[ldns-users] drill question
bert hubert
bert.hubert at netherlabs.nl
Sat Jul 4 21:47:18 UTC 2009
On Sat, Jul 4, 2009 at 12:58 AM, Jelte Jansen<jelte at nlnetlabs.nl> wrote:
>> Can you tell me what I am doing wrong?
>>
>
> You're doing nothing wrong, in fact, you have discovered not one, but two bugs
> in the way drill verifies single packets :/
> Anyway, thanks for reporting it just before we were about to release 1.6.0, I
> think i have fixed it in the svn trunk now. I want to do a little more testing
> next week, and if everything seems ok, this will be fixed in 1.6.0, due for
> release very shortly now.
I can confirm this is fixed in svn, thanks! At least now I have a
third party tool to verify I'm emitting valid data :-)
(drill talking to PowerDNS experiment: )
$ ./drill -k example.com.key -D example.com @127.0.0.1 dnskey -p 5300
;; Number of trusted keys: 1
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 16328
;; flags: qr aa rd ; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; example.com. IN DNSKEY
;; ANSWER SECTION:
example.com. 3600 IN DNSKEY 257 3 5
AwEAAYW43PuM/1B4v9S5NL2jrTgAm7znHNVGROkcBzcSOKdAiB7qqVE8YPEXQT7lMJr1rGAfYUiEF2l2R8Ee0uvu5S7Ud7zXVCH5Eo91hokRbdGzwQhPRkFpaTZC1/+F3PhMK4/KMOn60+cZ+X8px79sXW90NNtJM31DOEW2iy+uKOi+OXKwZZImyxXkjjvXlGEyTJOWLMdrwao6/VM6vKfu7TRNPYMsxHrRY6tJ0wFKRm7p8sd0N6lE3gIVWZL/bu/SWr6YjAF06dDWXyS2LpmNtU8LegBt1z6lTpuEHrThmK8fx6xtBASpehyyMPojoU+nsMgDYafz+SuFBzjYUqqcWUE=
;{id = 28954 (ksk), size = 2048b}
example.com. 3600 IN DNSKEY 256 3 5
AwEAAa+cj6FWhpLx1BtIGeEKiqqahttZyLdpnF3dauezSWf2X00SHVTDtIiKDeSW/3vLmDTXlg2mIIszXdA+ZKNQ4il7yqcBbhGHQSidO24fZQk9IDQMfbJs7aLKQhhWDvlYWSrYZRL2aBAhGuFHMOvMeWxWwQ5iw5IotuaTLVSgtdxL
;{id = 4551 (zsk), size = 1024b}
example.com. 3600 IN RRSIG DNSKEY 5 2 3600 20090716000000
20090702000000 4551 example.com.
CZpAZOasOxuFi4t+6n+k16xafIsVlvovR7a3x1H3o/G7E+J2wDaSZ0vyLaNo3nzyTE7cgE/JmnwwjI6GMWfnt6c8L98ASQIsa3N6Xard42IxbqQt5CGjj7HQGvo8NyklWLAgmcylM1XZoWNM5jTBgEfdekCcDsCwsdB9zZUJpAA=
;{id = 4551}
example.com. 3600 IN RRSIG DNSKEY 5 2 3600 20090716000000
20090702000000 28954 example.com.
gC6smfJFuyg/TfF2NJVLigGLdsVQJU/sTEPvtfBtrbXRBLbTZLlMvnP5oWHsoRx9+DtREg3WZ8GZ/uwW+wJP5Y1Jxn35uNPXfjHbM5/4i01/F8KIt9vEG7dD1+WcHgfEeZHvOGIQeeCMEUSA23hGx4khiBvx9lKb31RzS7dYaw+rYx3zuvnk62cDxvQrS8Bsd7TYOmXfRb/PF7Bc/2swPoyZ5r9g3CSLDzyfeBmJs8mmDzl3EHGzmT7XAkyxjEjVjIvzvmjF7TBX7TwprUj1Q6YEzlHQqBrdsoEJ6a/TzbEk7LeaIANTwbUO+7GAKiIFu8b05vaat+GPv4k0g+sBAA==
;{id = 28954}
;; AUTHORITY SECTION:
;; ADDITIONAL SECTION:
;; Query time: 38 msec
;; EDNS: version 0; flags: do ; udp: 2800
;; SERVER: 127.0.0.1
;; WHEN: Sat Jul 4 23:43:07 2009
;; MSG SIZE rcvd: 934
; example.com. 3600 IN DNSKEY 257 3 5
AwEAAYW43PuM/1B4v9S5NL2jrTgAm7znHNVGROkcBzcSOKdAiB7qqVE8YPEXQT7lMJr1rGAfYUiEF2l2R8Ee0uvu5S7Ud7zXVCH5Eo91hokRbdGzwQhPRkFpaTZC1/+F3PhMK4/KMOn60+cZ+X8px79sXW90NNtJM31DOEW2iy+uKOi+OXKwZZImyxXkjjvXlGEyTJOWLMdrwao6/VM6vKfu7TRNPYMsxHrRY6tJ0wFKRm7p8sd0N6lE3gIVWZL/bu/SWr6YjAF06dDWXyS2LpmNtU8LegBt1z6lTpuEHrThmK8fx6xtBASpehyyMPojoU+nsMgDYafz+SuFBzjYUqqcWUE=
;{id = 28954 (ksk), size = 2048b}
example.com. 3600 IN DNSKEY 256 3 5
AwEAAa+cj6FWhpLx1BtIGeEKiqqahttZyLdpnF3dauezSWf2X00SHVTDtIiKDeSW/3vLmDTXlg2mIIszXdA+ZKNQ4il7yqcBbhGHQSidO24fZQk9IDQMfbJs7aLKQhhWDvlYWSrYZRL2aBAhGuFHMOvMeWxWwQ5iw5IotuaTLVSgtdxL
;{id = 4551 (zsk), size = 1024b}
; VALIDATED by id = 4551, owner = example.com.
More information about the ldns-users
mailing list