mirror of
https://github.com/isc-projects/bind9.git
synced 2026-02-27 12:02:10 -05:00
fa2e4e66b0
Add two test zones that will be reconfigured to go insecure, by setting the 'dnssec-policy' option to 'none'. One zone was using inline-signing (implicitly through dnssec-policy), the other is a dynamic zone. Two tweaks to the kasp system test are required: we need to set when to except the CDS/CDS Delete Records, and we need to know when we are dealing with a dynamic zone (because the logs to look for are slightly different, inline-signing prints "(signed)" after the zone name, dynamic zones do not). |
||
|---|---|---|
| .. | ||
| ns2 | ||
| ns3 | ||
| ns4 | ||
| ns5 | ||
| ns6 | ||
| ns7 | ||
| clean.sh | ||
| kasp.conf | ||
| README | ||
| setup.sh | ||
| tests.sh | ||
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
See COPYRIGHT in the source root or https://isc.org/copyright.html for terms.
The test setup for the KASP tests.
ns1 is reserved for the root server.
ns2 is running primary service for ns3.
ns3 is an authoritative server for the various test domains.
ns4 and ns5 are authoritative servers for various test domains related to views.
ns6 is an authoritative server that tests changes in dnssec-policy.
ns7 is an authoritative server that tests a specific case where zones
using views migrate to dnssec-policy.