Listen Address
Test suite to validate DNS Proxy listen-address configuration. It simply configures a DNS server that may or may not block queries or even servers.
IPv4 Address
Description
DUT0 is configured on a specific IPv4 address and checked by the local resolver to see if it works as expected.
Scenario
Step 1: Set the following configuration in DUT0:
set system certificate trust running://certs/remote.dns-server.crt set service dns proxy server-name RD set service dns proxy static RD protocol dns-over-https host name remote.dns set service dns proxy static RD protocol dns-over-https ip 10.215.168.1 set service dns proxy static RD protocol dns-over-https hash 029f30c34b083de26ae4e176db2577cb64913132c357003e2fa24228571c3b1d set service dns proxy listen-address 10.215.168.10 port 53 set service dns resolver name-server 10.215.168.10
Step 2: Run command show host lookup teldat.com type A at DUT0 and check if output contains the following tokens:
teldat.com has address 19.18.17.16Show output
teldat.com has address 19.18.17.16
IPv4 Address With Port Changed
Description
DUT0 is configured on a specific IPv4 address and a different port, then checked by the local resolver to see if it works properly.
Scenario
Step 1: Set the following configuration in DUT0:
set system certificate trust running://certs/remote.dns-server.crt set service dns proxy server-name RD set service dns proxy static RD protocol dns-over-https host name remote.dns set service dns proxy static RD protocol dns-over-https ip 10.215.168.1 set service dns proxy static RD protocol dns-over-https hash 029f30c34b083de26ae4e176db2577cb64913132c357003e2fa24228571c3b1d set service dns proxy listen-address 10.215.168.10 port 5353 set service dns resolver local set service dns forwarding name-server 10.215.168.10 port 5353
Step 2: Run command show host lookup teldat.com type A at DUT0 and check if output contains the following tokens:
teldat.com has address 19.18.17.16Show output
teldat.com has address 19.18.17.16
IPv6 Address
Description
DUT0 is configured on an specific IPv6 address and then it is checked the local resolver works as expected.
Scenario
Step 1: Set the following configuration in DUT0:
set interfaces ethernet eth1 address 10::2/64
Step 2: Ping IP address 10::2 from DUT0:
admin@DUT0$ ping 10::2 count 1 size 56 timeout 1Show output
PING 10::2(10::2) 56 data bytes 64 bytes from 10::2: icmp_seq=1 ttl=64 time=0.021 ms --- 10::2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.021/0.021/0.021/0.000 ms
Step 3: Set the following configuration in DUT0:
set system certificate trust running://certs/remote.dns-server.crt set service dns proxy server-name RD set service dns proxy static RD protocol dns-over-https host name remote.dns set service dns proxy static RD protocol dns-over-https ip 10.215.168.1 set service dns proxy static RD protocol dns-over-https hash 029f30c34b083de26ae4e176db2577cb64913132c357003e2fa24228571c3b1d set service dns proxy listen-address 10::2 port 53 set service dns resolver name-server 10::2
Step 4: Run command show host lookup teldat.com type A at DUT0 and check if output contains the following tokens:
teldat.com has address 19.18.17.16Show output
teldat.com has address 19.18.17.16
IPv6 Address With Port Changed
Description
DUT0 is configured on an specific IPv6 address and a different port and then it is checked the local resolver works as expected.
Scenario
Step 1: Set the following configuration in DUT0:
set interfaces ethernet eth1 address 10::2/64
Step 2: Ping IP address 10::2 from DUT0:
admin@DUT0$ ping 10::2 count 1 size 56 timeout 1Show output
PING 10::2(10::2) 56 data bytes 64 bytes from 10::2: icmp_seq=1 ttl=64 time=0.022 ms --- 10::2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.022/0.022/0.022/0.000 ms
Step 3: Set the following configuration in DUT0:
set system certificate trust running://certs/remote.dns-server.crt set service dns proxy server-name RD set service dns proxy static RD protocol dns-over-https host name remote.dns set service dns proxy static RD protocol dns-over-https ip 10.215.168.1 set service dns proxy static RD protocol dns-over-https hash 029f30c34b083de26ae4e176db2577cb64913132c357003e2fa24228571c3b1d set service dns proxy listen-address 10::2 port 5353 set service dns resolver local set service dns forwarding name-server 10::2 port 5353
Step 4: Run command show host lookup teldat.com type A at DUT0 and check if output contains the following tokens:
teldat.com has address 19.18.17.16Show output
teldat.com has address 19.18.17.16