ZONE10: No multiple SOA records
Test case identifier
ZONE10
Objective
The SOA record is crucial for the DNS zone and "exactly one SOA RR should be present at the top of the zone" (RFC 1035, section 5.2). This test case will verify that the zone of the domain to be tested return exactly one SOA record.
Scope
It is assumed that Child Zone is also tested by Connectivity01. This test case will set DEBUG level on messages for non-responsive name servers.
Inputs
- "Child Zone" - The domain name to be tested.
Ordered description of steps to be taken to execute the test case
-
Obtain the set of name server IP addresses using Method4 and Method5 ("NS IP").
-
Create a SOA query for the apex of the Child Zone with RD flag unset.
-
For each name server in NS IP do:
- Send the SOA query over UDP to the name server.
- If the name server does not respond with a DNS response, then output NO_RESPONSE.
- Else, if the DNS response does not include a SOA record in the answer section, then output NO_SOA_IN_RESPONSE.
- Else, if the SOA record or records in the answer section do not have Child Zone as owner name, then output WRONG_SOA.
- Else, if the DNS response includes multiple SOA records in the answer section, then output MULTIPLE_SOA.
-
If no message is outputted for any server, then output ONE_SOA.
Outcome(s)
The outcome of this Test Case is "fail" if there is at least one message with the severity level ERROR or CRITICAL.
The outcome of this Test Case is "warning" if there is at least one message with the severity level WARNING, but no message with severity level ERROR or CRITICAL.
In other cases the outcome of this Test Case is "pass".
Message | Default severity level |
---|---|
MULTIPLE_SOA | ERROR |
NO_RESPONSE | DEBUG |
NO_SOA_IN_RESPONSE | DEBUG |
ONE_SOA | INFO |
WRONG_SOA | DEBUG |
Special procedural requirements
If either IPv4 or IPv6 transport is disabled, ignore the evaluation of the result of any test using this transport protocol. Log a message reporting on the ignored result.
Intercase dependencies
None.
Terminology
When the term "using Method" is used, names and IP addresses are fetched using the defined Methods.
The term "send" (to an IP address) is used when a DNS query is sent to a specific name server.