summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/dnssec/ns3/named.conf.in
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--bin/tests/system/dnssec/ns3/named.conf.in298
1 files changed, 298 insertions, 0 deletions
diff --git a/bin/tests/system/dnssec/ns3/named.conf.in b/bin/tests/system/dnssec/ns3/named.conf.in
new file mode 100644
index 0000000..14ebbc8
--- /dev/null
+++ b/bin/tests/system/dnssec/ns3/named.conf.in
@@ -0,0 +1,298 @@
+/*
+ * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * See the COPYRIGHT file distributed with this work for additional
+ * information regarding copyright ownership.
+ */
+
+// NS3
+
+options {
+ query-source address 10.53.0.3;
+ notify-source 10.53.0.3;
+ transfer-source 10.53.0.3;
+ port @PORT@;
+ pid-file "named.pid";
+ listen-on { 10.53.0.3; };
+ listen-on-v6 { none; };
+ recursion no;
+ notify yes;
+ dnssec-enable yes;
+ dnssec-validation yes;
+ session-keyfile "session.key";
+};
+
+key rndc_key {
+ secret "1234abcd8765";
+ algorithm hmac-sha256;
+};
+
+controls {
+ inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; };
+};
+
+zone "." {
+ type hint;
+ file "../../common/root.hint";
+};
+
+zone "example" {
+ type slave;
+ masters { 10.53.0.2; };
+ file "example.bk";
+};
+
+zone "secure.example" {
+ type master;
+ file "secure.example.db.signed";
+ allow-update { any; };
+};
+
+zone "bogus.example" {
+ type master;
+ file "bogus.example.db.signed";
+ allow-update { any; };
+};
+
+zone "badds.example" {
+ type master;
+ file "badds.example.db.signed";
+ allow-update { any; };
+};
+
+zone "dynamic.example" {
+ type master;
+ file "dynamic.example.db.signed";
+ allow-update { any; };
+};
+
+zone "insecure.example" {
+ type master;
+ file "insecure.example.db";
+ allow-update { any; };
+};
+
+zone "insecure.nsec3.example" {
+ type master;
+ file "insecure.nsec3.example.db";
+ allow-update { any; };
+};
+
+zone "insecure.optout.example" {
+ type master;
+ file "insecure.optout.example.db";
+ allow-update { any; };
+};
+
+zone "keyless.example" {
+ type master;
+ file "keyless.example.db.signed";
+};
+
+zone "nsec3.example" {
+ type master;
+ file "nsec3.example.db.signed";
+};
+
+zone "optout.nsec3.example" {
+ type master;
+ file "optout.nsec3.example.db.signed";
+};
+
+zone "nsec3.nsec3.example" {
+ type master;
+ file "nsec3.nsec3.example.db.signed";
+};
+
+zone "secure.nsec3.example" {
+ type master;
+ file "secure.nsec3.example.db.signed";
+};
+
+zone "optout.example" {
+ type master;
+ file "optout.example.db.signed";
+};
+
+zone "secure.optout.example" {
+ type master;
+ file "secure.optout.example.db.signed";
+};
+
+zone "nsec3.optout.example" {
+ type master;
+ file "nsec3.optout.example.db.signed";
+};
+
+zone "optout.optout.example" {
+ type master;
+ file "optout.optout.example.db.signed";
+};
+
+zone "nsec3-unknown.example" {
+ type master;
+ nsec3-test-zone yes;
+ file "nsec3-unknown.example.db.signed";
+};
+
+zone "optout-unknown.example" {
+ type master;
+ nsec3-test-zone yes;
+ file "optout-unknown.example.db.signed";
+};
+
+zone "dnskey-unknown.example" {
+ type master;
+ file "dnskey-unknown.example.db.signed";
+};
+
+zone "dnskey-nsec3-unknown.example" {
+ type master;
+ nsec3-test-zone yes;
+ file "dnskey-nsec3-unknown.example.db.signed";
+};
+
+zone "multiple.example" {
+ type master;
+ file "multiple.example.db.signed";
+ allow-update { any; };
+};
+
+zone "rfc2335.example" {
+ type slave;
+ masters { 10.53.0.2; };
+ file "rfc2335.example.bk";
+};
+
+zone "rsasha256.example" {
+ type master;
+ file "rsasha256.example.db.signed";
+};
+
+zone "rsasha512.example" {
+ type master;
+ file "rsasha512.example.db.signed";
+};
+
+zone "kskonly.example" {
+ type master;
+ file "kskonly.example.db.signed";
+};
+
+zone "expired.example" {
+ type master;
+ allow-update { none; };
+ file "expired.example.db.signed";
+};
+
+zone "update-nsec3.example" {
+ type master;
+ allow-update { any; };
+ file "update-nsec3.example.db.signed";
+};
+
+zone "auto-nsec.example" {
+ type master;
+ auto-dnssec maintain;
+ allow-update { !0.0.0.0; };
+ file "auto-nsec.example.db.signed";
+};
+
+zone "auto-nsec3.example" {
+ type master;
+ auto-dnssec maintain;
+ allow-update { !0.0.0.0; };
+ file "auto-nsec3.example.db.signed";
+};
+
+zone "insecure.below-cname.example" {
+ type master;
+ file "insecure.below-cname.example.db";
+};
+
+zone "secure.below-cname.example" {
+ type master;
+ file "secure.below-cname.example.db.signed";
+};
+
+zone "ttlpatch.example" {
+ type master;
+ file "ttlpatch.example.db.patched";
+};
+
+zone "split-dnssec.example" {
+ type master;
+ file "split-dnssec.example.db";
+};
+
+zone "split-smart.example" {
+ type master;
+ file "split-smart.example.db";
+};
+
+zone "nsec3chain-test" {
+ type slave;
+ file "nsec3chain-test.bk";
+ masters { 10.53.0.2; };
+};
+
+zone "expiring.example" {
+ type master;
+ allow-update { any; };
+ file "expiring.example.db.signed";
+};
+
+zone "nosign.example" {
+ type master;
+ allow-update { any; };
+ dnssec-update-mode no-resign;
+ file "nosign.example.db.signed";
+};
+
+zone "upper.example" {
+ type master;
+ file "upper.example.db.signed";
+};
+
+zone "LOWER.EXAMPLE" {
+ type master;
+ file "lower.example.db.signed";
+};
+
+zone "inline.example" {
+ type master;
+ file "inline.example.db";
+ inline-signing yes;
+ auto-dnssec maintain;
+};
+
+zone "publish-inactive.example" {
+ type master;
+ file "publish-inactive.example.db";
+ auto-dnssec maintain;
+ update-policy local;
+};
+
+zone "future.example" {
+ type master;
+ file "future.example.db.signed";
+};
+
+zone "managed-future.example" {
+ type master;
+ file "managed-future.example.db.signed";
+ allow-update { any; };
+};
+
+zone "revkey.example" {
+ type master;
+ file "revkey.example.db.signed";
+};
+
+include "siginterval.conf";
+
+include "trusted.conf";