diff options
Diffstat (limited to '')
-rw-r--r-- | bin/tests/system/dnssec/ns3/named.conf.in | 298 |
1 files changed, 298 insertions, 0 deletions
diff --git a/bin/tests/system/dnssec/ns3/named.conf.in b/bin/tests/system/dnssec/ns3/named.conf.in new file mode 100644 index 0000000..14ebbc8 --- /dev/null +++ b/bin/tests/system/dnssec/ns3/named.conf.in @@ -0,0 +1,298 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS3 + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + dnssec-enable yes; + dnssec-validation yes; + session-keyfile "session.key"; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "example" { + type slave; + masters { 10.53.0.2; }; + file "example.bk"; +}; + +zone "secure.example" { + type master; + file "secure.example.db.signed"; + allow-update { any; }; +}; + +zone "bogus.example" { + type master; + file "bogus.example.db.signed"; + allow-update { any; }; +}; + +zone "badds.example" { + type master; + file "badds.example.db.signed"; + allow-update { any; }; +}; + +zone "dynamic.example" { + type master; + file "dynamic.example.db.signed"; + allow-update { any; }; +}; + +zone "insecure.example" { + type master; + file "insecure.example.db"; + allow-update { any; }; +}; + +zone "insecure.nsec3.example" { + type master; + file "insecure.nsec3.example.db"; + allow-update { any; }; +}; + +zone "insecure.optout.example" { + type master; + file "insecure.optout.example.db"; + allow-update { any; }; +}; + +zone "keyless.example" { + type master; + file "keyless.example.db.signed"; +}; + +zone "nsec3.example" { + type master; + file "nsec3.example.db.signed"; +}; + +zone "optout.nsec3.example" { + type master; + file "optout.nsec3.example.db.signed"; +}; + +zone "nsec3.nsec3.example" { + type master; + file "nsec3.nsec3.example.db.signed"; +}; + +zone "secure.nsec3.example" { + type master; + file "secure.nsec3.example.db.signed"; +}; + +zone "optout.example" { + type master; + file "optout.example.db.signed"; +}; + +zone "secure.optout.example" { + type master; + file "secure.optout.example.db.signed"; +}; + +zone "nsec3.optout.example" { + type master; + file "nsec3.optout.example.db.signed"; +}; + +zone "optout.optout.example" { + type master; + file "optout.optout.example.db.signed"; +}; + +zone "nsec3-unknown.example" { + type master; + nsec3-test-zone yes; + file "nsec3-unknown.example.db.signed"; +}; + +zone "optout-unknown.example" { + type master; + nsec3-test-zone yes; + file "optout-unknown.example.db.signed"; +}; + +zone "dnskey-unknown.example" { + type master; + file "dnskey-unknown.example.db.signed"; +}; + +zone "dnskey-nsec3-unknown.example" { + type master; + nsec3-test-zone yes; + file "dnskey-nsec3-unknown.example.db.signed"; +}; + +zone "multiple.example" { + type master; + file "multiple.example.db.signed"; + allow-update { any; }; +}; + +zone "rfc2335.example" { + type slave; + masters { 10.53.0.2; }; + file "rfc2335.example.bk"; +}; + +zone "rsasha256.example" { + type master; + file "rsasha256.example.db.signed"; +}; + +zone "rsasha512.example" { + type master; + file "rsasha512.example.db.signed"; +}; + +zone "kskonly.example" { + type master; + file "kskonly.example.db.signed"; +}; + +zone "expired.example" { + type master; + allow-update { none; }; + file "expired.example.db.signed"; +}; + +zone "update-nsec3.example" { + type master; + allow-update { any; }; + file "update-nsec3.example.db.signed"; +}; + +zone "auto-nsec.example" { + type master; + auto-dnssec maintain; + allow-update { !0.0.0.0; }; + file "auto-nsec.example.db.signed"; +}; + +zone "auto-nsec3.example" { + type master; + auto-dnssec maintain; + allow-update { !0.0.0.0; }; + file "auto-nsec3.example.db.signed"; +}; + +zone "insecure.below-cname.example" { + type master; + file "insecure.below-cname.example.db"; +}; + +zone "secure.below-cname.example" { + type master; + file "secure.below-cname.example.db.signed"; +}; + +zone "ttlpatch.example" { + type master; + file "ttlpatch.example.db.patched"; +}; + +zone "split-dnssec.example" { + type master; + file "split-dnssec.example.db"; +}; + +zone "split-smart.example" { + type master; + file "split-smart.example.db"; +}; + +zone "nsec3chain-test" { + type slave; + file "nsec3chain-test.bk"; + masters { 10.53.0.2; }; +}; + +zone "expiring.example" { + type master; + allow-update { any; }; + file "expiring.example.db.signed"; +}; + +zone "nosign.example" { + type master; + allow-update { any; }; + dnssec-update-mode no-resign; + file "nosign.example.db.signed"; +}; + +zone "upper.example" { + type master; + file "upper.example.db.signed"; +}; + +zone "LOWER.EXAMPLE" { + type master; + file "lower.example.db.signed"; +}; + +zone "inline.example" { + type master; + file "inline.example.db"; + inline-signing yes; + auto-dnssec maintain; +}; + +zone "publish-inactive.example" { + type master; + file "publish-inactive.example.db"; + auto-dnssec maintain; + update-policy local; +}; + +zone "future.example" { + type master; + file "future.example.db.signed"; +}; + +zone "managed-future.example" { + type master; + file "managed-future.example.db.signed"; + allow-update { any; }; +}; + +zone "revkey.example" { + type master; + file "revkey.example.db.signed"; +}; + +include "siginterval.conf"; + +include "trusted.conf"; |