[dns-wg] Re: [DNSOP] DNS test protocol
-
From: Patrik Wallstrom pawal@localhost, dns-operations@localhost, dnsop@localhost
-
Date: Tue, 13 Nov 2007 11:52:14 +0100
-
Organization: Foodfight Stockholm
Sorry, the attachment was missing.
--
Patrik Wallström
Project Manager, R&D
.SE (Stiftelsen för Internetinfrastruktur)
E-mail: patrik.wallstrom@localhost
Web: http://www.iis.se/
DNS test protocol for SOHO-routers
************************************************************
*** Is the router EDNS0 capable
************************************************************
*** Does the router give the client ENDS0 traffic
A.1.1: dig +retry=0 +bufsize=512 +qr small.nxdomain.se TXT
A.1.2: dig +retry=0 +bufsize=512 +qr medium.nxdomain.se TXT
A.1.3: dig +retry=0 +bufsize=512 +qr large.nxdomain.se TXT
A.1.4: dig +retry=0 +bufsize=512 +qr huge.nxdomain.se TXT
A.2.1: dig +retry=0 +bufsize=1024 +qr small.nxdomain.se TXT
A.2.2: dig +retry=0 +bufsize=1024 +qr medium.nxdomain.se TXT
A.2.3: dig +retry=0 +bufsize=1024 +qr large.nxdomain.se TXT
A.2.4: dig +retry=0 +bufsize=1024 +qr huge.nxdomain.se TXT
A.3.1: dig +retry=0 +bufsize=4096 +qr small.nxdomain.se TXT
A.3.2: dig +retry=0 +bufsize=4096 +qr medium.nxdomain.se TXT
A.3.3: dig +retry=0 +bufsize=4096 +qr large.nxdomain.se TXT
A.3.4: dig +retry=0 +bufsize=4096 +qr huge.nxdomain.se TXT
A.4.1: dig +retry=0 +bufsize=8192 +qr small.nxdomain.se TXT
A.4.2: dig +retry=0 +bufsize=8192 +qr medium.nxdomain.se TXT
A.4.3: dig +retry=0 +bufsize=8192 +qr large.nxdomain.se TXT
A.4.4: dig +retry=0 +bufsize=8192 +qr huge.nxdomain.se TXT
************************************************************
**** AD=1 in the reply
************************************************************
*** Does the router accept replies with AD=1
B.1: dig +retry=0 @validator-with-BIND_9.4.1 +qr dnssec.se SOA
*** Does the router accept replies with AD=0
B.2: dig +retry=0 @validator-with-BIND_9.4.2 +qr dnssec.se SOA
************************************************************
**** DO=1 in query
************************************************************
*** Does the router accept queries with DO=1, replies with AD=1
C.1: dig +retry=0 @validator-with-BIND_9.4.2 +qr +dnssec dnssec.se SOA
*** Does the router accept queries with DO=1, replies with AD=0
C.2: dig +retry=0 @validator-with-BIND_9.4.2 +qr +dnssec iis.se SOA
************************************************************
**** DO=1, CD=1 in query
************************************************************
*** Does the router accept queries with DO=1, CD=1
D.1: dig +retry=0 @validator-with-BIND_9.4.2 +qr +dnssec +cdflag dnssec.se SOA
*** Does the router accept queries with DO=1, CD=1
D.2: dig +retry=0 @validator-with-BIND_9.4.2 +qr +dnssec +cdflag iis.se SOA
************************************************************
**** AD=1 in query
************************************************************
*** Does the router accept queries with AD=1, replies with AD=1
E.1: dig +retry=0 @validator-with-BIND_9.4.1 +qr +adflag dnssec.se SOA
*** Does the router accept queries with AD=1, replies with AD=0
E.2: dig +retry=0 @validator-with-BIND_9.4.2 +qr +adflag dnssec.se SOA
************************************************************
**** Open resolver in the router? (test from the "outside")
************************************************************
F.1: dig +retry=0 @router nonexisting.dnssec.se TXT
Attachment:
signature.asc
Description: Digital signature
|
you are here: RIPE -> RIPE Maillists > Archives
