zonemaster-engine icon indicating copy to clipboard operation
zonemaster-engine copied to clipboard

Published 20 hours ago verified publisher icon zonemaster

Missing message tag when running Consistency06 on non-responding name servers

Open matsduf opened this issue 1 year ago • 0 comments

Using the test zones specified in https://github.com/zonemaster/zonemaster/pull/1213 we have some test zones (scenarios) where NO_RESPONSE. For some of the test zones (scenarios) the tag is outputted, for others it is not. E.g. for test zone no-response.consistency06.xa none of the name server IP addresses are responding (on purpose) but the tag is not outputted.

After some investigation I have come to the following conclusion:

For a non-responding name server to be listed in NO_RESPONSE at lease one of the following requirements must be fullfilled:

  • The zone must be available and the name serverin question must be listed in that zone as an NS.
  • The name server in question must be included in the call as "fake delegation".

In case of no-response.consistency06.xa, the zone is not available since none of the name servers for it responds. By inspecting output from tcpdump I can see that queries are sent to the non-responding name server IPs.

First running the test of the zone using the delegated path from the private root:

$ zonemaster-cli no-response.consistency06.xa --raw  --test Consistency/consistency05 --hints COMMON/hintfile --level debug | grep -vE 'EXTERNAL_QUERY|IS_BLACKLISTED|LOOKUP_ERROR|DEPENDENCY_VERSION'
   0.00 DEBUG    START_TIME   string=2023-11-13 12:30:28 +0000; time_t=1699878628
   0.00 DEBUG    TEST_ARGS   args=Zonemaster::Engine::Zone=HASH(0x55f417e47688); module=consistency; testcase=consistency05
   0.00 INFO     GLOBAL_VERSION   version=v4.7.3
   0.00 DEBUG    MODULE_VERSION   module=Zonemaster::Engine::Test::Consistency; version=v1.1.16
   0.00 DEBUG    TEST_CASE_START   testcase=consistency05
  40.26 ERROR    CHILD_ZONE_LAME   
  40.26 DEBUG    TEST_CASE_END   testcase=consistency05
  40.26 DEBUG    MODULE_END   module=Consistency

A second run with "fake delegation" added. Note that NO_RESPONSE now appear.

$ zonemaster-cli no-response.consistency06.xa --raw  --test Consistency/consistency05 --hints COMMON/hintfile --ns ns1.no-response.consistency06.xa/127.14.6.31 --ns ns2.no-response.consistency06.xa/127.14.6.32  --level debug | grep -vE 'EXTERNAL_QUERY|IS_BLACKLISTED|LOOKUP_ERROR|DEPENDENCY_VERSION|ADDED_FAKE_DELEGATION'
   0.00 DEBUG    START_TIME   string=2023-11-13 12:27:52 +0000; time_t=1699878472
   0.00 DEBUG    TEST_ARGS   args=Zonemaster::Engine::Zone=HASH(0x558fdb436290); module=consistency; testcase=consistency05
   0.00 INFO     GLOBAL_VERSION   version=v4.7.3
   0.00 DEBUG    MODULE_VERSION   module=Zonemaster::Engine::Test::Consistency; version=v1.1.16
   0.00 DEBUG    TEST_CASE_START   testcase=consistency05
   0.08 DEBUG    NO_RESPONSE   ns=ns1.no-response.consistency06.xa/127.14.6.31
   0.08 DEBUG    NO_RESPONSE   ns=ns1.no-response.consistency06.xa/127.14.6.31
   0.08 DEBUG    NO_RESPONSE   ns=ns2.no-response.consistency06.xa/127.14.6.32
   0.08 DEBUG    NO_RESPONSE   ns=ns2.no-response.consistency06.xa/127.14.6.32
   0.08 ERROR    CHILD_ZONE_LAME   
   0.08 DEBUG    TEST_CASE_END   testcase=consistency05
   0.08 DEBUG    MODULE_END   module=Consistency

matsduf avatar Nov 09 '23 16:11 matsduf