formerly-text.db cp ns1/large.db.in ns1/large.db awk 'END { - for (i = 0; i < 512; i++ ) { print "a TXT", i; } - for (i = 0; i < 1024; i++ ) { print "b TXT", i; } + for (i = 0; i < 500; i++ ) { print "a TXT", i; } + for (i = 0; i < 1000; i++ ) { print "b TXT", i; } for (i = 0; i < 2000; i++ ) { print "c TXT", i; } }' >ns1/large.db +cp ns1/huge.db.in ns1/huge.db +awk 'END { + for (i = 0; i < 500; i++ ) { print "a TXT", i; } + for (i = 0; i < 1000; i++ ) { print "b TXT", i; } + for (i = 0; i < 2000; i++ ) { print "c TXT", i; } + for (i = 0; i < 2050; i++ ) { print "d TXT", i; } +}' >ns1/huge.db +cp ns1/uber.db.in ns1/uber.db +awk 'END { + for (i = 0; i < 500; i++ ) { print "a TXT", i; } + for (i = 0; i < 1000; i++ ) { print "b TXT", i; } + for (i = 0; i < 2000; i++ ) { print "c TXT", i; } + for (i = 0; i < 2050; i++ ) { print "d TXT", i; } + for (i = 0; i < 2100; i++ ) { print "e TXT", i; } +}' >ns1/uber.db cd ns1 && $SHELL compile.sh diff --git a/bin/tests/system/masterformat/tests.sh b/bin/tests/system/masterformat/tests.sh index feb2a7502f..27d37a3ff3 100755 --- a/bin/tests/system/masterformat/tests.sh +++ b/bin/tests/system/masterformat/tests.sh @@ -177,8 +177,64 @@ echo_i "checking that large rdatasets loaded ($n)" for i in 0 1 2 3 4 5 6 7 8 9; do ret=0 for a in a b c; do - $DIG +tcp txt "${a}.large" @10.53.0.2 -p "${PORT}" >"dig.out.ns2.test$n" - grep "status: NOERROR" "dig.out.ns2.test$n" >/dev/null || ret=1 + $DIG +tcp txt "${a}.large" @10.53.0.1 -p "${PORT}" >"dig.out.ns1.$a.test$n" + grep "status: NOERROR" "dig.out.ns1.$a.test$n" >/dev/null || ret=1 + done + [ $ret -eq 0 ] && break + sleep 1 +done +n=$((n + 1)) +[ $ret -eq 0 ] || echo_i "failed" +status=$((status + ret)) + +echo_i "checking that large rdatasets transfered ($n)" +for i in 0 1 2 3 4 5 6 7 8 9; do + ret=0 + for a in a b c; do + $DIG +tcp txt "${a}.large" @10.53.0.2 -p "${PORT}" >"dig.out.ns2.$a.test$n" + grep "status: NOERROR" "dig.out.ns2.$a.test$n" >/dev/null || ret=1 + done + [ $ret -eq 0 ] && break + sleep 1 +done +n=$((n + 1)) +[ $ret -eq 0 ] || echo_i "failed" +status=$((status + ret)) + +echo_i "checking that huge rdatasets loaded ($n)" +for i in 0 1 2 3 4 5 6 7 8 9; do + ret=0 + for a in a b c d; do + $DIG +tcp txt "${a}.huge" @10.53.0.1 -p "${PORT}" >"dig.out.ns1.$a.test$n" + grep "status: NOERROR" "dig.out.ns1.$a.test$n" >/dev/null || ret=1 + done + [ $ret -eq 0 ] && break + sleep 1 +done +n=$((n + 1)) +[ $ret -eq 0 ] || echo_i "failed" +status=$((status + ret)) + +echo_i "checking that huge rdatasets not transfered ($n)" +for i in 0 1 2 3 4 5 6 7 8 9; do + ret=0 + for a in a b c d; do + $DIG +tcp txt "${a}.huge" @10.53.0.2 -p "${PORT}" >"dig.out.ns2.$a.test$n" + grep "status: SERVFAIL" "dig.out.ns2.$a.test$n" >/dev/null || ret=1 + done + [ $ret -eq 0 ] && break + sleep 1 +done +n=$((n + 1)) +[ $ret -eq 0 ] || echo_i "failed" +status=$((status + ret)) + +echo_i "checking that uber rdatasets not loaded ($n)" +for i in 0 1 2 3 4 5 6 7 8 9; do + ret=0 + for a in a b c d e; do + $DIG +tcp txt "${a}.uber" @10.53.0.1 -p "${PORT}" >"dig.out.ns1.$a.test$n" + grep "status: SERVFAIL" "dig.out.ns1.$a.test$n" >/dev/null || ret=1 done [ $ret -eq 0 ] && break sleep 1