Available DNS/BIND test suites
bert.hubert at netherlabs.nl
Mon Jun 12 20:53:02 UTC 2006
On Fri, Jun 09, 2006 at 03:00:01PM -0700, Jim wrote:
> I've been tasked with evaluating various DNS server implementations on
> different platforms. I am looking for DNS test suites that check for
> compliance with ALL the applicable RFC's. I'm familiar with the
Ok - but be aware that RFC compliance does not mean 'works well'. It is
perfectly RFC compliant to not perform compression against the question in a
DNS packet, for example, but it breaks quite a number of residential
routers if you neglect to do so.
It appears these regard the magic sequence "0xc0 0x0c" as a sort of "Start
of answer" sequence, and not as the (optionally compressed) first answer.
'Go read the RFC already'.
> I need to check thing down to the individual bits in each packet. not
> just whether I get a response that appears to be correct.
In practice, what BIND does is 'correct'. Or inversely, if you do anything
other than BIND, you are asking for trouble. The RFCs are of secondary
importance, especially where they grant latitude.
> Any help with either a pointer additional test suites or getting either
> of the two packages I already have working would be greatly
We mostly validate against BIND and DJBDNS, those being the 'industry
Compared to many other protocols, some of the DNS RFCs are not as exacting,
or precisely worded.
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the bind-users