From 3079956ff7d925c32fb52907f6e7a1ad53cba9e5 Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Fri, 17 Jan 2020 08:35:12 +0100 Subject: [PATCH 1/3] Remove the DLV statistics counter This also removes counting the DLV RRtype separately. Since we have deprecated the lookaside validation it makes no sense to keep this special statistic counter. --- lib/dns/stats.c | 18 +++++------------- lib/dns/tests/rdatasetstats_test.c | 5 ----- 2 files changed, 5 insertions(+), 18 deletions(-) diff --git a/lib/dns/stats.c b/lib/dns/stats.c index c05e287dc1..c630cb2a35 100644 --- a/lib/dns/stats.c +++ b/lib/dns/stats.c @@ -53,9 +53,8 @@ typedef enum { */ enum { /* For 0-255, we use the rdtype value as counter indices */ - rdtypecounter_dlv = 256, /* for dns_rdatatype_dlv */ - rdtypecounter_others = 257, /* anything else */ - rdtypecounter_max = 258, + rdtypecounter_others = 256, /* anything else */ + rdtypecounter_max = 257, /* The following are used for nxrrset rdataset */ rdtypenxcounter_max = rdtypecounter_max * 2, /* nxdomain counter */ @@ -226,9 +225,7 @@ dns_rdatatypestats_increment(dns_stats_t *stats, dns_rdatatype_t type) { REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_rdtype); - if (type == dns_rdatatype_dlv) - counter = rdtypecounter_dlv; - else if (type > dns_rdatatype_any) + if (type > dns_rdatatype_any) counter = rdtypecounter_others; else counter = (int)type; @@ -248,9 +245,7 @@ update_rdatasetstats(dns_stats_t *stats, dns_rdatastatstype_t rrsettype, counter = rdtypecounter_nxdomain; } else { rdtype = DNS_RDATASTATSTYPE_BASE(rrsettype); - if (rdtype == dns_rdatatype_dlv) - counter = (int)rdtypecounter_dlv; - else if (rdtype > dns_rdatatype_any) + if (rdtype > dns_rdatatype_any) counter = (int)rdtypecounter_others; else counter = (int)rdtype; @@ -338,10 +333,7 @@ dump_rdentry(int rdcounter, uint64_t value, dns_rdatastatstype_t attributes, if (rdcounter == rdtypecounter_others) attributes |= DNS_RDATASTATSTYPE_ATTR_OTHERTYPE; else { - if (rdcounter == rdtypecounter_dlv) - rdtype = dns_rdatatype_dlv; - else - rdtype = (dns_rdatatype_t)rdcounter; + rdtype = (dns_rdatatype_t)rdcounter; } type = DNS_RDATASTATSTYPE_VALUE((dns_rdatastatstype_t)rdtype, attributes); diff --git a/lib/dns/tests/rdatasetstats_test.c b/lib/dns/tests/rdatasetstats_test.c index ca81a6d55c..da16348bea 100644 --- a/lib/dns/tests/rdatasetstats_test.c +++ b/lib/dns/tests/rdatasetstats_test.c @@ -228,7 +228,6 @@ rdatasetstats(void **state, bool servestale) { set_typestats(stats, (dns_rdatatype_t)i); } /* Specials */ - set_typestats(stats, dns_rdatatype_dlv); set_typestats(stats, (dns_rdatatype_t)1000); set_nxdomainstats(stats); @@ -241,8 +240,6 @@ rdatasetstats(void **state, bool servestale) { mark_stale(stats, (dns_rdatatype_t)i, 0, DNS_RDATASTATSTYPE_ATTR_STALE); } - mark_stale(stats, dns_rdatatype_dlv, 0, - DNS_RDATASTATSTYPE_ATTR_STALE); mark_stale(stats, (dns_rdatatype_t)1000, 0, DNS_RDATASTATSTYPE_ATTR_STALE); mark_nxdomain_stale(stats, 0, DNS_RDATASTATSTYPE_ATTR_STALE); @@ -259,8 +256,6 @@ rdatasetstats(void **state, bool servestale) { mark_stale(stats, (dns_rdatatype_t)i, from, DNS_RDATASTATSTYPE_ATTR_ANCIENT); } - mark_stale(stats, dns_rdatatype_dlv, from, - DNS_RDATASTATSTYPE_ATTR_ANCIENT); mark_stale(stats, (dns_rdatatype_t)1000, from, DNS_RDATASTATSTYPE_ATTR_ANCIENT); mark_nxdomain_stale(stats, from, DNS_RDATASTATSTYPE_ATTR_ANCIENT); From 37b41ff6932fa73361634bc735a0c2d17ef2718c Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Fri, 17 Jan 2020 08:41:06 +0100 Subject: [PATCH 2/3] Simplify cachedb rrset statistic counters This commit simplifies the cachedb rrset statistics in two ways: - Introduce new rdtypecounter arithmetics, allowing bitwise operations. - Remove the special DLV statistic counter. New rdtypecounter arithmetics ----------------------------- "The rdtypecounter arithmetics is a brain twister". Replace the enum counters with some defines. A rdtypecounter is now 8 bits for RRtypes and 3 bits for flags: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ | | | | | | S |NX| RRType | +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ If the 8 bits for RRtype are all zero, this is an Other RRtype. Bit 7 is the NXRRSET (NX) flag and indicates whether this is a positive (0) or a negative (1) RRset. Then bit 5 and 6 mostly tell you if this counter is for an active, stale, or ancient RRtype: S = 0x00 means Active S = 0x01 means Stale S = 0x10 means Ancient Since a counter cannot be stale and ancient at the same time, we treat S = 0x11 as a special case to deal with NXDOMAIN counters. S = 0x11 indicates an NXDOMAIN counter and in this case the RRtype field signals the expiry of this cached item: RRType = 0 means Active RRType = 1 means Stale RRType = 2 means Ancient --- lib/dns/rbtdb.c | 3 +- lib/dns/stats.c | 219 ++++++++++++++++------------- lib/dns/tests/rdatasetstats_test.c | 8 +- 3 files changed, 130 insertions(+), 100 deletions(-) diff --git a/lib/dns/rbtdb.c b/lib/dns/rbtdb.c index 4ab1a1ccb4..4c2b46c593 100644 --- a/lib/dns/rbtdb.c +++ b/lib/dns/rbtdb.c @@ -1585,7 +1585,8 @@ clean_cache_node(dns_rbtdb_t *rbtdb, dns_rbtnode_t *node) { top_next = current->next; clean_stale_headers(rbtdb, mctx, current); /* - * If current is nonexistent or stale, we can clean it up. + * If current is nonexistent, ancient, or stale and + * we are not keeping stale, we can clean it up. */ if (NONEXISTENT(current) || ANCIENT(current) || (STALE(current) && ! KEEPSTALE(rbtdb))) { diff --git a/lib/dns/stats.c b/lib/dns/stats.c index c630cb2a35..ef884d7d14 100644 --- a/lib/dns/stats.c +++ b/lib/dns/stats.c @@ -42,37 +42,57 @@ typedef enum { /*% * It doesn't make sense to have 2^16 counters for all possible types since - * most of them won't be used. We have counters for the first 256 types and - * those explicitly supported in the rdata implementation. - * XXXJT: this introduces tight coupling with the rdata implementation. - * Ideally, we should have rdata handle this type of details. + * most of them won't be used. We have counters for the first 256 types. + * + * A rdtypecounter is now 8 bits for RRtypes and 3 bits for flags: + * + * 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 + * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ + * | | | | | | S |NX| RRType | + * +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+ + * + * If the 8 bits for RRtype are all zero, this is an Other RRtype. */ +#define RDTYPECOUNTER_MAXTYPE 0x00ff + /* - * types, !types, nxdomain, stale types, stale !types, stale nxdomain, - * ancient types, ancient !types, ancient nxdomain + * + * Bit 7 is the NXRRSET (NX) flag and indicates whether this is a + * positive (0) or a negative (1) RRset. */ -enum { - /* For 0-255, we use the rdtype value as counter indices */ - rdtypecounter_others = 256, /* anything else */ - rdtypecounter_max = 257, - /* The following are used for nxrrset rdataset */ - rdtypenxcounter_max = rdtypecounter_max * 2, - /* nxdomain counter */ - rdtypecounter_nxdomain = rdtypenxcounter_max, - /* stale counters offset */ - rdtypecounter_stale = rdtypecounter_nxdomain + 1, - rdtypecounter_stale_max = rdtypecounter_stale + rdtypecounter_max, - rdtypenxcounter_stale_max = rdtypecounter_stale_max + rdtypecounter_max, - rdtypecounter_stale_nxdomain = rdtypenxcounter_stale_max, - /* ancient counters offset */ - rdtypecounter_ancient = rdtypecounter_stale_nxdomain + 1, - rdtypecounter_ancient_max = rdtypecounter_ancient + rdtypecounter_max, - rdtypenxcounter_ancient_max = rdtypecounter_ancient_max + - rdtypecounter_max, - rdtypecounter_ancient_nxdomain = rdtypenxcounter_ancient_max, - /* limit of number counter types */ - rdatasettypecounter_max = rdtypecounter_ancient_nxdomain + 1, -}; +#define RDTYPECOUNTER_NXRRSET 0x0100 + +/* + * Then bit 5 and 6 mostly tell you if this counter is for an active, + * stale, or ancient RRtype: + * + * S = 0 (0b00) means Active + * S = 1 (0b01) means Stale + * S = 2 (0b10) means Ancient + * + * Since a counter cannot be stale and ancient at the same time, we + * treat S = 0x11 as a special case to deal with NXDOMAIN counters. + */ +#define RDTYPECOUNTER_STALE (1 << 9) +#define RDTYPECOUNTER_ANCIENT (1 << 10) +#define RDTYPECOUNTER_NXDOMAIN ((1 << 9) | (1 << 10)) + +/* + * S = 0x11 indicates an NXDOMAIN counter and in this case the RRtype + * field signals the expiry of this cached item: + * + * RRType = 0 (0b00) means Active + * RRType = 1 (0b01) means Stale + * RRType = 2 (0b02) means Ancient + * + */ +#define RDTYPECOUNTER_NXDOMAIN_STALE 1 +#define RDTYPECOUNTER_NXDOMAIN_ANCIENT 2 + +/* + * The maximum value for rdtypecounter is for an ancient NXDOMAIN. + */ +#define RDTYPECOUNTER_MAXVAL 0x0602 /* dnssec maximum key id */ static int dnssec_keyid_max = 65535; @@ -174,8 +194,12 @@ isc_result_t dns_rdatatypestats_create(isc_mem_t *mctx, dns_stats_t **statsp) { REQUIRE(statsp != NULL && *statsp == NULL); - return (create_stats(mctx, dns_statstype_rdtype, rdtypecounter_max, - statsp)); + /* + * Create rdtype statistics for the first 255 RRtypes, + * plus one additional for other RRtypes. + */ + return (create_stats(mctx, dns_statstype_rdtype, + (RDTYPECOUNTER_MAXTYPE+1), statsp)); } isc_result_t @@ -183,7 +207,7 @@ dns_rdatasetstats_create(isc_mem_t *mctx, dns_stats_t **statsp) { REQUIRE(statsp != NULL && *statsp == NULL); return (create_stats(mctx, dns_statstype_rdataset, - rdatasettypecounter_max, statsp)); + (RDTYPECOUNTER_MAXVAL+1), statsp)); } isc_result_t @@ -219,48 +243,62 @@ dns_generalstats_increment(dns_stats_t *stats, isc_statscounter_t counter) { isc_stats_increment(stats->counters, counter); } +inline static +isc_statscounter_t rdatatype2counter(dns_rdatatype_t type) { + if (type > (dns_rdatatype_t)RDTYPECOUNTER_MAXTYPE) { + return 0; + } + return (isc_statscounter_t)type; +} + void dns_rdatatypestats_increment(dns_stats_t *stats, dns_rdatatype_t type) { - int counter; + isc_statscounter_t counter; REQUIRE(DNS_STATS_VALID(stats) && stats->type == dns_statstype_rdtype); - if (type > dns_rdatatype_any) - counter = rdtypecounter_others; - else - counter = (int)type; - - isc_stats_increment(stats->counters, (isc_statscounter_t)counter); + counter = rdatatype2counter(type); + isc_stats_increment(stats->counters, counter); } static inline void update_rdatasetstats(dns_stats_t *stats, dns_rdatastatstype_t rrsettype, bool increment) { - int counter; - dns_rdatatype_t rdtype; + isc_statscounter_t counter; if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) & DNS_RDATASTATSTYPE_ATTR_NXDOMAIN) != 0) { - counter = rdtypecounter_nxdomain; + counter = RDTYPECOUNTER_NXDOMAIN; + + /* + * This is an NXDOMAIN counter, save the expiry value + * (active, stale, or ancient) value in the RRtype part. + */ + if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) & + DNS_RDATASTATSTYPE_ATTR_ANCIENT) != 0) { + counter |= RDTYPECOUNTER_NXDOMAIN_ANCIENT; + } + else if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) & + DNS_RDATASTATSTYPE_ATTR_STALE) != 0) { + counter += RDTYPECOUNTER_NXDOMAIN_STALE; + } } else { - rdtype = DNS_RDATASTATSTYPE_BASE(rrsettype); - if (rdtype > dns_rdatatype_any) - counter = (int)rdtypecounter_others; - else - counter = (int)rdtype; + counter = rdatatype2counter(DNS_RDATASTATSTYPE_BASE(rrsettype)); if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) & - DNS_RDATASTATSTYPE_ATTR_NXRRSET) != 0) - counter += rdtypecounter_max; - } + DNS_RDATASTATSTYPE_ATTR_NXRRSET) != 0) { + counter |= RDTYPECOUNTER_NXRRSET; + } - if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) & - DNS_RDATASTATSTYPE_ATTR_ANCIENT) != 0) { - counter += rdtypecounter_ancient; - } else if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) & - DNS_RDATASTATSTYPE_ATTR_STALE) != 0) { - counter += rdtypecounter_stale; + if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) & + DNS_RDATASTATSTYPE_ATTR_ANCIENT) != 0) { + counter |= RDTYPECOUNTER_ANCIENT; + } + else if ((DNS_RDATASTATSTYPE_ATTR(rrsettype) & + DNS_RDATASTATSTYPE_ATTR_STALE) != 0) { + counter |= RDTYPECOUNTER_STALE; + } } if (increment) { @@ -330,10 +368,10 @@ dump_rdentry(int rdcounter, uint64_t value, dns_rdatastatstype_t attributes, dns_rdatatype_t rdtype = dns_rdatatype_none; /* sentinel */ dns_rdatastatstype_t type; - if (rdcounter == rdtypecounter_others) + if ((rdcounter & RDTYPECOUNTER_MAXTYPE) == 0) { attributes |= DNS_RDATASTATSTYPE_ATTR_OTHERTYPE; - else { - rdtype = (dns_rdatatype_t)rdcounter; + } else { + rdtype = (dns_rdatatype_t)(rdcounter & RDTYPECOUNTER_MAXTYPE); } type = DNS_RDATASTATSTYPE_VALUE((dns_rdatastatstype_t)rdtype, attributes); @@ -362,48 +400,39 @@ dns_rdatatypestats_dump(dns_stats_t *stats, dns_rdatatypestats_dumper_t dump_fn, static void rdataset_dumpcb(isc_statscounter_t counter, uint64_t value, void *arg) { rdatadumparg_t *rdatadumparg = arg; - unsigned int attributes; - bool dump = true; + unsigned int attributes = 0; - if (counter < rdtypecounter_max) { - attributes = 0; - } else if (counter < rdtypenxcounter_max) { - counter -= rdtypecounter_max; - attributes = DNS_RDATASTATSTYPE_ATTR_NXRRSET; - } else if (counter == rdtypecounter_nxdomain) { - counter = 0; - attributes = DNS_RDATASTATSTYPE_ATTR_NXDOMAIN; - } else if (counter < rdtypecounter_stale_max) { - counter -= rdtypecounter_stale; - attributes = DNS_RDATASTATSTYPE_ATTR_STALE; - } else if (counter < rdtypenxcounter_stale_max) { - counter -= rdtypecounter_stale_max; - attributes = DNS_RDATASTATSTYPE_ATTR_NXRRSET | - DNS_RDATASTATSTYPE_ATTR_STALE; - } else if (counter == rdtypecounter_stale_nxdomain) { - counter = 0; - attributes = DNS_RDATASTATSTYPE_ATTR_NXDOMAIN | - DNS_RDATASTATSTYPE_ATTR_STALE; - } else if (counter < rdtypecounter_ancient_max) { - counter -= rdtypecounter_ancient; - attributes = DNS_RDATASTATSTYPE_ATTR_ANCIENT; - } else if (counter < rdtypenxcounter_ancient_max) { - counter -= rdtypecounter_ancient_max; - attributes = DNS_RDATASTATSTYPE_ATTR_NXRRSET | - DNS_RDATASTATSTYPE_ATTR_ANCIENT; - } else if (counter == rdtypecounter_ancient_nxdomain) { - counter = 0; - attributes = DNS_RDATASTATSTYPE_ATTR_NXDOMAIN | - DNS_RDATASTATSTYPE_ATTR_ANCIENT; + if ((counter & RDTYPECOUNTER_NXDOMAIN) == RDTYPECOUNTER_NXDOMAIN) { + attributes |= DNS_RDATASTATSTYPE_ATTR_NXDOMAIN; + + /* + * This is an NXDOMAIN counter, check the RRtype part for the + * expiry value (active, stale, or ancient). + */ + if ((counter & RDTYPECOUNTER_MAXTYPE) == + RDTYPECOUNTER_NXDOMAIN_STALE) { + attributes |= DNS_RDATASTATSTYPE_ATTR_STALE; + } else if ((counter & RDTYPECOUNTER_MAXTYPE) == + RDTYPECOUNTER_NXDOMAIN_ANCIENT) { + attributes |= DNS_RDATASTATSTYPE_ATTR_ANCIENT; + } } else { - /* Out of bounds, do not dump entry. */ - dump = false; + if ((counter & RDTYPECOUNTER_MAXTYPE) == 0) { + attributes |= DNS_RDATASTATSTYPE_ATTR_OTHERTYPE; + } + if ((counter & RDTYPECOUNTER_NXRRSET) != 0) { + attributes |= DNS_RDATASTATSTYPE_ATTR_NXRRSET; + } + + if ((counter & RDTYPECOUNTER_STALE) != 0) { + attributes |= DNS_RDATASTATSTYPE_ATTR_STALE; + } else if ((counter & RDTYPECOUNTER_ANCIENT) != 0) { + attributes |= DNS_RDATASTATSTYPE_ATTR_ANCIENT; + } } - if (dump) { - dump_rdentry(counter, value, attributes, rdatadumparg->fn, + dump_rdentry(counter, value, attributes, rdatadumparg->fn, rdatadumparg->arg); - } } void diff --git a/lib/dns/tests/rdatasetstats_test.c b/lib/dns/tests/rdatasetstats_test.c index da16348bea..5969870b14 100644 --- a/lib/dns/tests/rdatasetstats_test.c +++ b/lib/dns/tests/rdatasetstats_test.c @@ -223,8 +223,8 @@ rdatasetstats(void **state, bool servestale) { result = dns_rdatasetstats_create(dt_mctx, &stats); assert_int_equal(result, ISC_R_SUCCESS); - /* First 256 types. */ - for (i = 0; i <= 255; i++) { + /* First 255 types. */ + for (i = 1; i <= 255; i++) { set_typestats(stats, (dns_rdatatype_t)i); } /* Specials */ @@ -236,7 +236,7 @@ rdatasetstats(void **state, bool servestale) { if (servestale) { /* Mark stale */ - for (i = 0; i <= 255; i++) { + for (i = 1; i <= 255; i++) { mark_stale(stats, (dns_rdatatype_t)i, 0, DNS_RDATASTATSTYPE_ATTR_STALE); } @@ -252,7 +252,7 @@ rdatasetstats(void **state, bool servestale) { } /* Mark ancient */ - for (i = 0; i <= 255; i++) { + for (i = 1; i <= 255; i++) { mark_stale(stats, (dns_rdatatype_t)i, from, DNS_RDATASTATSTYPE_ATTR_ANCIENT); } From 7135ef78eee6d45132eb13616940ba90c35805ab Mon Sep 17 00:00:00 2001 From: Matthijs Mekking Date: Wed, 15 Jan 2020 16:11:43 +0100 Subject: [PATCH 3/3] Add test for "Others" rrtype stat counter Add queries and checks for CAA RRtype in the serve-stale test. Ensure that the "Others" rrtype stat counter is incremented and decremented properly if the RRset becomes stale/ancient. The low max-stale-ttl config option needs to be increased in order to match the timing when things expire (aka become ancient). --- bin/tests/system/serve-stale/ans2/ans.pl | 10 ++ .../system/serve-stale/ns1/named2.conf.in | 2 +- bin/tests/system/serve-stale/tests.sh | 157 +++++++++++++++++- 3 files changed, 166 insertions(+), 3 deletions(-) diff --git a/bin/tests/system/serve-stale/ans2/ans.pl b/bin/tests/system/serve-stale/ans2/ans.pl index 3873847b8f..a87ebfe099 100644 --- a/bin/tests/system/serve-stale/ans2/ans.pl +++ b/bin/tests/system/serve-stale/ans2/ans.pl @@ -47,6 +47,7 @@ my $A = "ns.example 300 IN A $localaddr"; # my $TXT = "data.example 1 IN TXT \"A text record with a 1 second ttl\""; my $LONGTXT = "longttl.example 600 IN TXT \"A text record with a 600 second ttl\""; +my $CAA = "othertype.example 1 IN CAA 0 issue \"ca1.example.net\""; my $negSOA = "example 1 IN SOA . . 0 0 0 0 300"; sub reply_handler { @@ -129,6 +130,15 @@ sub reply_handler { my $rr = new Net::DNS::RR($negSOA); push @auth, $rr; $rcode = "NXDOMAIN"; + } elsif ($qname eq "othertype.example") { + if ($qtype eq "CAA") { + my $rr = new Net::DNS::RR($CAA); + push @ans, $rr; + } else { + my $rr = new Net::DNS::RR($negSOA); + push @auth, $rr; + } + $rcode = "NOERROR"; } else { my $rr = new Net::DNS::RR($SOA); push @auth, $rr; diff --git a/bin/tests/system/serve-stale/ns1/named2.conf.in b/bin/tests/system/serve-stale/ns1/named2.conf.in index 68d7860296..7ec265e631 100644 --- a/bin/tests/system/serve-stale/ns1/named2.conf.in +++ b/bin/tests/system/serve-stale/ns1/named2.conf.in @@ -27,7 +27,7 @@ options { listen-on { 10.53.0.1; }; listen-on-v6 { none; }; recursion yes; - max-stale-ttl 35; + max-stale-ttl 45; stale-answer-ttl 3; stale-answer-enable yes; }; diff --git a/bin/tests/system/serve-stale/tests.sh b/bin/tests/system/serve-stale/tests.sh index fc09c864ef..b0cfd93e9b 100755 --- a/bin/tests/system/serve-stale/tests.sh +++ b/bin/tests/system/serve-stale/tests.sh @@ -30,6 +30,7 @@ n=0 #$DIG -p ${PORT} @10.53.0.2 data.example TXT #$DIG -p ${PORT} @10.53.0.2 nodata.example TXT #$DIG -p ${PORT} @10.53.0.2 nxdomain.example TXT +#$DIG -p ${PORT} @10.53.0.2 othertype.example CAA # # First test server with serve-stale options set. @@ -54,6 +55,15 @@ grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "prime cache othertype.example ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "prime cache nodata.example ($n)" ret=0 @@ -82,6 +92,7 @@ cp ns1/named.stats ns1/named.stats.$n # Check first 10 lines of Cache DB statistics. After prime queries, we expect # two active TXT one nxrrset TXT, and one NXDOMAIN. grep -A 10 "++ Cache DB RRsets ++" ns1/named.stats.$n > ns1/named.stats.$n.cachedb || ret=1 +grep "1 Others" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "2 TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 !TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 NXDOMAIN" ns1/named.stats.$n.cachedb > /dev/null || ret=1 @@ -126,6 +137,16 @@ awk '/; answer/ { x=$0; getline; print x, $0}' ns1/named_dump.db.test$n | if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check stale othertype.example ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +grep "othertype\.example\..*2.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check stale nodata.example ($n)" ret=0 @@ -158,6 +179,7 @@ cp ns1/named.stats ns1/named.stats.$n # stale NXDOMAIN. grep -A 10 "++ Cache DB RRsets ++" ns1/named.stats.$n > ns1/named.stats.$n.cachedb || ret=1 grep "1 TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 +grep "1 #Others" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #!TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #NXDOMAIN" ns1/named.stats.$n.cachedb > /dev/null || ret=1 @@ -189,6 +211,14 @@ status=`expr $status + $ret` if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check stale othertype.example (serve-stale off) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check stale nodata.example (serve-stale off) ($n)" ret=0 @@ -230,6 +260,16 @@ grep "data\.example\..*2.*IN.*TXT.*A text record with a 1 second ttl" dig.out.te if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check stale othertype.example (serve-stale on) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +grep "othertype\.example\..*2.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check stale nodata.example (serve-stale on) ($n)" ret=0 @@ -273,6 +313,14 @@ grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check stale othertype.example (serve-stale no) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check stale nodata.example (serve-stale no) ($n)" ret=0 @@ -314,6 +362,16 @@ grep "data\.example\..*2.*IN.*TXT.*A text record with a 1 second ttl" dig.out.te if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check stale othertype.example (serve-stale yes) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +grep "othertype\.example\..*2.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check stale nodata.example (serve-stale yes) ($n)" ret=0 @@ -366,6 +424,16 @@ grep "data\.example\..*2.*IN.*TXT.*A text record with a 1 second ttl" dig.out.te if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check stale othertype.example (serve-stale reset) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +grep "othertype.example\..*2.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check stale nodata.example (serve-stale reset) ($n)" ret=0 @@ -425,7 +493,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: off (rndc) (stale-answer-ttl=3 max-stale-ttl=35)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: off (rndc) (stale-answer-ttl=3 max-stale-ttl=45)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -444,7 +512,7 @@ n=`expr $n + 1` echo_i "check 'rndc serve-stale status' ($n)" ret=0 $RNDCCMD 10.53.0.1 serve-stale status > rndc.out.test$n 2>&1 || ret=1 -grep '_default: on (rndc) (stale-answer-ttl=3 max-stale-ttl=35)' rndc.out.test$n > /dev/null || ret=1 +grep '_default: on (rndc) (stale-answer-ttl=3 max-stale-ttl=45)' rndc.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` @@ -477,6 +545,15 @@ grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "prime cache othertype.example (low max-stale-ttl) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "prime cache nodata.example (low max-stale-ttl) ($n)" ret=0 @@ -506,6 +583,7 @@ cp ns1/named.stats ns1/named.stats.$n # two active TXT RRsets, one nxrrset TXT, and one NXDOMAIN. grep -A 10 "++ Cache DB RRsets ++" ns1/named.stats.$n > ns1/named.stats.$n.cachedb || ret=1 grep "2 TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 +grep "1 Others" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 !TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 NXDOMAIN" ns1/named.stats.$n.cachedb > /dev/null || ret=1 status=`expr $status + $ret` @@ -532,6 +610,16 @@ grep "data\.example\..*3.*IN.*TXT.*A text record with a 1 second ttl" dig.out.te if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check stale othertype.example (low max-stale-ttl) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +grep "othertype\.example\..*3.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check stale nodata.example (low max-stale-ttl) ($n)" ret=0 @@ -565,8 +653,10 @@ cp ns1/named.stats ns1/named.stats.$n grep -A 10 "++ Cache DB RRsets ++" ns1/named.stats.$n > ns1/named.stats.$n.cachedb || ret=1 grep "1 TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 +grep "1 #Others" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #!TXT" ns1/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #NXDOMAIN" ns1/named.stats.$n.cachedb > /dev/null || ret=1 + status=`expr $status + $ret` if [ $ret != 0 ]; then echo_i "failed"; fi @@ -581,6 +671,15 @@ grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check ancient othertype.example (low max-stale-ttl) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.1 othertype.example CAA > dig.out.test$n +grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check ancient nodata.example (low max-stale-ttl) ($n)" ret=0 @@ -632,6 +731,16 @@ grep "data\.example\..*1.*IN.*TXT.*A text record with a 1 second ttl" dig.out.te if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "prime cache othertype.example (max-stale-ttl default) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.3 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +grep "othertype\.example\..*1.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "prime cache nodata.example (max-stale-ttl default) ($n)" ret=0 @@ -663,6 +772,7 @@ cp ns3/named.stats ns3/named.stats.$n # two active TXT RRsets, one nxrrset TXT, and one NXDOMAIN. grep -A 10 "++ Cache DB RRsets ++" ns3/named.stats.$n > ns3/named.stats.$n.cachedb || ret=1 grep "2 TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 +grep "1 Others" ns3/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 !TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 NXDOMAIN" ns3/named.stats.$n.cachedb > /dev/null || ret=1 status=`expr $status + $ret` @@ -696,6 +806,15 @@ grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check fail of othertype.example (max-stale-ttl default) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.3 othertype.example CAA > dig.out.test$n +grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check fail of nodata.example (max-stale-ttl default) ($n)" ret=0 @@ -727,8 +846,10 @@ cp ns3/named.stats ns3/named.stats.$n grep -A 10 "++ Cache DB RRsets ++" ns3/named.stats.$n > ns3/named.stats.$n.cachedb || ret=1 grep "1 TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 +grep "1 #Others" ns3/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #!TXT" ns3/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #NXDOMAIN" ns3/named.stats.$n.cachedb > /dev/null || ret=1 + status=`expr $status + $ret` if [ $ret != 0 ]; then echo_i "failed"; fi @@ -757,6 +878,16 @@ grep "data\.example\..*1.*IN.*TXT.*A text record with a 1 second ttl" dig.out.te if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check othertype.example (max-stale-ttl default) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.3 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +grep "example\..*1.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check nodata.example (max-stale-ttl default) ($n)" ret=0 @@ -810,6 +941,16 @@ grep "data\.example\..*1.*IN.*TXT.*A text record with a 1 second ttl" dig.out.te if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "prime cache othertype.example (serve-stale disabled) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.4 othertype.example CAA > dig.out.test$n +grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 1," dig.out.test$n > /dev/null || ret=1 +grep "othertype\.example\..*1.*IN.*CAA.*0.*issue" dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "prime cache nodata.example (serve-stale disabled) ($n)" ret=0 @@ -841,6 +982,7 @@ cp ns4/named.stats ns4/named.stats.$n # two active TXT RRsets, one nxrrset TXT, and one NXDOMAIN. grep -A 10 "++ Cache DB RRsets ++" ns4/named.stats.$n > ns4/named.stats.$n.cachedb || ret=1 grep "2 TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 +grep "1 Others" ns4/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 !TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 NXDOMAIN" ns4/named.stats.$n.cachedb > /dev/null || ret=1 status=`expr $status + $ret` @@ -874,6 +1016,15 @@ grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 if [ $ret != 0 ]; then echo_i "failed"; fi status=`expr $status + $ret` +n=`expr $n + 1` +echo_i "check fail of othertype.example (serve-stale disabled) ($n)" +ret=0 +$DIG -p ${PORT} @10.53.0.4 othertype.example CAA > dig.out.test$n +grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 +grep "ANSWER: 0," dig.out.test$n > /dev/null || ret=1 +if [ $ret != 0 ]; then echo_i "failed"; fi +status=`expr $status + $ret` + n=`expr $n + 1` echo_i "check fail of nodata.example (serve-stale disabled) ($n)" ret=0 @@ -905,6 +1056,7 @@ cp ns4/named.stats ns4/named.stats.$n grep -A 10 "++ Cache DB RRsets ++" ns4/named.stats.$n > ns4/named.stats.$n.cachedb || ret=1 grep "1 TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 +grep "1 #Others" ns4/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #!TXT" ns4/named.stats.$n.cachedb > /dev/null || ret=1 grep "1 #NXDOMAIN" ns4/named.stats.$n.cachedb > /dev/null || ret=1 status=`expr $status + $ret` @@ -960,6 +1112,7 @@ cp ns4/named.stats ns4/named.stats.$n # everything to be removed or scheduled to be removed. grep -A 10 "++ Cache DB RRsets ++" ns4/named.stats.$n > ns4/named.stats.$n.cachedb || ret=1 grep "#TXT" ns4/named.stats.$n.cachedb > /dev/null && ret=1 +grep "#Others" ns4/named.stats.$n.cachedb > /dev/null && ret=1 grep "#!TXT" ns4/named.stats.$n.cachedb > /dev/null && ret=1 grep "#NXDOMAIN" ns4/named.stats.$n.cachedb > /dev/null && ret=1 status=`expr $status + $ret`