Skip to content
/ dnssec-validator-test Public

Test a recursive DNS validator endpoint to see if it supports DNSSEC per the tentative requirements in ballot SC-085.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

birgelee/dnssec-validator-test

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
test-resolver.sh
test-resolver.sh
 
 

Repository files navigation

dnssec-validator-test

Test a recursive DNS validator endpoint to see if it supports DNSSEC per the tentative requirements in ballot SC-085.

Useage

./test-resolver.sh <IP Address of DNS Resolver Being Tested>

OR

./test-resolver.sh

If no resolver IP address is specified, the system default DNS resolver is used.

The script will echo ALL TESTS PASSED with a 0 exit code if successful.

A non-zero exit code or any test marked "FAILED" indicates a failure.

A note on blackhole.caatestsuite-dnssec.com

blackhole.caatestsuite-dnssec.com involves a DNS server that does not answer a query. The resolver may stall on this query potentially causing the dig client to time out (potentially causing a failed test as the required "SERVFAIL" message is not observed). Many resolvers maintain negative caches so this can be alleviated by trying again. If the problem persists, try adjusting the dig command's timeout or the DNS resolver's timeout.

About

Test a recursive DNS validator endpoint to see if it supports DNSSEC per the tentative requirements in ballot SC-085.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages