1 / 16

TAHI IPv6 and IPsec test suites

TAHI IPv6 and IPsec test suites. Mar 7,2000, Connectathon 2000 Hiroshi HOSHINO TAHI Project http://www.tahi.org/. Introduction. TAHI Project: Objectives Activities of TAHI IPsec IPv6 conformance test. TAHI Project: Objectives. Developing verification technology for IPv6 and IPsec

conor
Download Presentation

TAHI IPv6 and IPsec test suites

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TAHI IPv6 and IPsec test suites Mar 7,2000, Connectathon 2000 Hiroshi HOSHINO TAHI Project http://www.tahi.org/

  2. Introduction • TAHI Project: Objectives • Activities of TAHI • IPsec IPv6 conformance test

  3. TAHI Project: Objectives • Developing verification technology for IPv6 and IPsec • conformance test suites • interoperability test suites • Cooperating with KAME andcontributing quality improvement of IPv6 implementation • Making our test suites freely available

  4. Activities of TAHI • Conformance test • Interoperability test • Other activities of TAHI

  5. Conformance test suites spec. • Test coverage • IPv6 basic spec / Neighbor Discovery /Address autoconf / PathMTU / ICMPv6 /IPv6 over IPv4 tunnel / IPsec IPv6 • over 200 (6hours) tests for host and for router • Automated verification • Generating HTML based test results and log

  6. Interoperability test suites • Test scenarios • for host: IPv6 basic spec • for router: RIPng, BGP4+ • Test tools • packet analyzer, traffic generator • http://www.tahi.org/inop/

  7. Other activities of TAHI • Test report • KAME (by monthly) • Microsoft Research IPv6 (1.4 beta) • http://www.tahi.org/report/ • Interoperability test event in Japan (Sep,99) • 3com, Cisco, Ericsson, ETRI, GAYDYADE, IMAG, Microsoft, Toshiba, Hitachi, NEC, Fujitsu, Matsushita, Yamaha, NTT Software, PFU,TITECH, Linuxv6 • Provided the overview of the test results to IESG

  8. IPsec IPv6 conformance test

  9. IPsec test spec. • Test coverage • AH or ESP, Transport-mode for a host orTunnel-mode for a router • Test examples • AH with HopByHop/Dest. Options header • ESP padding, ESP with ICV • fragmented packet with AH or ESP • About 50 tests for AH, 50 tests for ESP

  10. IPsec test spec. • Requirements to a target implementation • IPsec ICMPv6 echo request and reply (no test with UDP, TCP) • off-link IPsec communication with Global address (no test with link-local address) • manual key management (no test with IKE) • IPv6 (no test with IPv4)

  11. Experience with IPsec test • Test for KAME (fbsd228+kame stable 20000214) • 97/100 tests result “PASS” • http://www.tahi.org/report/

  12. You are welcome • You are welcome to ask me for testing your implementation in this event • Demonstration is available in our booth • My booth: KAME PROJECT 403

  13. Contact points • Contact point • contact@tahi.org • http://www.tahi.org/ • Any feedback is welcome • Future plan being discussed

  14. The End

  15. Conformance Test System Architecture

  16. Element of the conformance test suites • Hardware:IBM PC • CPU: AMD-K6 200MHz Memory: 128MB • Network I/F:Ethernet, 10/100BaseT • OS: FreeBSD2.2.8, 3.2, 3.3, 3.4 • Conformance Test Tool • C++ and Perl5 (25,000 + 5,000 step) • OpenSSL0.9.2b • Conformance Test • Perl5 and original packet definition language (40,000 + 30,000 step)

More Related