|Release Type||Release Number||Release Date|
|Original||CDRouter 10.7 Build 1||April 26, 2018|
|Maintenance Release 1||CDRouter 10.7 Build 2||May 2, 2017|
Note: CDRouter 10.7 includes many new features and configuration testvars. Old config files can be automatically upgraded to include all new CDRouter 10.7 testvars using the config upgrade utility.
CDRouter 10.7 Build 1 April 26, 2018
New Features and Enhancements
New package scheduler!
CDRouter now includes a built in package scheduler! This feature makes it possible to automatically schedule packages to run every day at a specific time. For more information please see this Knowledge Base article.
Support for DNS over TLS
CDRouter’s WAN DNS servers now support DNS over TLS as defined in RFC 7858.
With the addition of DNS over TLS, CDRouter’s DNS servers now support three different transports:
- Traditional DNS over UDP on port 53
- DNS over TCP on port 53
- DNS over TLS (over TCP) on port 853
For more information please see our Knowledge Base article on testing DNS over TLS with CDRouter.
New DNS over TLS test module
To facilitate the testing and adoption of support for DNS over TLS within CPE devices, a new test module, dns-tls.tcl, has been added to CDRouter. This test module adds 34 new test cases that utilize DNS over TLS as a transport.
New DNS test case for verifying privacy-enabling DNS behavior
A new DNS test case, dns_500, for verifying that the DUT’s DNS proxy does not leak DNS queries in plaintext over UDP or TCP on the WAN has been added.
This test is skipped by default. To run this test, DNS over TLS must be enabled on the DUT. In addition, the DUT must support ‘strict privacy’ for authentication as defined in Section 6.6 of RFC8310 and set the new testvar dnsUsageProfile to a value of strict-privacy.
Note that variants of this test have been added to all DNS specific test modules as well. These tests are: dns_tcp_500. dns_tls_500, ipv6_dns_500, ipv6_dns_tcp_500, and ipv6_dns_tls_500.
Support for IPv6 DNS over TLS
CDRouter’s WAN IPv6 DNS servers now also support DNS over TLS as a transport. See the announcement above for more information.
New DNS over TLS test module
To facilitate the testing and adoption of support for IPv6 DNS over TLS within CPE devices, a new test module, dns-tls-v6.tcl, has been added to CDRouter. This test module adds 29 new test cases that utilize DNS over TLS as a transport.
New ID-181 test module
A new ir181 test module has been added to CDRouter! This module includes 50 new test cases based on revision 14 of the Broadband Forum’s CWMP Interoperability and Functionality Test Plan as defined in ID-181.
Please note that ID-181 is currently in draft status within the Broadband Forum. Once approved, this test plan will be published as IR-181. Future releases of CDRouter will be updated to ensure consistency with the most recent available versions of the ID/IR-181 test plan.
CDRouter is now shipping with Release 9.0 of the BBF.069 scripts from the UNH-IOL. For a complete list of modifications included with this release, please see the bug fixes and notes section below.
New Test Modules and Test Cases
New DNS over TLS module
MODULE: dns-tls.tcl DESCRIPTION: DNS over TLS proxy and DNS failover related tests NEW TEST CASES: 35
New DNS test cases for verifying privacy-enabling DNS behavior
TEST: dns_500 MODULE: dns.tcl DESCRIPTION: Verify DNS proxy enforces DNS strict privacy usage profile
TEST: dns_tcp_500 MODULE: dns-tcp.tcl DESCRIPTION: Verify DNS proxy enforces DNS strict privacy usage profile
TEST: dns_tls_500 MODULE: dns-tls.tcl DESCRIPTION: Verify DNS proxy enforces DNS strict privacy usage profile
New IPv6 DNS over TLS module
MODULE: dns-tls-v6.tcl DESCRIPTION: IPv6 DNS over TLS proxy and DNS failover related tests NEW TEST CASES: 30
New IPv6 DNS test cases for verifying privacy-enabling DNS behavior
TEST: ipv6_dns_500 MODULE: dns-v6.tcl DESCRIPTION: Verify DNS proxy enforces DNS strict privacy usage profile
TEST: ipv6_dns_tcp_500 MODULE: dns-tcp-v6.tcl DESCRIPTION: Verify DNS proxy enforces DNS strict privacy usage profile
TEST: ipv6_dns_tls_500 MODULE: dns-tls-v6.tcl DESCRIPTION: Verify DNS proxy enforces DNS strict privacy usage profile
New IR-181 test module
MODULE: ir181.tcl DESCRIPTION: CWMP Interoperability and Functionality Test Plan NEW TEST CASES: 49
Bug Fixes and Notes
CDRouter’s utilities for migrating results from pre-10.0 systems has been deprecated. Future versions of CDRouter will not have the ability to migrate older results directly. If migration is needed, we recommend that users first install CDRouter 10.7, perform the results migration, and then upgrade to the latest release of CDRouter. [LH #3715]
Resolved an issue where CDRouter would run all tests on a ‘Restart’ of a test package, eventhough the user selected Failed only or Passed only in the Restart this package pop-up dialog. [LH #3694]
Improved the cleanup process of the additional clients created in the LAN scaling tests for wireless interfaces. [LH #3706]
Modified behavior of wireless LAN clients that become disassociated during the CDRouter scaling test cases. They will not attempt to automatically reassociate. [LH #3713]
Resolved an internal routing issue in the ipv6_ripngwan_9 that resulted in a false negative test result. [LH #3732]
Resolved an issue in the ipv6_ripngwan_100 test case in which duplicate routes were advertised by CDRouter on the WAN. [LH #3734]
Fixed an issue where CDRouter’s LAN client would try to configure a Unique Local Address (ULA) for itself even if the supportsULA testvar is set to “no”. [LH #3629]
Resolved an issue in the ipv6_ripng_100 test case in which duplicate routes were advertised by CDRouter on the WAN. [LH #3734]
Updated test cases v6_cpe_1_5_a,v6_cpe_1_5_b,v6_cpe_1_5_c, and v6_cpe_1_5_d to use the dhcpv6RestartLatency and dhcpv6PDLatency testvars. These testvars allow CDRouter to give extra time for some DUT’s to (respectively) reinitiate DHCPv6 Prefix Delegation requests and to advertise a newly-learned prefix on the LAN. [LH #3721]
Resolved a misleading log message issue in the ipv6_ndp_30 test case. [LH #3722]
The 5_092_CWMP_Faults_Upload test case has been updated to resolve an exception in cases where a TransferComplete RPC is not received. [LH #136]
CDRouter’s HTTP Cookie handling has been updated which corrects a problem in the 5_036_redirect_cookies test where an unsolicited CWMP session for a periodic Inform caused the wrong cookie value to be recorded. [LH #124]
The 5_014_DNS_server test has been updated to accommodate CPE devices which intentionally map domain names in DNS requests to mixed-case spelling. [LH #127]
All Upload and Download tests have been updated to include additional skip logic which prevents them from being run when relevant testvars are not properly configured. [LH #154]
The 5_010_Multiple_TCP_conn test case has been updated to ensure all subsequent connects include a Authentication header. [LH #155]
The unh_path and unh_base testvars have been removed and replaced with individual testvars. [LH #129]
The UNHWRAP procedure has been replaced by CDRouter’s built in SOAP validation. [LH #117]
The 5_041_maximum_SOAP_message test case has been updated to resolve an exception during the clean up procedure. [LH #158]
CDRouter 10.7 Build 2 May 2, 2018
Bug Fixes and Notes
Updated the cdrouter_mcast_110 and cdrouter_mcast_120 tests so that the testvar iptvMaxFailures will trigger when either the forwarding check fails or the joining of the group fails. Previously, the check for the joining of the group was not considered by iptvMaxFailures. Also, these tests will now abort when the total number of failures is greater than or equal to iptvMaxFailures. Previously, the tests would abort when the total number of failures was greater than iptvMaxFailures. [LH #3742]
The cdrouter_urlfilter_40 test case has been updated to include the server name indication (SNI) TLS header. [LH #3738]
The cdrouter_app_25, cdrouter_app_26, cdrouter_app_27, and cdrouter_app_28 test cases have been updated to ensure that the DUT is actively using the primary DNS server before testing for failover to other non-primary DNS servers. [LH #3729]
Updated the dhcpv6_server_3 test case to support dynamic DHCPv6 valid lifetimes on the LAN that are based on the WAN side IA_PD valid lifetime. To verify this behavior the testvar ipv6DhcpClientValidLifetime can now be set to a keyword value of
dynamicif the valid lifetime varies based on the delegated prefix received on the WAN. If set to
dynamicthis test will verify that the valid lifetime received on the LAN is less than or equal to the IA_PD valid lifetime assigned by CDRouter’s DHCPv6 server on the WAN (which is configured using the testvar dhcpv6IAValidLifetime).
Corrected the mapt_42 test case to verify that ICMPv4 Type 3 messages are translated to ICMPv6 Type 1, where appropriate. [LH #3744]
Updated the dhcpv6_pd_62 test case to verify that the advertised prefix on the LAN matches the IA_PD provided by CDRouter on the WAN, regardless of the SLA ID used by the DUT (if any). [LH #3743]
Updated the dhcpv6_pd_63 test case to take into consideration the DUT’s expected SLA ID as configured using the testvar ipv6LanSubnetId. [LH #3743]
The ipv6_urlfilter_40 test case has been updated to include the server name indication (SNI) TLS header. [LH #3738]
Updated the dhcpv6_server_9 test case to allow the DUT to provide its link-local or unique-local IPv6 address as the DNS server to IPv6 LAN clients when the testvar ipv6DNStoLAN is set to a value of no. Previously this test only allowed the DUT’s global address in this configuration. [LH #3736]
Resolved an issue (introduced in CDRouter 10.6) in which the value of the nmapPorts testvar was being ignored, resulting in all Nmap scans being performed over the default port range of 0-2048. [LH #3747]
Resolved an issue (introduced in CDRouter 10.6) in which the scan type argument was not being passed into Nmap resulting in all tests performing the scan. [LH #3749]