#!/usr/bin/perl # # Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005 Yokogawa Electric Corporation, # IPA (Information-technology Promotion Agency, Japan). # All rights reserved. # # Redistribution and use of this software in source and binary forms, with # or without modification, are permitted provided that the following # conditions and disclaimer are agreed and accepted by the user: # # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # 3. Neither the names of the copyrighters, the name of the project which # is related to this software (hereinafter referred to as "project") nor # the names of the contributors may be used to endorse or promote products # derived from this software without specific prior written permission. # # 4. No merchantable use may be permitted without prior written # notification to the copyrighters. However, using this software for the # purpose of testing or evaluating any products including merchantable # products may be permitted without any notification to the copyrighters. # # # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHTERS, THE PROJECT AND # CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING # BUT NOT LIMITED THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS # FOR A PARTICULAR PURPOSE, ARE DISCLAIMED. IN NO EVENT SHALL THE # COPYRIGHTERS, THE PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, # INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN # CONTRACT,STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF # THE POSSIBILITY OF SUCH DAMAGE. # # $TAHI: ct/natpt/rfc2765_3.2_udp.seq,v 1.3 2001/10/11 01:41:47 akisada Exp $ # BEGIN { $V6evalTool::TestVersion = '$Name: REL_2_1_2 $'; } use V6evalTool; use natpt; checkNUT(router); # Interface $IF="Link0"; $IF1="Link1"; vCapture($IF); vCapture($IF1); %pktdesc = ( ipv4_udp => 'Send IPv4 UDP packet (Checksum OK) on link1', ipv4_udp_zero => 'Send IPv4 UDP packet (Checksum Zero) on link1', ipv4_udp_frag => 'Send IPv4 UDP fragment (Checksum OK) on link1', ipv4_udp_frag_zero => 'Send IPv4 UDP fragment (Checksum Zero) on link1', ipv6_udp => 'Recv IPv6 UDP packet on Link0', ipv6_udp_frag => 'Recv IPv6 UDP fragment on Link0', arp_nut2tn_request => 'Recv ARP request on Link1 (TN IPv4addr)', arp_tn2nut_reply => 'Send ARP reply on Link1 (TN IPv4addr)', ns_nut2tn_siit0 => 'Recv Neighbor Solicitation on Link0 (SIIT V6addr)', na_tn2nut_siit0 => 'Send Neighbor Advertisement on Link0 (SIIT V6addr)', ); $result = $V6evalTool::exitPass; $result += send_recv($IF1, 'ipv4_udp', $IF, 'ipv6_udp'); $result += send_recv($IF1, 'ipv4_udp_zero', $IF, 'ipv6_udp'); $result += send_recv($IF1, 'ipv4_udp_frag', $IF, 'ipv6_udp_frag'); $result += send_recv($IF1, 'ipv4_udp_frag_zero', $IF, ''); if($result == $V6evalTool::exitPass) { vLogHTML("

OK

"); exit $V6evalTool::exitPass; } error: vLogHTML("

NG

"); exit $V6evalTool::exitFail; ######################################################################## __END__ =head1 NAME rfc2765_3.2_udp.seq - Verify IPv6 <-> IPv4 header translation in accordance with RFC2765 [SIIT] =head1 TARGET Router =head1 SYNOPSIS rfc2765_3.2_udp.seq [-tooloption ...] -p rfc2765_3.2_udp.def =head1 INITIALIZATION =begin html

	Before this test starts, run initialize.seq.

=end html =head1 TEST PROCEDURE This test verifies that NUT adjusts header checksum for UDP packets. Network Topology Link0 -------------------------- | | TN NUT | | -------------------------- Link1 TN -- (Link0) -- NUT NUT -- (Link1) -- TN --------------------- ------------------------ =begin html

1.1. <=================== IPv4 UDP packet IPv4 Header src address : TN LINK1 IPv4 address dst address : TN LINK0 IPv4 address Don't Fragment = 1 UDP packet Checksum including IPv4 pseudo header data = repeat(0xff,64) 1.2. <> <=================== IPv6 UDP packet IPv6 Header src address : TN LINK1 IPv4 embedded IPv6 address dst address : TN LINK0 IPv4 embedded IPv6 address UDP packet Checksum including IPv6 pseudo header data = repeat(0xff,64) =begin html

2.1. <=================== IPv4 UDP packet IPv4 Header src address : TN LINK1 IPv4 address dst address : TN LINK0 IPv4 address Don't Fragment = 1 UDP packet Checksum = 0xffff (zero checksum) data = repeat(0xff,64) 2.2. <> <=================== IPv6 UDP packet IPv6 Header src address : TN LINK1 IPv4 embedded IPv6 address dst address : TN LINK0 IPv4 embedded IPv6 address UDP packet Checksum including IPv6 pseudo header data = repeat(0xff,64) =begin html

3.1. <=================== IPv4 UDP packet IPv4 Header src address : TN LINK1 IPv4 address dst address : TN LINK0 IPv4 address MF = 1 UDP packet Checksum including IPv4 pseudo header data = repeat(0xff,64) 3.2. <> <=================== IPv6 UDP packet IPv6 Header src address : TN LINK1 IPv4 embedded IPv6 address dst address : TN LINK0 IPv4 embedded IPv6 address Fragment Header More fragments = 1 UDP packet Checksum including IPv6 pseudo header data = repeat(0xff,64) =begin html

4.1. <=================== IPv4 UDP packet IPv4 Header src address : TN LINK1 IPv4 address dst address : TN LINK0 IPv4 address MF = 1 UDP packet Checksum = 0xffff (zero checksum) data = repeat(0xff,64) 4.2. <> Packet is silently dropped =head1 JUDGMENT << PASS >> NUT adjusts header checksum for UDP packets with checksum and recalculates it for UDP packets with zero checksum. Fragmented UDP packets with zero checksum are silently dropped. << FAIL >> NUT send UDP packets with wrong checksum, or doesn't drop fragmented UDP with zero checksum. =head1 NOTE =head1 REFERENCE B 3.2. Translating UDP over IPv4 If a UDP packet has a zero UDP checksum then a valid checksum must be calculated in order to translate the packet. A stateless translator can not do this for fragmented packets but [MILLER] indicates that fragmented UDP packets with a zero checksum appear to only be used for malicious purposes. Thus this is not believed to be a noticeable limitation. When a translator receives the first fragment of a fragmented UDP IPv4 packet and the checksum field is zero the translator SHOULD drop the packet and generate a system management event specifying at least the IP addresses and port numbers in the packet. When it receives fragments other than the first it SHOULD silently drop the packet, since there is no port information to log. When a translator receives an unfragmented UDP IPv4 packet and the checksum field is zero the translator MUST compute the missing UDP checksum as part of translating the packet. Also, the translator SHOULD maintain a counter of how many UDP checksums are generated in this manner. =head1 SEE ALSO perldoc V6evalTool =cut