diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 07:24:22 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 07:24:22 +0000 |
commit | 45d6379135504814ab723b57f0eb8be23393a51d (patch) | |
tree | d4f2ec4acca824a8446387a758b0ce4238a4dffa /bin/tests/system/dnssec/ns3/named.conf.in | |
parent | Initial commit. (diff) | |
download | bind9-45d6379135504814ab723b57f0eb8be23393a51d.tar.xz bind9-45d6379135504814ab723b57f0eb8be23393a51d.zip |
Adding upstream version 1:9.16.44.upstream/1%9.16.44upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/dnssec/ns3/named.conf.in')
-rw-r--r-- | bin/tests/system/dnssec/ns3/named.conf.in | 382 |
1 files changed, 382 insertions, 0 deletions
diff --git a/bin/tests/system/dnssec/ns3/named.conf.in b/bin/tests/system/dnssec/ns3/named.conf.in new file mode 100644 index 0000000..bd0771d --- /dev/null +++ b/bin/tests/system/dnssec/ns3/named.conf.in @@ -0,0 +1,382 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS3 + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port @PORT@; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + dnssec-validation yes; + session-keyfile "session.key"; + minimal-responses no; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm hmac-sha256; +}; + +controls { + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "example" { + type secondary; + primaries { 10.53.0.2; }; + file "example.bk"; +}; + +zone "secure.example" { + type primary; + file "secure.example.db.signed"; + allow-update { any; }; +}; + +zone "bogus.example" { + type primary; + file "bogus.example.db.signed"; + allow-update { any; }; +}; + +zone "badds.example" { + type primary; + file "badds.example.db.signed"; + allow-update { any; }; +}; + +zone "dynamic.example" { + type primary; + file "dynamic.example.db.signed"; + allow-update { any; }; +}; + +zone "insecure.example" { + type primary; + file "insecure.example.db"; + allow-update { any; }; +}; + +zone "insecure2.example" { + type primary; + file "insecure2.example.db"; + allow-update { any; }; +}; + +zone "insecure.nsec3.example" { + type primary; + file "insecure.nsec3.example.db"; + allow-update { any; }; +}; + +zone "insecure.optout.example" { + type primary; + file "insecure.optout.example.db"; + allow-update { any; }; +}; + +zone "keyless.example" { + type primary; + file "keyless.example.db.signed"; +}; + +zone "nsec3.example" { + type primary; + file "nsec3.example.db.signed"; +}; + +zone "optout.nsec3.example" { + type primary; + file "optout.nsec3.example.db.signed"; +}; + +zone "nsec3.nsec3.example" { + type primary; + file "nsec3.nsec3.example.db.signed"; +}; + +zone "secure.nsec3.example" { + type primary; + file "secure.nsec3.example.db.signed"; +}; + +zone "optout.example" { + type primary; + file "optout.example.db.signed"; +}; + +zone "secure.optout.example" { + type primary; + file "secure.optout.example.db.signed"; +}; + +zone "nsec3.optout.example" { + type primary; + file "nsec3.optout.example.db.signed"; +}; + +zone "optout.optout.example" { + type primary; + file "optout.optout.example.db.signed"; +}; + +zone "nsec3-unknown.example" { + type primary; + nsec3-test-zone yes; + file "nsec3-unknown.example.db.signed"; +}; + +zone "optout-unknown.example" { + type primary; + nsec3-test-zone yes; + file "optout-unknown.example.db.signed"; +}; + +zone "dnskey-unknown.example" { + type primary; + file "dnskey-unknown.example.db.signed"; +}; + +zone "dnskey-unsupported.example" { + type primary; + file "dnskey-unsupported.example.db.signed"; +}; + +zone "dnskey-unsupported-2.example" { + type primary; + file "dnskey-unsupported-2.example.db.signed"; +}; + +zone "dnskey-nsec3-unknown.example" { + type primary; + nsec3-test-zone yes; + file "dnskey-nsec3-unknown.example.db.signed"; +}; + +zone "multiple.example" { + type primary; + file "multiple.example.db.signed"; + allow-update { any; }; +}; + +zone "rfc2335.example" { + type secondary; + primaries { 10.53.0.2; }; + file "rfc2335.example.bk"; +}; + +zone "rsasha256.example" { + type primary; + file "rsasha256.example.db.signed"; +}; + +zone "rsasha512.example" { + type primary; + file "rsasha512.example.db.signed"; +}; + +zone "kskonly.example" { + type primary; + file "kskonly.example.db.signed"; +}; + +zone "expired.example" { + type primary; + allow-update { none; }; + file "expired.example.db.signed"; +}; + +zone "update-nsec3.example" { + type primary; + allow-update { any; }; + file "update-nsec3.example.db.signed"; +}; + +zone "auto-nsec.example" { + type primary; + auto-dnssec maintain; + allow-update { !0.0.0.0; }; + file "auto-nsec.example.db.signed"; +}; + +zone "auto-nsec3.example" { + type primary; + auto-dnssec maintain; + allow-update { !0.0.0.0; }; + file "auto-nsec3.example.db.signed"; +}; + +zone "insecure.below-cname.example" { + type primary; + file "insecure.below-cname.example.db"; +}; + +zone "secure.below-cname.example" { + type primary; + file "secure.below-cname.example.db.signed"; +}; + +zone "ttlpatch.example" { + type primary; + file "ttlpatch.example.db.patched"; +}; + +zone "split-dnssec.example" { + type primary; + file "split-dnssec.example.db"; +}; + +zone "split-smart.example" { + type primary; + file "split-smart.example.db"; +}; + +zone "nsec3chain-test" { + type secondary; + file "nsec3chain-test.bk"; + primaries { 10.53.0.2; }; +}; + +zone "expiring.example" { + type primary; + allow-update { any; }; + file "expiring.example.db.signed"; +}; + +zone "nosign.example" { + type primary; + allow-update { any; }; + dnssec-update-mode no-resign; + file "nosign.example.db.signed"; +}; + +zone "upper.example" { + type primary; + file "upper.example.db.signed"; +}; + +zone "LOWER.EXAMPLE" { + type primary; + file "lower.example.db.signed"; +}; + +zone "inline.example" { + type primary; + file "inline.example.db"; + inline-signing yes; + auto-dnssec maintain; +}; + +zone "publish-inactive.example" { + type primary; + file "publish-inactive.example.db"; + auto-dnssec maintain; + update-policy local; +}; + +zone "future.example" { + type primary; + file "future.example.db.signed"; +}; + +zone "managed-future.example" { + type primary; + file "managed-future.example.db.signed"; + allow-update { any; }; +}; + +zone "revkey.example" { + type primary; + file "revkey.example.db.signed"; +}; + +zone "dname-at-apex-nsec3.example" { + type primary; + file "dname-at-apex-nsec3.example.db.signed"; +}; + +zone "occluded.example" { + type primary; + file "occluded.example.db.signed"; +}; + +zone "secure.managed" { + type primary; + file "secure.managed.db.signed"; +}; + +zone "disabled.managed" { + type primary; + file "disabled.managed.db.signed"; +}; + +zone "enabled.managed" { + type primary; + file "enabled.managed.db.signed"; +}; + +zone "unsupported.managed" { + type primary; + file "unsupported.managed.db.signed"; +}; + +zone "revoked.managed" { + type primary; + file "revoked.managed.db.signed"; +}; + +zone "secure.trusted" { + type primary; + file "secure.trusted.db.signed"; +}; + +zone "disabled.trusted" { + type primary; + file "disabled.trusted.db.signed"; +}; + +zone "enabled.trusted" { + type primary; + file "enabled.trusted.db.signed"; +}; + +zone "unsupported.trusted" { + type primary; + file "unsupported.trusted.db.signed"; +}; + +zone "revoked.trusted" { + type primary; + file "revoked.trusted.db.signed"; +}; + +zone "too-many-iterations" { + type secondary; + primaries { 10.53.0.2; }; + file "too-many-iterations.bk"; +}; + +include "siginterval.conf"; + +include "trusted.conf"; |