Skip to content

Latest commit

 

History

History
90 lines (57 loc) · 3.92 KB

README.rst

File metadata and controls

90 lines (57 loc) · 3.92 KB

DNS test harness (Deckard)

Deckard is a DNS software testing tool that creates a controlled network environment for reproducible tests.

In essence, it works like this:

  • Deckard runs given binaries as subprocesses in an isolated network environment.
  • When binaries are up, Deckard sends scripted queries and checks replies.
  • When a binary attempts to contact another server, Deckard intercepts the communication and replies with scripted answer.
  • Deckard can simulate network issues, DNS environment changes, and fake time (for DNSSEC validation tests).

No changes to real network setup are required because all network communications are redirected over UNIX sockets (and recorded to PCAP).

Test cases are described by scenarios that contain:

  • A declarative description of the environment (e.g. what queries can the binary under test make and what Deckard should answer)
  • A sequence of queries (and expected answers), and other events (e.g. time jumps forward)

Requirements

Deckard requires following software to be installed:

  • Python >= 3.3
  • dnspython - DNS library for Python
  • Jinja2 - template engine for generating config files
  • PyYAML - YAML parser for Python
  • custom C libraries (installed automatically, see below)

For convenient use it is strongly recommended to have a C compiler, Git, and make available. First execution of make will automatically download and compile following libraries:

Compatibility

Works well on Linux, Mac OS X [1] and probably all BSDs. Tested with Knot DNS Resolver, Unbound, and PowerDNS Recursor. It should work with other software as well as long as all functions used by the binary under test are supported by our modified socket_wrapper.

[1]Python from Homebrew must be used, as the built-in Python is protected by the CSR from OS X 10.11 and prevents library injection.

Usage

License

See LICENSE file.

Acknowledgments

The test scenario design and a lot of tests were written by NLnet Labs for testbound suite used by Unbound (BSD licensed). We are grateful that testbound authors are willing to discuss further Deckard development.

The original test case format is described in the header file replay.h distributed with Unbound.

Contacting us

Please report problems to our GitLab: https://gitlab.labs.nic.cz/knot/deckard/issues

If you have any comments feel free to send e-mail to knot-dns@labs.nic.cz! Do not get confused by the name, we are happy if you want to use Deckard with any software.

Happy testing.