From 3b9b6d0b8e7f798023c9d109c490449d528fde80 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 17:59:48 +0200 Subject: Adding upstream version 1:9.18.19. Signed-off-by: Daniel Baumann --- bin/tests/system/autosign/ns3/named.conf.in | 335 ++++++++++++++++++++++++++++ 1 file changed, 335 insertions(+) create mode 100644 bin/tests/system/autosign/ns3/named.conf.in (limited to 'bin/tests/system/autosign/ns3/named.conf.in') diff --git a/bin/tests/system/autosign/ns3/named.conf.in b/bin/tests/system/autosign/ns3/named.conf.in new file mode 100644 index 0000000..64196a1 --- /dev/null +++ b/bin/tests/system/autosign/ns3/named.conf.in @@ -0,0 +1,335 @@ +/* + * Copyright (C) Internet Systems Consortium, Inc. ("ISC") + * + * SPDX-License-Identifier: MPL-2.0 + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, you can obtain one at https://mozilla.org/MPL/2.0/. + * + * See the COPYRIGHT file distributed with this work for additional + * information regarding copyright ownership. + */ + +// NS3 + +controls { /* empty */ }; + +options { + query-source address 10.53.0.3; + notify-source 10.53.0.3; + transfer-source 10.53.0.3; + port @PORT@; + session-keyfile "session.key"; + pid-file "named.pid"; + listen-on { 10.53.0.3; }; + listen-on-v6 { none; }; + recursion no; + notify yes; + dnssec-validation yes; + dnssec-loadkeys-interval 10; + allow-new-zones yes; +}; + +key rndc_key { + secret "1234abcd8765"; + algorithm @DEFAULT_HMAC@; +}; + +controls { + inet 10.53.0.3 port @CONTROLPORT@ allow { any; } keys { rndc_key; }; +}; + +zone "." { + type hint; + file "../../common/root.hint"; +}; + +zone "example" { + type secondary; + primaries { 10.53.0.2; }; + file "example.bk"; +}; + +zone "bar" { + type secondary; + primaries { 10.53.0.2; }; + file "bar.bk"; +}; + +zone "secure.example" { + type primary; + file "secure.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "insecure.example" { + type primary; + file "insecure.example.db"; +}; + +zone "nsec3.example" { + type primary; + file "nsec3.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "autonsec3.example" { + type primary; + file "autonsec3.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "optout.nsec3.example" { + type primary; + file "optout.nsec3.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "nsec3.nsec3.example" { + type primary; + file "nsec3.nsec3.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "jitter.nsec3.example" { + type primary; + file "jitter.nsec3.example.db"; + allow-update { any; }; + auto-dnssec maintain; + sig-validity-interval 10 2; + sig-signing-nodes 1000; + sig-signing-signatures 100; +}; + +zone "secure.nsec3.example" { + type primary; + file "secure.nsec3.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "optout.example" { + type primary; + file "optout.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "secure.optout.example" { + type primary; + file "secure.optout.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "nsec3.optout.example" { + type primary; + file "nsec3.optout.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "optout.optout.example" { + type primary; + file "optout.optout.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "rsasha256.example" { + type primary; + file "rsasha256.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "rsasha512.example" { + type primary; + file "rsasha512.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "nsec-only.example" { + type primary; + file "nsec-only.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "nsec3-to-nsec.example" { + type primary; + file "nsec3-to-nsec.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "secure-to-insecure.example" { + type primary; + file "secure-to-insecure.example.db"; + allow-update { any; }; + dnssec-secure-to-insecure yes; +}; + +zone "secure-to-insecure2.example" { + type primary; + file "secure-to-insecure2.example.db"; + allow-update { any; }; + auto-dnssec maintain; + dnssec-secure-to-insecure yes; +}; + +zone "oldsigs.example" { + type primary; + file "oldsigs.example.db"; + allow-update { any; }; + auto-dnssec maintain; + sig-validity-interval 10 2; + sig-signing-nodes 1000; + sig-signing-signatures 100; +}; + +zone "prepub.example" { + type primary; + file "prepub.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "ttl1.example" { + type primary; + file "ttl1.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "ttl2.example" { + type primary; + file "ttl2.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "ttl3.example" { + type primary; + file "ttl3.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "ttl4.example" { + type primary; + file "ttl4.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "delay.example" { + type primary; + file "delay.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "nozsk.example" { + type primary; + file "nozsk.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "inaczsk.example" { + type primary; + file "inaczsk.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "noksk.example" { + type primary; + file "noksk.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "sync.example" { + type primary; + file "sync.example.db"; + allow-update { any; }; + dnssec-dnskey-kskonly no; + auto-dnssec maintain; +}; + +zone "kskonly.example" { + type primary; + file "kskonly.example.db"; + allow-update { any; }; + dnssec-dnskey-kskonly yes; + auto-dnssec maintain; +}; + +zone "inacksk2.example" { + type primary; + file "inacksk2.example.db"; + allow-update { any; }; + dnssec-dnskey-kskonly yes; + auto-dnssec maintain; +}; + +zone "inacksk3.example" { + type primary; + file "inacksk3.example.db"; + allow-update { any; }; + dnssec-dnskey-kskonly yes; + auto-dnssec maintain; +}; + +zone "inaczsk2.example" { + type primary; + file "inaczsk2.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "inaczsk3.example" { + type primary; + file "inaczsk3.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "delzsk.example." { + type primary; + file "delzsk.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "dname-at-apex-nsec3.example" { + type primary; + file "dname-at-apex-nsec3.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "cds-delete.example" { + type primary; + file "cds-delete.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +zone "cdnskey-delete.example" { + type primary; + file "cdnskey-delete.example.db"; + allow-update { any; }; + auto-dnssec maintain; +}; + +include "trusted.conf"; -- cgit v1.2.3