blob: 0b831ec94e3422d5d79843f3bb95e120a16e3dd4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
|
; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
;
; This Source Code Form is subject to the terms of the Mozilla Public
; License, v. 2.0. If a copy of the MPL was not distributed with this
; file, You can obtain one at http://mozilla.org/MPL/2.0/.
;
; See the COPYRIGHT file distributed with this work for additional
; information regarding copyright ownership.
$TTL 300 ; 5 minutes
@ IN SOA mname1. . (
2000042407 ; serial
20 ; refresh (20 seconds)
20 ; retry (20 seconds)
1814400 ; expire (3 weeks)
3600 ; minimum (1 hour)
)
NS ns2
NS ns3
ns2 A 10.53.0.2
ns3 A 10.53.0.3
a A 10.0.0.1
b A 10.0.0.2
d A 10.0.0.4
; Used for testing ANY queries
foo TXT "testing"
foo A 10.0.1.0
bad-cname CNAME a
bad-dname DNAME @
; Used for testing CNAME queries
cname1 CNAME cname1-target
cname1-target TXT "testing cname"
cname2 CNAME cname2-target
cname2-target TXT "testing cname"
; Used for testing DNAME queries
dname1 DNAME dname1-target
foo.dname1-target TXT "testing dname"
dname2 DNAME dname2-target
foo.dname2-target TXT "testing dname"
; A secure subdomain
secure NS ns3.secure
ns3.secure A 10.53.0.3
; An insecure subdomain
insecure NS ns.insecure
ns.insecure A 10.53.0.3
; A secure subdomain we're going to inject bogus data into
bogus NS ns.bogus
ns.bogus A 10.53.0.3
; A subdomain with a corrupt DS
badds NS ns.badds
ns.badds A 10.53.0.3
; A dynamic secure subdomain
dynamic NS dynamic
dynamic A 10.53.0.3
; A insecure subdomain
mustbesecure NS ns.mustbesecure
ns.mustbesecure A 10.53.0.3
; A subdomain with expired signatures
expired NS ns.expired
ns.expired A 10.53.0.3
; A rfc2535 signed zone w/ CNAME
rfc2535 NS ns.rfc2535
ns.rfc2535 A 10.53.0.3
z A 10.0.0.26
keyless NS ns.keyless
ns.keyless A 10.53.0.3
nsec3 NS ns.nsec3
ns.nsec3 A 10.53.0.3
optout NS ns.optout
ns.optout A 10.53.0.3
nsec3-unknown NS ns.nsec3-unknown
ns.nsec3-unknown A 10.53.0.3
optout-unknown NS ns.optout-unknown
ns.optout-unknown A 10.53.0.3
dnskey-unknown NS ns.dnskey-unknown
ns.dnskey-unknown A 10.53.0.3
dnskey-nsec3-unknown NS ns.dnskey-nsec3-unknown
ns.dnskey-nsec3-unknown A 10.53.0.3
multiple NS ns.multiple
ns.multiple A 10.53.0.3
*.wild A 10.0.0.27
rsasha256 NS ns.rsasha256
ns.rsasha256 A 10.53.0.3
rsasha512 NS ns.rsasha512
ns.rsasha512 A 10.53.0.3
kskonly NS ns.kskonly
ns.kskonly A 10.53.0.3
update-nsec3 NS ns.update-nsec3
ns.update-nsec3 A 10.53.0.3
auto-nsec NS ns.auto-nsec
ns.auto-nsec A 10.53.0.3
auto-nsec3 NS ns.auto-nsec3
ns.auto-nsec3 A 10.53.0.3
below-cname CNAME some.where.else.
insecure.below-cname NS ns.insecure.below-cname
ns.insecure.below-cname A 10.53.0.3
secure.below-cname NS ns.secure.below-cname
ns.secure.below-cname A 10.53.0.3
ttlpatch NS ns.ttlpatch
ns.ttlpatch A 10.53.0.3
split-dnssec NS ns.split-dnssec
ns.split-dnssec A 10.53.0.3
split-smart NS ns.split-smart
ns.split-smart A 10.53.0.3
upper NS ns.upper
ns.upper A 10.53.0.3
LOWER NS NS.LOWER
NS.LOWER A 10.53.0.3
expiring NS ns.expiring
ns.expiring A 10.53.0.3
future NS ns.future
ns.future A 10.53.0.3
managed-future NS ns.managed-future
ns.managed-future A 10.53.0.3
revkey NS ns.revkey
ns.revkey A 10.53.0.3
|
